A Comprehensive Cybersecurity Defense Framework for Large Organizations

There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing...

Full description

Bibliographic Details
Main Author: Smith, Willarvis
Format: Others
Published: NSUWorks 2019
Subjects:
Online Access:https://nsuworks.nova.edu/gscis_etd/1083
https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=2081&context=gscis_etd
id ndltd-nova.edu-oai-nsuworks.nova.edu-gscis_etd-2081
record_format oai_dc
spelling ndltd-nova.edu-oai-nsuworks.nova.edu-gscis_etd-20812019-10-20T04:16:08Z A Comprehensive Cybersecurity Defense Framework for Large Organizations Smith, Willarvis There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient. This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework. The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached. 2019-01-01T08:00:00Z dissertation application/pdf https://nsuworks.nova.edu/gscis_etd/1083 https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=2081&context=gscis_etd CCE Theses and Dissertations NSUWorks comprehensive cyber defense cyber defense cybersecurity frameworks large organizations Communication Communication Technology and New Media Computer Sciences Engineering Social and Behavioral Sciences
collection NDLTD
format Others
sources NDLTD
topic comprehensive cyber defense
cyber defense
cybersecurity
frameworks
large organizations
Communication
Communication Technology and New Media
Computer Sciences
Engineering
Social and Behavioral Sciences
spellingShingle comprehensive cyber defense
cyber defense
cybersecurity
frameworks
large organizations
Communication
Communication Technology and New Media
Computer Sciences
Engineering
Social and Behavioral Sciences
Smith, Willarvis
A Comprehensive Cybersecurity Defense Framework for Large Organizations
description There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient. This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework. The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached.
author Smith, Willarvis
author_facet Smith, Willarvis
author_sort Smith, Willarvis
title A Comprehensive Cybersecurity Defense Framework for Large Organizations
title_short A Comprehensive Cybersecurity Defense Framework for Large Organizations
title_full A Comprehensive Cybersecurity Defense Framework for Large Organizations
title_fullStr A Comprehensive Cybersecurity Defense Framework for Large Organizations
title_full_unstemmed A Comprehensive Cybersecurity Defense Framework for Large Organizations
title_sort comprehensive cybersecurity defense framework for large organizations
publisher NSUWorks
publishDate 2019
url https://nsuworks.nova.edu/gscis_etd/1083
https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=2081&context=gscis_etd
work_keys_str_mv AT smithwillarvis acomprehensivecybersecuritydefenseframeworkforlargeorganizations
AT smithwillarvis comprehensivecybersecuritydefenseframeworkforlargeorganizations
_version_ 1719270680968560640