Abstract
Cyber-security incidents show how difficult it is to make optimal strategic decisions in such a complex environment. Given that it is hard for researchers to observe organisations’ decision-making processes driving cyber-security strategy, we developed a board game that mimics this real-life environment and shows the challenges of decision-making. We observed cyber-security experts participating in the game. The results showed that decision-makers who performed poorly tended to employ heuristics, leading to fallacious decision approaches (overreaction strategies in place of proactive ones), and were not always aware of their poor performances. We advocate the need for decision support tools that capture this complex dynamic nature.
Subject
Information Systems and Management,Computer Networks and Communications,Modeling and Simulation,Control and Systems Engineering,Software
Reference85 articles.
1. Information security breaches and IT security investments: Impacts on competitors;Christina;Inf. Manag.,2019
2. Can financial incentives help with the struggle for security policy compliance?
3. 200,000+ Systems Affected by WannaCry Ransom Attackhttps://www.statista.com/chart/9399/wannacry-cyber-attack-in-numbers
4. The Great Bank Robbery: The Carbanak APThttps://securelist.com/the-great-bank-robbery-the-carbanak-apt/68732/
5. Het Is Oorlog Maar Niemand Die Het Ziet;Modderkolk,2019
Cited by
9 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献