Measuring team effectiveness in cyber-defense exercises: a cross-disciplinary case study

Granåsen, Magdalena; Andersson, Dennis

doi:10.1007/s10111-015-0350-2

Cited by 37 publications

(30 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In a study examining information sharing and coordination across different levels of a multi-agency disaster response, Bharosa, Lee, and Janssen (Bharosa et al, 2010) interviewed relief workers on the spot to better understand their actions or to ask them about the problems they faced. In a more recent example from Granasen and Andersson (Granasen and Andersson, 2015), observers in different locations recorded events and interpretations in different media. The records were then integrated so that systemic properties emerged relating to the conduct of the exercise.…”

Section: Current Approaches To Studying Interruptions In Healthcarementioning

confidence: 99%

Two sides to every story: The Dual Perspectives Method for examining interruptions in healthcare

et al. 2017

View full text Add to dashboard Cite

Interruptions are widely considered a problem in healthcare. Results from observation and experimental studies have guided extensive mitigation efforts, but the effectiveness of interventions remains mixed. We have built on current theories and methods for studying interruptions to develop a novel observational approach - the Dual Perspectives Method - for examining interruptions from the perspectives of the different work functions in an Intensive Care Unit (ICU). We detail the method and provide representative examples of the insights it offers, such as why interruptions happen, the role they play, and the consequences of preserving them or eliminating them. We anticipate that the Dual Perspectives Method will help us to arrive at a better basis on which to draw conclusions about interruptions, and will lead to the development of appropriate and sustainable interventions to ensure the effective and safe functioning of the work system under examination.

show abstract

Section: Current Approaches To Studying Interruptions In Healthcarementioning

confidence: 99%

Two sides to every story: The Dual Perspectives Method for examining interruptions in healthcare

et al. 2017

View full text Add to dashboard Cite

show abstract

“…Observing and assessing team cognition in virtual teams is complicated due to the intrinsic nature of working in the digital domain. To overcome this challenge, researchers have attempted to measure team performance in virtual settings using a triangulation of the aforementioned methods (e.g., Granåsen and Andersson 2016;Maynard and Gilson 2014).…”

Section: Introductionmentioning

confidence: 99%

Approaches to team performance assessment: a comparison of self-assessment reports and behavioral observer scales

2017

Self Cite

View full text Add to dashboard Cite

Human factors research popularly employs perception-based techniques to investigate team performance and its dependency to cognitive processes. Such studies frequently rely upon either observer-based or self-assessment techniques to collect data. In this study, we examined behavioral observer ratings and self-assessment ratings for measuring team performance in virtual teams, with team performance regarded as a combination of task outcome and team cognition. Juxtaposing self-assessments and observer ratings from a quasi-experiment comparing team performance rating techniques reveals that they indeed produce overall similar results, with both singling out teamwork effectiveness ratings as the strongest contributor to overall team performance. However, the comparisons show remarkably low correlation on individual questionnaire items. The most striking difference is that the team members' self-assessments of workload are lower than the corresponding observer ratings. In particular, the selfassessments do not correlate at all with overall team performance, whereas the observers' workload ratings are more consistent with contemporary research that suggests a strong correlation between workload and team performance, suggesting that observer-based techniques are more reliable than self-assessments for assessing workload. For other ratings, the results show that the two techniques are fairly equal, suggesting that the choice between methods to employ can be deferred to other considerations such as obtrusiveness, accessibility, and resource availability.

show abstract

“…It was claimed that [26] cyber exercises can be developed with a focus on measuring performance against specific standards. In cyber defense exercises, to measure team effectiveness and gain knowledge how to do that, the role of behavioral assessment techniques was investigated as a complement to task-based performance measurement [27].…”

Section: Patriciu and Furtunamentioning

confidence: 99%

The Concept of Cyber Defence Exercises (CDX): Planning, Execution, Evaluation

Seker

Ozbenli²

2018

2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)

View full text Add to dashboard Cite

This paper discusses the concept of cyber defence exercises (CDX) that are very important tool when it comes to enhancing the safety awareness of cyberspace, testing an organization's ability to put up resistance and respond to different cyber events to establish the secure environment, gathering empirical data related to security, and looking at the practical training of experts on this subject. The exercises can give ideas to the decision makers about the precautions in the cybersecurity area and to the officials, institutions, organizations, and staff who are responsible on the cyber tools, techniques, and procedures that can be developed for this field. In the cyber defense exercises, the scenarios that are simulated closest to reality which provides very important contributions by bringing together the necessity of making the best decisions and management capabilities under the cyber crisis by handling stress and coordinated movement as a team. The objective of this paper is to address the issue from a scientific point of view by setting out the stages of planning, implementation, and evaluation of these exercises, taking into account and comparing international firefighting exercises. Another aim of the work is to be able to reveal the necessary processes that are required for all kind of cyber exercises, regardless of the type, although the processes involved vary according to the target mass of the planned exercise.Index Terms-Cyber defense, security exercises, cyber resilience, cyber threat, cyber security, cyber-attack mitigation, cyber crisis management. I. RELATED WORKCDX have been identified as an efficient mechanism to practice IT security awareness training [1,2] but are also an ultimate tool to reveal and define the different security needs of every organization [3]. It provides an excellent opportunity and ultimate learning experience [4,5] for the students to improve their skills in protecting and defending information systems are assessed in the context of realistic, true-to-life scenario [6]. On the other side, as discussed by Vigna [7] and Mink [8], the offensive security training is also an effective way to learn information security. The previous works in this area examined the structure [9] and how to use of cyber defence competitions, overall effectiveness of live-attack exercises in teaching information security [10], curriculum and course format at CDX in which teams design, implement, manage and defend a network of computers [11][12][13][14][15]. Other literature has examined the benefit of conducting cyber defense competitions at the K-12 level [16,17]. The architecture of a cyber defense competition [18] and different tools and techniques used and how they fit into an active learning approach and how it focuses on the operational aspect of managing and protecting an existing network infrastructure were described by Green et al [19].

show abstract

Measuring team effectiveness in cyber-defense exercises: a cross-disciplinary case study

Cited by 37 publications

References 28 publications

Two sides to every story: The Dual Perspectives Method for examining interruptions in healthcare

Two sides to every story: The Dual Perspectives Method for examining interruptions in healthcare

Approaches to team performance assessment: a comparison of self-assessment reports and behavioral observer scales

The Concept of Cyber Defence Exercises (CDX): Planning, Execution, Evaluation

Contact Info

Product

Resources

About