1. |
2. Recent trends in information and cyber security maturity assessment : a systematic literature reviewAlenka Baggia, Alenka Brezavšček, 2025, pregledni znanstveni članek Opis: This work represents a comprehensive and systematic literature review (SLR)
that follows the PRISMA (Preferred Reporting Items for Systematic Reviews and MetaAnalyses) guidelines for research assessing information and cyber security maturity. The
period from 2012 to 2024 was considered and the final collection of 96 studies was taken
into account. Our findings were summarised in two stages, a quantitative analysis and
a qualitative synthesis. In the first part, various quantitative indicators were used to
analyse the evolution of the information and cyber security maturity assessment domain
over the last twelve years. The qualitative synthesis, which was limited to 36 research
papers, categorises the studies into three key areas: the development of new maturity
models, the implementation of established models and frameworks, and the advancement
of methodologies to support maturity assessments. The findings reveal significant progress
in sector-specific customisation, the growing importance of lightweight models for small
and medium-sized enterprises (SMEs), and the integration of emerging technologies. This
study provides important insights into the evolving landscape of information and cyber
security maturity assessment and provides actionable recommendations for academia and
industry to improve security resilience and support the adoption of tailored, effective
maturity models
Ključne besede: cyber security, information security, maturity assessment, maturity model, maturity framework, systematic literature review, SLR
Objavljeno v DKUM: 26.08.2025; Ogledov: 0; Prenosov: 3
 Celotno besedilo (2,49 MB)
Gradivo ima več datotek! Več... |
3. Development of cyber security platform for experiential learningAbhishek Vaish, Ravindra Kumar, Samo Bobek, Simona Sternad Zabukovšek, 2024, izvirni znanstveni članek Opis: The cyber security education market has grown-up exponentially, with a CAGR of 13.9 % as reported by Data Intelo. The report published by the World Economic Fo- rum 2023 indicates a shortfall of 2.27 million cyber security experts in 2021 across different roles and hence manifest that Skill-based cyber security education is the need of the hour. Cybersecurity as a field has evolved as a multi-discipline, multistakeholder and multi-role discipline. Therefore, the need to address formal education with an outcomebased philosophy is imperative to address for a wider audience with varied past training in their formal education. With the Internet becoming an essential part of human life, providing security of data passed over the Internet is becoming increasingly crucial. Therefore, the role in the organization which is quite demanding is to have expertise in handling and configuring network security, a subdomain of cyber security as a priority area. The rapid increase in the network attack landscape is constantly demanding monitoring of network attacks as well as a need to promote collaborative R&D and education in the sphere of cyber security due to a shortage of skilled resources. Platform-based education is a potential direction to achieve the objective and address the skill gap required in cyber security. The present research proposes a comprehensive web-based platform that can be used to communicate, collaborate and practice various use cases in the domain of network intrusion detection tools using machine learning algorithms and to evaluate user experience. The proposed platform CySecLearn is a collection of various functionalities and features that ensures experiential learning, will help the learner to develop critical thinking and expertise in network security and promote digital literacy in the domain of cyber security.
Ključne besede: digital education, cyber security, platformization, online simulation, user feedback, experiential learning
Objavljeno v DKUM: 30.06.2025; Ogledov: 0; Prenosov: 23
Celotno besedilo (1,66 MB)
Gradivo ima več datotek! Več... |
4. Balancing software and training requirements for information securityDamjan Fujs, Simon Vrhovec, Damjan Vavpotič, 2023, izvirni znanstveni članek Opis: Information security is one of the key areas of consideration to assure reliable and dependable information systems (IS). Achieving an appropriate level of IS security requires concurrent consideration of the technical aspects of IS and the human aspects related to the end users of IS. These aspects can be described in the form of information security requirements. We propose an approach that helps select and balance information security software requirements (iSSR) and information security training requirements (iSTR) according to the information security performance of end users. The approach was tested in an experiment involving 128 IS professionals. The results showed that using the proposed approach helps IS professionals with limited experience in information security make significantly better decisions regarding iSSR and iSTR.
Ključne besede: kibernetska varnost, eksperiment, informacijsko varnostni standardi, inženirstvo zahtev, usposabljanje končnih uporabnikov, informacijska varnost, cyber security, experiment, information security standard, requirements engineering, end user training, information security
Objavljeno v DKUM: 13.11.2024; Ogledov: 0; Prenosov: 7
 Povezava na celotno besedilo |
5. |
6. Cyber (in)security of personal data and information in times of digitizationMiha Dvojmoč, Mojca Tancer Verboten, 2022, izvirni znanstveni članek Opis: In an employment relationship, work and pay are no longer the only important aspects, as importance is increasingly shifting toward obligations concerning the protection of personal data and privacy arising from the prohibition of causing harm to the employer and the duty of loyalty to the employer. The article deals with the constitutionally protected right to privacy and the protection of personal data from the point of view of ensuring cyber security at the employer. The employer is obligated to protect the right to privacy by legal provisions, whereas from the point of view of ensuring the protection of privacy and information, the employer must protect, first and foremost, the personal data of employees. The main purpose of the legal protection of personal data is the lawful and fair processing of the personal data of individuals. Employers are thus facing an increasing number of risks related to the safety of employees and the security of business processes, and it is therefore important to establish comprehensive corporate security to ensure adequate security across all levels.
