Advancing Cyber Defence by Improved Communication of Recognized Cyber Threat Situations (ACDICOM)

Cyber security is subject to rapid technological progress. Consequently, there is an increasing need for a scientific understanding of the individual human?s limitations in cybersecurity performance, particularly in regards to communication in cyber threate situations. ACDICOM responds to this need. When a cyber-threat hits private or public organisations, it triggers a complex communication process between different players of different professional backgrounds in and beyond the institution. Technological experts and decision-makers quickly need to exchange information about these threats, as do teams within an organisation. In addition, organisations need to inform other organisations and different sectors of society need to communicate between themselves rapidly. The exchange between technological experts and decision-makers thus happens under great time and performance pressure. Consequently, the way we communicate cyber threat information is crucial to the quality of the decisions that are made as the perceived information shapes the situational awareness of decision-makers on all levels. The way technological details are simplified and communicated across disciplinary, hierarchical and cultural borders thus affects the situational awareness of decision-makers and their high-stake decisions that have economic, legal, and social consequences. The project?s aim is to provide evidence-based knowledge on rapid and accurate information exchange about cyber threats from a human factors perspective to improve decision-making outcomes and provide guidance for teaching and training of cyber threat communication. Cyber Defence Exercises will be used in close collaboration with educational institutions to simulate cyber-attacks in secure surroundings, to develop and validate tools for the monitoring of communication efficiency and integrate them into educational praxis.

While cyber resilience on the organisational and national level is subject to rapid technological progress, there is an urgent need for a scientific understanding of the individual human’s limitations in cybersecurity performance. Project Advancing Cyber Defence by Improved Communication of Recognized Cyber Threat Situations (ACDICOM) develops evidence-based standards to improve human interaction in cybersecurity performance. For an organisation to maintain control in its cyberspace and to make good cyber defence decisions, having an accurate Recognised Cyber Picture (RCP) is crucial. Security Operation Centres work as teams with technical tasks and decision making assigned to different individuals. In this context RCPs need to be shared and communicated across platforms, in differing modalities, and often across organisational boundaries and societal sectors. Where this communication is challenged due to practical, cultural, or simply logistic hindrances, the resulting shared RCP is inaccurate and critical information gets lost due to the decision-makers lack of situational awareness. This project focuses on dyadic communication to establish a shared RCP, develops common standards for information exchange in collaborative settings across sectors, organizational hierarchies, and cultures. Implemented by means of naturalistic settings in Cyber Defence Exercises as well as experimental research, this interdisciplinary collaboration provides a toolbox for the monitoring of communication efficiency and the implementation of findings in existing educational practices. The close collaboration with educational institutions facilitate sustainable behavioural changes needed for the improvement of human factors in cyber defence education. Actors from the private industry and national as well as supranational cyber defence forces are involved in all stages of the project and provide advice to ensure maximal practical applicability of the research questions and products.