Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2022 Nov 9;22(22):8663.
doi: 10.3390/s22228663.

Cybersecurity Awareness and Training (CAT) Framework for Remote Working Employees

Mohammad Hijji  1 Gulzar Alam  2
Affiliations

Cybersecurity Awareness and Training (CAT) Framework for Remote Working Employees

Mohammad Hijji et al. Sensors (Basel). .

Abstract

Currently, cybersecurity plays an essential role in computing and information technology due to its direct effect on organizations' critical assets and information. Cybersecurity is applied using integrity, availability, and confidentiality to protect organizational assets and information from various malicious attacks and vulnerabilities. The COVID-19 pandemic has generated different cybersecurity issues and challenges for businesses as employees have become accustomed to working from home. Firms are speeding up their digital transformation, making cybersecurity the current main concern. For software and hardware systems protection, organizations tend to spend an excessive amount of money procuring intrusion detection systems, antivirus software, antispyware software, and encryption mechanisms. However, these solutions are not enough, and organizations continue to suffer security risks due to the escalating list of security vulnerabilities during the COVID-19 pandemic. There is a thriving need to provide a cybersecurity awareness and training framework for remote working employees. The main objective of this research is to propose a CAT framework for cybersecurity awareness and training that will help organizations to evaluate and measure their employees' capability in the cybersecurity domain. The proposed CAT framework will assist different organizations in effectively and efficiently managing security-related issues and challenges to protect their assets and critical information. The developed CAT framework consists of three key levels and twenty-five core practices. Case studies are conducted to evaluate the usefulness of the CAT framework in cybersecurity-based organizational settings in a real-world environment. The case studies' results showed that the proposed CAT framework can identify employees' capability levels and help train them to effectively overcome the cybersecurity issues and challenges faced by the organizations.

Keywords: COVID-19; artificial intelligence; cybersecurity; cybersecurity awareness; education; training framework.

PubMed Disclaimer

Conflict of interest statement

The authors declare no conflict of interest.

Figures

Figure 1
Figure 1
Proposed research methodology.
Figure 2
Figure 2
Complete development process of CAT.
Figure 3
Figure 3
Entire structure of the CAT framework.
See this image and copyright information in PMC

References

    1. Kemmerer R.A. Cybersecurity; Proceedings of the 25th International Conference on Software Engineering; Portland, OR, USA. 3–10 May 2003; pp. 705–715. - DOI
    1. Khan F., Zahid M., Gürüler H., Tarımer İ., Whangbo T. An Efficient and Reliable Multicasting for Smart Cities. Comput. Mater. Contin. 2022;72:663–678. doi: 10.32604/cmc.2022.022934. - DOI
    1. Impact of COVID-19 on Cybersecurity. Deloitte Switzerland. [(accessed on 3 April 2021)]. Available online: https://www2.deloitte.com/ch/en/pages/risk/articles/impact-covid-cyberse....
    1. Hijji M., Alam G. A Multivocal Literature Review on Growing Social Engineering Based Cyber-Attacks/Threats During the COVID-19 Pandemic: Challenges and Prospective Solutions. IEEE Access. 2021;9:7152–7169. doi: 10.1109/ACCESS.2020.3048839. - DOI - PMC - PubMed
    1. Sabillon R., Serra-Ruiz J., Cavaller V. An effective cybersecurity training model to support an organizational awareness program: The Cybersecurity Awareness TRAining Model (CATRAM). A Case Study in Canada. J. Cases Inf. Technol. JCIT. 2019;21:26–39. doi: 10.4018/JCIT.2019070102. - DOI