Online Cyber Security Exercise to Evaluate and Improve Individual Technical Specialists’ Cyber Incident Reporting Skills

Andres Oras
Existing large-scale team based cyber exercises are well suitable for learning cyber incident documenting and reporting outside the production environments. However, taking part in these big exercises is not an option for many small companies with very limited resources, with only few persons responsible for IT solutions. This thesis is produced to evaluate and improve individual technical specialists’ cyber incident reporting skills. Thesis introduces the requirements that are involved with creating online cyber incident reporting exercises. Also, in the context of this exercise, a short review is provided regarding the EU general data protection regulation, active from 25th of May 2018. Thesis also focuses on the process and challenges included with creating a cyber-incident reporting exercise for individuals. Thesis analyzes cyber security exercise evaluation methods and a new cyber incident report scoring method is produced, tested, and analyzed. Possible standard for cyber incident report template is presented. The created exercise with generated evaluation system enables indi-viduals to evaluate and improve their cyber incident reporting skills individually online with low resources. An exercise, with the goal of discovering a data leak from network traffic, was created for this thesis. The produced cyber incident report scoring method is versatile, so that other types of cyber incident reporting exercises can be created upon it, with medium effort.
Graduation Thesis language
Graduation Thesis type
Master - Cyber Security
Sten Mäses, Margus Ernits, Raimundas Matulevicius
Defence year