Analyzing Cybersecurity Definitions for Non-experts
Lorenzo Neil, Julie Haney, Kerrianne Buchanan
There is no standard definition for cybersecurity, with current definitions often being technically-complex and targeted at practitioners and academics. However, non-experts (those who do not have security expertise) need an understandable definition to provide a foundation for applying cybersecurity concepts. We take an initial step towards developing guidance on how to define and describe cybersecurity to non-experts. Unlike prior efforts that only consider definitions from authoritative sources, we performed a systematic search and analysis of cybersecurity definitions that include those that non-experts may encounter. We found that cybersecurity definitions are largely inconsistent in describing what cybersecurity is and does and often use overly-technical terminology. Our findings illustrate the full landscape of cybersecurity definitions and provide a basis for investigating which definitions may be best for non-experts.
July 4-6, 2023
IFIP International Symposium on Human Aspects of Information Security & Assurance (HAISA 2023)
, Haney, J.
and Buchanan, K.
Analyzing Cybersecurity Definitions for Non-experts, IFIP International Symposium on Human Aspects of Information Security & Assurance (HAISA 2023), Kent, GB, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=936618
(Accessed October 3, 2023)