Search results

The information security field requires standardised education. This could be based on generic job profiles and a standard competence framework. The question is whether this is possible and feasible. To find out, the author did a case study: developing an information security master curriculum based on a generic PVIB job profile and the underlying competence framework e-CF.

The research is a case study, using Design Science. Starting point is the specification of the learning goals for a cybersecurity master curriculum, using a generic PvIB job profile and the underlying competence framework e-CF. The curriculum has subsequently been developed, using backward design. Thereafter, the curriculum has been submitted for accreditation to test the successfulness of the approach.

A generic job profile and a competence framework such as the e-CF support the development of standardised education. The generic PVIB job profile used works well. The e-CF can be useful, but requires modifications and the introduction of sub-competences. However, the main complaint concerning the e-CF is the use of examples instead of mandatory content.

Competence frameworks are available to formulate job descriptions, and are also suited for developing standardised education. Little research has been done on this. This case study shows that a competence framework is a useful tool for developing standardised education, although the e-CF may not be the most appropriate.

The use of mobile digital devices requires secure behaviour while using these devices. To influence this behaviour, one should be able to adequately measure the behaviour. The purpose of this study is to establish a model for measuring secure behaviour, and to use this model to measure the secure behaviour of individuals while using mobile digital devices such as smartphones and laptops.

Based on a wide-ranging questionnaire (N = 1000), this study investigates the degree of influence that a relatively large number of factors have on secure behaviour while using mobile digital devices. These factors include knowledge and cognitive attitude, but also affective attitude, as well as several types of bias.

This study has provided a model for measuring secure behaviour. The results of the measurements show that knowledge, bias, cognitive attitude and affective attitude all have impact on secure behaviour while using mobile digital devices. Moreover, none of these factors is of minor importance.

This study shows that it is important to also consider previously undervalued factors, such as affective attitude and various types of bias, when designing interventions to improve secure behaviour while using mobile digital devices.

Most research on secure behaviour has only looked at a small number of influencing factors, usually limited to knowledge and cognitive attitude. This study shows that one needs a more elaborate model for measuring secure behaviour, and that previously undervalued factors have a clear influence on secure behaviour.

The defence against ICT attacks requires detection of probes as early as possible. The earlier an attack is discovered, the more time defenders of systems have to take appropriate counter‐measures. This article discusses a stealth tracing technique called Subliminal Traceroute and the development of a software tool that implements this technique. The tool offers detection features, as well as a counter‐intelligence feature which tries to pin‐point the attacker.