Ključne besede: cyber security, protection of personal data, protection of privacy, cyber threats, protection of business secrets
Objavljeno v DKUM: 11.06.2024; Ogledov: 150; Prenosov: 35
Celotno besedilo (375,13 KB)
Gradivo ima več datotek! Več... |
7. Identifying key activities, artifacts and roles in agile engineering of secure software with hierarchical clusteringAnže Mihelič, Tomaž Hovelja, Simon Vrhovec, 2023, izvirni znanstveni članek Opis: Different activities, artifacts, and roles can be found in the literature on the agile engineering of secure software (AESS). The purpose of this paper is to consolidate them and thus identify key activities, artifacts, and roles that can be employed in AESS. To gain initial sets of activities, artifacts, and roles, the literature was first extensively reviewed. Activities, artifacts, and roles were then cross-evaluated with similarity matrices. Finally, similarity matrices were converted into distance matrices, enabling the use of Ward’s hierarchical clustering method for consolidating activities, artifacts, and roles into clusters. Clusters of activities, artifacts, and roles were then named as key activities, artifacts, and roles. We identified seven key activities (i.e., security auditing, security analysis and testing, security training, security prioritization and monitoring, risk management, security planning and threat modeling; and security requirements engineering), five key artifacts (i.e., security requirement artifacts, security repositories, security reports, security tags, and security policies), and four key roles (i.e., security guru, security developer, penetration tester, and security team) in AESS. The identified key activities, artifacts, and roles can be used by software development teams to improve their software engineering processes in terms of software security.
Ključne besede: secure software development, security engineering, agile methods, agile development, software development, software engineering, software security, application security, cybersecurity, cyber resilience
Objavljeno v DKUM: 29.11.2023; Ogledov: 417; Prenosov: 14
Celotno besedilo (557,17 KB)
Gradivo ima več datotek! Več... |
8. Cyber Security- Training Students and Scholars for the Challenges of Information and Communication Technologies in Research and Studies for Internationalisation : handbook2023 Opis: This handbook is a product of the Erasmus+ Strategic Partnership between the partners Université Polytéchnique Hauts-de-France, Politechnika Poznanska, Brandenburgische Technische Universität Cottbus-Senftenberg and the coordinator University of Maribor. Contentuous contribution were made by staff of University of Maribor and Politechnika Poznanska, evaluations by staff of the other two partners. The handbooks handles virtual learning environments in the international education and research area and exposure of the systems to cybercrime. Besides introductory contributions on legal aspects of challenges in the fields of human rights, European regulations of data security, civil law and criminal law aspects of caber security of virtual learning environments and methodologies of their introduction w8ithin organisations, the handbook also gives useful instructions for elaboration of virtual courses within virtual learning environments relevant for the internationalised research and education not only since the Covid-19 pandemic. The handbook is dedicated to use on the internet within the Moodle system.
Ključne besede: cyber security, virtual learning environment, data security, cyber crime, systems
Objavljeno v DKUM: 13.04.2023; Ogledov: 554; Prenosov: 43
Celotno besedilo (5,72 MB)
Gradivo ima več datotek! Več... |
9. Advances in cybersecurity 20172017, znanstvena monografija Opis: Understanding the cyberspace and awareness of its effects impacts the lives of all individuals. Thus, the knowledge of cybersecurity in both organizations and private operations is essential. Research on various aspects of cybersecurity is crucial for achieving adequate levels of cybersecurity. The content of this scientific monograph provides answers to various topical questions from the organizational, individual, sociological, technical and legal aspects of security in the cyberspace. The papers in the monograph combine the findings of researchers from different subareas of cybersecurity, show the effects of adequate levels of cybersecurity on the operations of organizations and individuals, and present the latest methods to defend against threats in the cyberspace from technical, organizational and security aspects.
Ključne besede: cybersecurity, cyber resilience, mobile security, digital privacy, IoT security
Objavljeno v DKUM: 08.12.2017; Ogledov: 1933; Prenosov: 426
Celotno besedilo (3,56 MB)
Gradivo ima več datotek! Več... |
