Improving data quality for human-as-a-security-sensor. A process driven quality improvement approach for user-provided incident information. (10th March 2021)
- Record Type:
- Journal Article
- Title:
- Improving data quality for human-as-a-security-sensor. A process driven quality improvement approach for user-provided incident information. (10th March 2021)
- Main Title:
- Improving data quality for human-as-a-security-sensor. A process driven quality improvement approach for user-provided incident information
- Authors:
- Vielberth, Manfred
Englbrecht, Ludwig
Pernul, Günther - Abstract:
- Abstract : Purpose: In the past, people were usually seen as the weakest link in the IT security chain. However, this view has changed in recent years and people are no longer seen only as a problem, but also as part of the solution. In research, this change is reflected in the fact that people are enabled to report security incidents that they have detected. During this reporting process, however, it is important to ensure that the reports are submitted with the highest possible data quality. This paper aims to provide a process-driven quality improvement approach for human-as-a-security-sensor information. Design/methodology/approach: This work builds upon existing approaches for structured reporting of security incidents. In the first step, relevant data quality dimensions and influencing factors are defined. Based on this, an approach for quality improvement is proposed. To demonstrate the feasibility of the approach, it is prototypically implemented and evaluated using an exemplary use case. Findings: In this paper, a process-driven approach is proposed, which allows improving the data quality by analyzing the similarity of incidents. It is shown that this approach is feasible and leads to better data quality with real-world data. Originality/value: The originality of the approach lies in the fact that data quality is already improved during the reporting of an incident. In addition, approaches from other areas, such as recommender systems, are applied innovatively toAbstract : Purpose: In the past, people were usually seen as the weakest link in the IT security chain. However, this view has changed in recent years and people are no longer seen only as a problem, but also as part of the solution. In research, this change is reflected in the fact that people are enabled to report security incidents that they have detected. During this reporting process, however, it is important to ensure that the reports are submitted with the highest possible data quality. This paper aims to provide a process-driven quality improvement approach for human-as-a-security-sensor information. Design/methodology/approach: This work builds upon existing approaches for structured reporting of security incidents. In the first step, relevant data quality dimensions and influencing factors are defined. Based on this, an approach for quality improvement is proposed. To demonstrate the feasibility of the approach, it is prototypically implemented and evaluated using an exemplary use case. Findings: In this paper, a process-driven approach is proposed, which allows improving the data quality by analyzing the similarity of incidents. It is shown that this approach is feasible and leads to better data quality with real-world data. Originality/value: The originality of the approach lies in the fact that data quality is already improved during the reporting of an incident. In addition, approaches from other areas, such as recommender systems, are applied innovatively to the area of the human-as-a-security-sensor. … (more)
- Is Part Of:
- Information and computer security. Volume 29:Number 2(2021)
- Journal:
- Information and computer security
- Issue:
- Volume 29:Number 2(2021)
- Issue Display:
- Volume 29, Issue 2 (2021)
- Year:
- 2021
- Volume:
- 29
- Issue:
- 2
- Issue Sort Value:
- 2021-0029-0002-0000
- Page Start:
- 332
- Page End:
- 349
- Publication Date:
- 2021-03-10
- Subjects:
- Data Quality -- Cybersecurity -- Incident Response -- Evidence Collection -- Human-as-a-Security-Sensor -- Security novice
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-06-2020-0100 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 23361.xml