Theoretical Foundations for Developing Cybersecurity Training

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9179)


Cybersecurity is a computer term regarding the detection, anticipation, and prevention of computer technologies and peripherals from damage, attack, or unauthorized access. These technologies include the monitoring of networks, programs, applications, and personnel. Cybersecurity can be viewed from both an offensive or defensive posture involving maintaining and proactively assessing security vulnerabilities. In 2013, Edward Snowden used his position as an infrastructure analyst to leak thousands of top-secret classified documents detailing the U.S. Government’s global covert surveillance and eavesdropping undertakings to the public. This incident identified the human threat as a contributing factor that highlighted several weaknesses in the present state of U.S. cybersecurity affairs. In efforts to strengthen cyber defenses, a solid theoretical research foundation regarding cyber vulnerabilities is warranted. Building upon that foundation, training and experimentation can provide insight into current cybersecurity training methods and how they can be transitioned and implemented into future training regimens.


Cybersecurity Human component Virtual and gaming environments 


  1. 1.
    Greenwald, G., MacAskill, E., Poitras, L.: Edward Snowden: the whistleblower behind the NSA surveillance revelations. The Guardian 11 June 2013Google Scholar
  2. 2.
    Hansen, L., Nissenbaum, H.: Digital disaster, cyber security, and the copenhagen school. Int. Stud. Quart. 53(4), 1155–1175 (2009)CrossRefGoogle Scholar
  3. 3.
    McDowell, M., Householder, A.: US-CERT, 6 May 2009. Accessed 18 February 2015
  4. 4.
    Managing Information Security Risk, U.S. Department of Commerce, Gaithersburg (2011)Google Scholar
  5. 5.
    National Institute of Standards and Technology, U.S. Department of Commerce, 1 April 2014. Accessed 17 February 2015
  6. 6.
    Vacca, J.R.: Guarding against network intrusion. In: Computer and Information Security Handbook, pp. 86–87. Elsevier, Waltham (2013)Google Scholar
  7. 7.
    Patriciu, V.-V., Furtuna, A.C.: Guide for designing cyber security exercises. In: Proceedings of the 8th WSEAS International Conference on E-Activities and Information Security and Privacy (2009)Google Scholar
  8. 8.
    Munir, A., Lukman, S., Muhammad, K., Al-Maimani, M.: Human errors in information security. Int. J. 1(3), (2012)Google Scholar
  9. 9.
    Kenyon, H.: SMBs Ignoring Insider Threats. InformationWeek, 23 June 2014Google Scholar
  10. 10.
    Greitzer, F.L., Moore, A.P., Cappelli, D.M., Andrews, D.H., Carroll, L.A., Hull, T.D.: Combating the insider cyber threat. Secur. Priv. IEEE 6(1), 61–64 (2008)CrossRefGoogle Scholar
  11. 11.
    Hald, S.L., Pedersen, J.M.: An updated taxonomy for characterizing hackers according to thier threat properties. In: 2012 14th International Conference on Advanced Communication Technology (ICACT). IEEE (2012)Google Scholar
  12. 12.
    Gold, S.: Cyber-psychopathy: what goes on in a hacker’s head. Eng. Technol. Mag. 9(1), 20 (2014)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Cox, E.: Ahmed Al-Khabaz expelled from Dawson College after finding security flaw. National Post, 20 January 2013Google Scholar
  14. 14.
    Statement Before the Senate Appropriations Committee. The Federal Bureau of Investigation, 12 June 2013Google Scholar
  15. 15.
    Lynn, W.J.: Defending a new domain: the pentagon’s cyberstrategy. Foreign Aff. 89(5), 101 (2010)Google Scholar
  16. 16.
    Harris, E.A.: Target Executive Resigns After Breach. The New York Times, 5 March 2014Google Scholar
  17. 17.
    Platsis, G.: The Real Vulnerability of the Cyberworld: You and I, Adelphi (2015)Google Scholar
  18. 18.
    Roman, J.: Cost of Mitigating the Insider Threat (2013)Google Scholar
  19. 19.
    Stanescu, I.A., Stefan, A.: Interoperability in serious games. In: The 7th International Scientific Conference eLearning and Software for Education, Bucharest (2011)Google Scholar
  20. 20.
    DoD Cyber Awareness Challenge Training, U.S. Army, 2015. Accessed 18 February 2015
  21. 21.
    SIMTRAY, University of Maryland University College, 2014. Accessed 16 February 2015Google Scholar
  22. 22.
    Stewart, K.E., Humphries, J.W., Andel, T.R.: Developing a virtualization platform for courses in networking, systems administration and cyber security education. In: Proceedings of the 2009 Spring Simulation Multiconference (2009)Google Scholar
  23. 23.
    Williams, C., Meinel, C.: Online assessment for hands-on cyber security training in a virtual lab. In: Global Engineering Education Conference (EDUCON). IEEE (2012)Google Scholar
  24. 24.
    Sawyer, B.D., Finomore, V.S., Funke, G.J., Mancuso, V.F., Funke, M.E., Matthews, G., Warm, J.S.: Cyber vigilance: effects of signal probability and event rate. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Institute for Simulation and TrainingUniversity of Central FloridaOrlandoUSA

Personalised recommendations