A Comprehensive Cybersecurity Defense Framework for Large Organizations
There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing...
Main Author: | |
---|---|
Format: | Others |
Published: |
NSUWorks
2019
|
Subjects: | |
Online Access: | https://nsuworks.nova.edu/gscis_etd/1083 https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=2081&context=gscis_etd |
id |
ndltd-nova.edu-oai-nsuworks.nova.edu-gscis_etd-2081 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-nova.edu-oai-nsuworks.nova.edu-gscis_etd-20812019-10-20T04:16:08Z A Comprehensive Cybersecurity Defense Framework for Large Organizations Smith, Willarvis There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient. This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework. The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached. 2019-01-01T08:00:00Z dissertation application/pdf https://nsuworks.nova.edu/gscis_etd/1083 https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=2081&context=gscis_etd CCE Theses and Dissertations NSUWorks comprehensive cyber defense cyber defense cybersecurity frameworks large organizations Communication Communication Technology and New Media Computer Sciences Engineering Social and Behavioral Sciences |
collection |
NDLTD |
format |
Others
|
sources |
NDLTD |
topic |
comprehensive cyber defense cyber defense cybersecurity frameworks large organizations Communication Communication Technology and New Media Computer Sciences Engineering Social and Behavioral Sciences |
spellingShingle |
comprehensive cyber defense cyber defense cybersecurity frameworks large organizations Communication Communication Technology and New Media Computer Sciences Engineering Social and Behavioral Sciences Smith, Willarvis A Comprehensive Cybersecurity Defense Framework for Large Organizations |
description |
There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient.
This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework.
The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached. |
author |
Smith, Willarvis |
author_facet |
Smith, Willarvis |
author_sort |
Smith, Willarvis |
title |
A Comprehensive Cybersecurity Defense Framework for Large Organizations |
title_short |
A Comprehensive Cybersecurity Defense Framework for Large Organizations |
title_full |
A Comprehensive Cybersecurity Defense Framework for Large Organizations |
title_fullStr |
A Comprehensive Cybersecurity Defense Framework for Large Organizations |
title_full_unstemmed |
A Comprehensive Cybersecurity Defense Framework for Large Organizations |
title_sort |
comprehensive cybersecurity defense framework for large organizations |
publisher |
NSUWorks |
publishDate |
2019 |
url |
https://nsuworks.nova.edu/gscis_etd/1083 https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=2081&context=gscis_etd |
work_keys_str_mv |
AT smithwillarvis acomprehensivecybersecuritydefenseframeworkforlargeorganizations AT smithwillarvis comprehensivecybersecuritydefenseframeworkforlargeorganizations |
_version_ |
1719270680968560640 |