Team Cybersecurity Training: A Feasibility Study

Abstract

To maintain the critical functioning of the United States’ computing infrastructure, a virtual-simulation range for cybersecurity training has been established to train cybersecurity teams. The present study’s objective is to review the feasibility of this training range, using the approach of a self-report survey collected from trainees. Results show the usefulness of the range, while also revealing paths for improvement. Eighty-two cybersecurity professionals replied to a survey comprised of Likert items and open responses. Results from the Likert items showed positive signs of the training’s usefulness. User’s confidence in managing cyberthreats mainly increased or remained unchanged after training. Individuals mostly reported their teams accomplishing the scenario task without much confusion. For open responses, the most-liked aspects of training were its challenge, its realism, and the involvement of teamwork. Next steps are to improve the training range and extend research directions. Based on results, range improvements are to integrate relevant ethical scenarios, add new tools, lengthen the scenario, and give refresher training. Results of strong task cohesion and high collective orientation suggest issues with technical factors. Other next steps are to use the range to improve the personnel selection of cybersecurity professionals, and to capture performance and subjective perceptions repeatedly at team levels, while considering team age, size, and composition.

Keywords: Cybersecurity Training, Cybersecurity-Team Survey, Cyberthreat Management, Feasibility, Self-Report Survey, Teams, User Perspectives

DOI: 10.54941/ahfe1007048