Search results

Cybersecurity advocates safeguard their organizations by promoting security best practices. This paper aims to describe the skills and characteristics of successful advocates.

This study involved 28 in-depth interviews of cybersecurity advocates.

Effective advocates possess not only technical acumen but also interpersonal skills, communication skills context awareness and a customer service orientation.

Non-technical skills are deemphasized in cybersecurity training, limiting career progression into the cybersecurity advocate role for existing security professionals and those from other disciplines. This paper suggests improvements for professional development that encourage greater security workforce diversity.

To the best of the authors’ knowledge, this study is the first to define and enumerate competencies for the role of cybersecurity advocate.

The paper seeks to provide a foundational understanding of the socio‐technical system that is computer network intrusion detection, including the nature of the knowledge work, situated expertise, and processes of learning as supported by information technology.

The authors conducted a field study to explore the work of computer network intrusion detection using multiple data collection methods, including semi‐structured interviews, examination of security tools and resources, analysis of information security mailing list posts, and attendance at several domain‐specific user group meetings.

The work practice of intrusion detection analysts involves both domain expertise of networking and security and a high degree of situated expertise and problem‐solving activities that are not predefined and evolve with the dynamically changing context of the analyst's environment. This paper highlights the learning process needed to acquire these two types of knowledge, contrasting this work practice with that of computer systems administrators.

The research establishes a baseline for future research into the domain and practice of intrusion detection, and, more broadly, information security.

The results presented here provide a critical examination of current security practices that will be useful to developers of intrusion detection support tools, information security training programs, information security management, and for practitioners themselves.

There has been no research examining the work or expertise development processes specific to the increasingly important information security practice of intrusion detection. The paper provides a foundation for future research into understanding this highly complex, dynamic work.

The design of viable, small‐scale community spaces on the Net is often a hit‐or‐miss affair. To better understand promising approaches in this design space, it is necessary to go back in time to examine an earlier community technology. A field study is presented of The Castle, a dial‐up bulletin board system, that focuses on Disneyland. As a “gathering place for Disney enthusiasts”, The Castle is a fascinating, albeit eccentric, online community. The Castle's centrality in the fans’ interest network allows it to function as a collecting point. Here people find similar enthusiasts and even those with insider knowledge. Yet, because of the cost structure of dial‐up access (an accidental side‐effect of the technology), participants are overwhelmingly geographically local, which has useful consequences for social maintenance. It is argued that the geographical locality and centrality of interest allow The Castle to thrive. Most importantly, however, the combination of the two together creates a powerful social dynamic which has been lost in most contemporary online communities.

SEPTEMBER this year will be unique in the history of the librarian in England in that for the first time in nearly sixty years the annual conference of the Library Association has already become a memory only. There are those who profess to believe that the conference should be restored to the autumn months. It may be suggested on the other hand that the attendance at Margate lent no assistance to that point of view; indeed, the Margate conference was one of the most pleasant, one of the most successful, of which we have record. Nevertheless, if it can be proved that any large body of librarians was unable to be present owing to the change of month, it appears to us that the matter should be considered sympathetically. Although no one holds any longer the view that one week's attendance at a conference will teach more than many months' study in hermit‐like seclusion—the words and sentiments are those of James Duff Brown—because to‐day there is much more intimate communication between librarians than there was when that sentiment was expressed, there is enormous value, and the adjective is not an exaggeration, in one large meeting of librarians in body in the year. It is an event to which every young librarian looks forward as the privilege to be his when he reaches a high enough position in the service; attendance is a privilege that no librarian anywhere would forego. And this, in spite of the fact that there is usually a grumble because the day is so full of meetings that there is very little chance of such recreation as a seaside, or indeed any other, place visited, usually provides for the delegates.