Decision-Makers’ Understanding of Cyber-Security’s Systemic and Dynamic Complexity: Insights from a Board Game for Bank Managers

Author:

Zeijlemaker Sander,Rouwette Etiënne A. J. A.,Cunico GiovanniORCID,Armenia StefanoORCID,von Kutzschenbach MichaelORCID

Abstract

Cyber-security incidents show how difficult it is to make optimal strategic decisions in such a complex environment. Given that it is hard for researchers to observe organisations’ decision-making processes driving cyber-security strategy, we developed a board game that mimics this real-life environment and shows the challenges of decision-making. We observed cyber-security experts participating in the game. The results showed that decision-makers who performed poorly tended to employ heuristics, leading to fallacious decision approaches (overreaction strategies in place of proactive ones), and were not always aware of their poor performances. We advocate the need for decision support tools that capture this complex dynamic nature.

Publisher

MDPI AG

Subject

Information Systems and Management,Computer Networks and Communications,Modeling and Simulation,Control and Systems Engineering,Software

Reference85 articles.

1. Information security breaches and IT security investments: Impacts on competitors;Christina;Inf. Manag.,2019

2. Can financial incentives help with the struggle for security policy compliance?

3. 200,000+ Systems Affected by WannaCry Ransom Attackhttps://www.statista.com/chart/9399/wannacry-cyber-attack-in-numbers

4. The Great Bank Robbery: The Carbanak APThttps://securelist.com/the-great-bank-robbery-the-carbanak-apt/68732/

5. Het Is Oorlog Maar Niemand Die Het Ziet;Modderkolk,2019

Cited by 9 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. A collaborative cybersecurity framework for higher education;Information & Computer Security;2024-09-12

2. A Review of Attacker–Defender Games and Cyber Security;Games;2024-08-14

3. Measuring Malware Detection Capability for Security Decision Making;2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW);2024-07-08

4. Gamification in cybersecurity education; a state of the art review and research agenda;Journal of Applied Research in Higher Education;2024-06-10

5. Facilitating learning at multiple levels with Systems Thinking‐assisted serious games: Insights from the SUSTAIN project;Systems Research and Behavioral Science;2024-05-24

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3