This paper analyzes the UK Cyber Security and Resilience Bill, arguing that its comprehensive provisions necessitate a shift away from perimeter-based security models toward a Zero Trust Architecture…

This cross-national review analyzed government cybersecurity guidance for smart homes, finding that while general security advice is abundant, structured, step-by-step incident response guidance is ra…

The paper analyzes critical vulnerabilities (CVSS >= 9) using a mixed-methods approach, finding that systemic delays in patch deployment and remediation persist despite improved disclosure.

The paper quantifies a 'Coverage Gap' in Chile's critical infrastructure cyber disclosure framework, finding that only a tiny fraction of designated operators meet modern vulnerability disclosure stan…

The paper proposes an LLM-enhanced methodology using RAG to automate the creation of security profiles, ensuring compliance with Ukrainian cybersecurity regulations and international best practices.

The paper proposes CyberAId, a hybrid multi-agent system designed to enhance cybersecurity for financial institutions by integrating specialized LLM subagents with existing SIEM/XDR telemetry, address…

By analyzing over 27,000 posts from 325 public ransomware leak sites, this paper demonstrates that ransomware groups exhibit non-random, predictable operational regularities concerning victim concentr…

The paper introduces STRIKE, a multi-dimensional structured taxonomy designed to provide a comprehensive and unified framework for classifying the rapidly evolving complexity of modern cybercrimes.

This paper provides a systematic regulatory mapping and compliance architecture for AI agents operating under the complex web of EU laws, concluding that high-risk agents with untraceable behavioral d…

The paper argues that over-engineered university cybersecurity protocols, while necessary, create significant accessibility barriers that disproportionately harm remote international students, particu…

The paper proposes a scalable, market-analysis-driven methodology to assess national charging station cybersecurity by extrapolating field test results from a manageable subset of stations to estimate…

This paper analyzes how a financial-technology organization operationalizes the ISO/IEC 27001:2022 standard by examining eight core security procedures, concluding that an effective ISMS requires a ti…

This study surveyed Icelandic organizations to find that human factors, such as poor training and culture, pose significant cybersecurity risks that often bypass technical controls.

The paper proposes an organization-scoped LLM agent runtime architecture designed to provide an auditable, model-agnostic platform for regulated cybersecurity operations, integrating deeply with exist…

The paper proposes a novel, organization-scoped LLM agent runtime architecture designed specifically for regulated cybersecurity operations, ensuring auditable context and integration with existing se…

This pilot study investigates SME readiness for Zero Trust Architecture (ZTA) and proposes a realistic three-stage adoption path based on survey data from IT professionals.

NetSecBed is a container-native, scenario-oriented testbed designed to generate reproducible and auditable network traffic evidence and execution artifacts for complex cybersecurity research.

This paper systematically evaluates modern security logging standards (CIM, OCSF, ECS) using a novel framework to quantify their detection efficacy across diverse exploit scenarios, revealing critical…

This paper proposes a hybrid CNN-LSTM framework to enhance cyber attack detection and prevention in U.S. critical digital infrastructure by evaluating multiple machine learning models on the CSE-CIC-I…

The paper empirically characterizes 'shadow AI'—the unsanctioned use of frontier AI in critical infrastructure—as a systemic threat that erodes established assurance and security controls.