@inproceedings{gafic_novel_2022, title = {A {Novel} {Approach} {Integrating} {Design} {Thinking} {Techniques} in {Cyber} {Exercise} {Development}}, url = {https://link.springer.com/chapter/10.1007/978-3-030-95918-0_11}, doi = {10.1007/978-3-030-95918-0_11}, abstract = {The increasing cyber security compliance requirements (e.g. NIS directive or GDPR in the EU) and the growing dependence on ICT systems have made cyber resilience to a top priority around the globe. Especially during the pandemic, the demand for secure and constantly available systems increased as companies had to change the way they work using home office and remote working capabilities. For satisfying the compelling need for resilient systems, it is vital to ensure that systems work even under adverse events. A key element in this context are cyber exercises. However, planning and conducting an effective cyber exercise is a complex and challenging task. To support this endeavor, in this paper we introduce a novel approach, which integrates design thinking techniques in planning process to improve the exercise development and to tailor exercises to the specific requirements of the organisations. To gain first insights, we evaluated the approach with 50 part-time cyber security students.}, language = {Englisch}, booktitle = {Proceedings of the {International} {Conference} on {Applied} {CyberSecurity} ({ACS}) 2021}, publisher = {Springer Link}, author = {Gafic, Melisa and Tjoa, Simon and Kieseberg, Peter}, year = {2022}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Vortrag, Wiss. Beitrag, peer-reviewed}, pages = {103--113}, } @inproceedings{gafic_cyber_2022, title = {Cyber {Exercises} in {Computer} {Science} {Education}}, copyright = {CC BY-NC-ND}, isbn = {978-989-758-553-1}, url = {https://www.scitepress.org/Link.aspx?doi=10.5220/0010845800003120}, doi = {10.5220/0010845800003120}, abstract = {Due to the strong dependence of companies on their ICT and the high relevance of stable services to remain competitive in the global market, cyber security and resilience play an increasingly important role. However, information security is not only an important issue in the corporate context but also in the societal context. For this reason, nearly all computer science programs at higher education institutions (HEI) incorporate this topic. In this paper, we introduce a table-top cyber security exercise lecture format and the experiences gathered over the last years. The approach is currently used to teach computer science students as well as information security students at two higher education institutions in Austria. Additionally, we briefly highlight how the approach was adapted in order to satisfy the compelling need to teach the course remotely due to Corona restrictions}, language = {Englisch}, booktitle = {Proceedings of the 8th {International} {Conference} on {Information} {Systems} and {Privacy} ({ICISSP})}, publisher = {SCITEPRESS}, author = {Gafic, Melisa and Tjoa, Simon and Kieseberg, Peter and Hellwig, Otto and Quirchmayer, Gerald}, year = {2022}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Vortrag, Wiss. Beitrag, peer-reviewed}, pages = {404--411}, } @misc{gafic_analyse_2019, address = {FH Wiener Neustadt}, title = {Analyse der {Wechselwirkungen} von {Datenschutz} und {Informationssicherheit} unter {Verwendung} einer {DSGVO} {Ontologie}}, author = {Gafic, Melisa}, month = apr, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, peer-reviewed}, } @misc{gafic_data_2019, address = {FH St. Pölten}, title = {Data {Science} in {Practice}}, author = {Gafic, Melisa}, month = jan, year = {2019}, keywords = {FH SP Cyber Security, FH SP Data Analytics \& Visual Computing, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, }