ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2606.02839v1· 20 results

cs.CRcs.CYRecentMay 20, 2026

Profiling User Vulnerability to Phishing Through Psychological and Behavioral Factors

Valeria Formisano, Danilo Gentile, Gennaro Esposito Mocerino, Michela Ponticorvo +3 more

This study profiles user vulnerability to phishing by identifying key psychological and behavioral factors, revealing that most users are high-risk due to hasty decision-making rather than lacking tec…

View →
cs.CRRecentMay 21, 2026

Human Vulnerability Assessment in Cybersecurity: A Systematic Literature Review of Methods, Models, and Instruments

Dimitra Papatsaroucha, Stavroula Psaroudaki, Eleftheria Vassilaki, Konstantina Pityanou +3 more

This systematic literature review analyzes existing methods, models, and instruments for assessing human vulnerability in cybersecurity, concluding that current approaches are fragmented and lack a dy…

View →
cs.CRRecentMay 6, 2026

Evaluating the Reliability of Multiple Large Language Models in Risk Assessment: A CIS Controls Based Approach

Gustavo Roberto Pinto, Arthur do Prado Labaki, Rodrigo Sanches Miani

The study compared the cybersecurity risk assessment capabilities of five popular large language models (LLMs) against human experts, finding that LLMs consistently underestimated risks and require ma…

View →
cs.CRRecentApr 2, 2026

Evolution and Perspectives of the Keep IT Secure Ecosystem:A Six-Year Analysis of Cybersecurity Experts Supporting Belgian SMEs

Christophe Ponsard, Jean-François Daune, Denis Darquennes, Malik Bouhou +1 more

This paper analyzes a six-year cybersecurity initiative in Belgium, demonstrating how structured expert validation and networking can significantly improve the cybersecurity posture of Small and Mediu…

View →
cs.CRcs.CYRecentMay 17, 2026

Towards Zero Trust Architecture: A Pilot Study on Information Systems Security Readiness amongst Small and Medium Enterprises

Yu Deng, Anushia Inthiran

This pilot study investigates SME readiness for Zero Trust Architecture (ZTA) and proposes a realistic three-stage adoption path based on survey data from IT professionals.

View →
cs.CRcs.CYecon.GNRecentApr 23, 2026

Mitigate or Fail: How Risk Management Shapes Cybersecurity Competency

Jeffrey T. Gardiner

The paper argues that despite the focus on risk, the cybersecurity profession is structurally trained as a threat-management discipline, leading to poor foundational risk reasoning among professionals…

View →
cs.CRcs.HCRecentMay 23, 2026

Routing Cybersecurity Awareness Training by FFM Personality Trait: A Quasi-Experimental Evaluation

Glory Okwata, Mohammad A. Razzaque

This study evaluated a personality-conditional cybersecurity training system, TailoredSec, finding that routing content based on a user's Five-Factor Model (FFM) trait significantly improved post-trai…

View →
cs.CRRecentApr 22, 2026

CVEs With a CVSS Score Greater Than or Equal to 9

Lena Sinterhauf, Andreas Aßmuth, Roland Kaltefleiter

The paper analyzes critical vulnerabilities (CVSS >= 9) using a mixed-methods approach, finding that systemic delays in patch deployment and remediation persist despite improved disclosure.

View →
cs.CRcs.GTRecentMay 11, 2026

Cybercrime and Prevention: Colonel Blotto in Social Engineering

Gergely Benkő, Katalin Parti, Gergely Biczók

This paper uses Colonel Blotto game models, grounded in Routine Activity Theory, to determine the optimal allocation of defensive resources against social engineering attacks, providing data-driven de…

View →
cs.CRRecentApr 23, 2026

A Sociotechnical, Practitioner-Centered Approach to Technology Adoption in Cybersecurity Operations: An LLM Case

