How Do Organizations Seek Cyber Assurance? Investigations on the Adoption of the Common Criteria and Beyond

10Citations
Citations of this article
68Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Cyber assurance, which is the ability to operate under the onslaught of cyber attacks and other unexpected events, is essential for organizations facing inundating security threats on a daily basis. Organizations usually employ multiple strategies to conduct risk management to achieve cyber assurance. Utilizing cybersecurity standards and certifications can provide guidance for vendors to design and manufacture secure Information and Communication Technology (ICT) products as well as provide a level of assurance of the security functionality of the products for consumers. Hence, employing security standards and certifications is an effective strategy for risk management and cyber assurance. In this work, we begin with investigating the adoption of cybersecurity standards and certifications by surveying 258 participants from organizations across various countries and sectors. Specifically, we identify adoption barriers of the Common Criteria through the designed questionnaire. Taking into account the seven identified adoption barriers, we show the recommendations for promoting cybersecurity standards and certifications. Moreover, beyond cybersecurity standards and certifications, we shed light on other risk management strategies devised by our participants, which provides directions on cybersecurity approaches for enhancing cyber assurance in organizations.

References Powered by Scopus

Making sense of Cronbach's alpha

8229Citations
N/AReaders
Get full text

A survey on technical threat intelligence in the age of sophisticated cyber attacks

313Citations
N/AReaders
Get full text

Data-Driven Cybersecurity Incident Prediction: A Survey

261Citations
N/AReaders
Get full text

Cited by Powered by Scopus

Cyber Threat Intelligence Mining for Proactive Cybersecurity Defense: A Survey and New Perspectives

91Citations
N/AReaders
Get full text

A Review of State-of-the-Art Malware Attack Trends and Defense Mechanisms

22Citations
N/AReaders
Get full text

On the Development of a Protection Profile Module for Encryption Key Management Components

3Citations
N/AReaders
Get full text

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Cite

CITATION STYLE

APA

Sun, N., Li, C. T., Chan, H., Islam, M. Z., Islam, M. R., & Armstrong, W. (2022). How Do Organizations Seek Cyber Assurance? Investigations on the Adoption of the Common Criteria and Beyond. IEEE Access, 10, 71749–71763. https://doi.org/10.1109/ACCESS.2022.3187211

Readers' Seniority

Tooltip

PhD / Post grad / Masters / Doc 10

63%

Lecturer / Post doc 3

19%

Researcher 2

13%

Professor / Associate Prof. 1

6%

Readers' Discipline

Tooltip

Computer Science 8

40%

Engineering 6

30%

Business, Management and Accounting 5

25%

Arts and Humanities 1

5%

Save time finding and organizing research with Mendeley

Sign up for free