Francis Hahn, Mohd Mamoon, Alexandru G. Bardas, Michael Collins +3 more

The paper demonstrates that adopting LLM-based tools in cybersecurity operations requires a sociotechnical, practitioner-centered co-creation approach, which successfully overcame historical adoption…

View →
cs.CRcs.CYRecentMar 23, 2026

Cybersecurity Guidance for Smart Homes: A Cross-National Review of Government Sources

Victor Jüttner, Erik Buchmann

This cross-national review analyzed government cybersecurity guidance for smart homes, finding that while general security advice is abundant, structured, step-by-step incident response guidance is ra…

View →
cs.SEcs.CRcs.SIRecentApr 25, 2026

Operationalising Information Security Management: A Procedural Framework Analysis of ISO/IEC 27001:2022 Implementation in a Financial-Technology Organisation

Ratul Ali

This paper analyzes how a financial-technology organization operationalizes the ISO/IEC 27001:2022 standard by examining eight core security procedures, concluding that an effective ISMS requires a ti…

View →
cs.CRcs.CYRecentMay 19, 2026

Locked Out at 8,000 Miles: Why UK-China Partnership Students Are Suffering

Benjamin Kenwright

The paper argues that over-engineered university cybersecurity protocols, while necessary, create significant accessibility barriers that disproportionately harm remote international students, particu…

View →
cs.CRcs.AIRecentApr 7, 2026

Towards the Development of an LLM-Based Methodology for Automated Security Profiling in Compliance with Ukrainian Cybersecurity Regulations

Daniil Shafranskyi, Iryna Stopochkina, Mykola Ilin

The paper proposes an LLM-enhanced methodology using RAG to automate the creation of security profiles, ensuring compliance with Ukrainian cybersecurity regulations and international best practices.

View →
cs.CRRecentMay 23, 2026

Reframing LLM Agent Security as an Agent-Human Interaction Problem

Peiran Wang, Ying Li, Yuan Tian

The paper argues that LLM agent security is fundamentally an agent-human interaction (AHI) problem, demonstrating that industry practices rely on human-centric mechanisms while academic research focus…

View →
cs.CRRecentApr 16, 2026

ConGISATA: A Framework for Continuous Gamified Information Security Awareness Training and Assessment

Ofir Cohen, Ron Bitton, Asaf Shabtai, Rami Puzis

The paper proposes ConGISATA, a continuous, gamified framework using embedded mobile sensors to enhance individual information security awareness by transforming passive risks into active learning opp…

View →
cs.CRcs.ETRecentApr 23, 2026

Risk Models as Mediating Artifacts: A Postphenomenological Analysis of the CIIM Framework in Cybersecurity Practice

Rommel Salas-Guerra

The paper analyzes the CIIM risk model using postphenomenology, arguing that such formal models act as mediating artifacts that fundamentally shape how cybersecurity practitioners perceive and respond…

View →
cs.CRRecentMay 15, 2026

STRIKE: A Structured Taxonomy of Cybercrime for Risk, Impact, Knowledge, and Evolution

Melissa Pappy, Linh Nguyen, Suman Kumar, Byungkwan Jung +1 more

The paper introduces STRIKE, a multi-dimensional structured taxonomy designed to provide a comprehensive and unified framework for classifying the rapidly evolving complexity of modern cybercrimes.

View →
cs.CRRecentMay 18, 2026

Bridging the Cybersecurity Gap Between Web2 and Web3 -- An Incident-Based Analysis of Organizational and Application-Level Security Failures

Tarkan Yavas, Arslan Brömme

This paper analyzes high-impact Web3 security incidents to show that most losses stem from off-chain organizational and operational failures, not just smart contract bugs.

View →
cs.CRcs.CYRecentApr 26, 2026

Analysis of Personal Data Exposure in Thailand

Suphannee Sivakorn, Sasawat Malaivongs, Nuttaya Rujiratanapat

This study analyzed the online exposure of Thai National Identification Numbers and other sensitive personal data, revealing over 1.2 million records, primarily originating from government websites, w…

View →