Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks

Evaluating the awareness of security among users plays a critical role in safeguarding Industrial Control Systems (ICSs) against social engineering attacks. This study was conducted to assess the impact of cybersecurity awareness on the response to cybersecurity incidents within ICSs. Furthermore, this research has incorporated various measures and frameworks related to cybersecurity emergency response processes, culminating in the proposal of a comprehensive new organizational model for responding to cybersecurity incidents. Notably, the study revealed that when security awareness measures are introduced alongside response control measures, the relative importance of other control measures undergoes a shift. These research findings underscore the significance of cybersecurity awareness and seek to encourage ICSs to prioritize the awareness of their staff regarding cybersecurity incidents. Doing so can effectively mitigate the occurrence of cybersecurity incidents and enable industrial control application agencies to respond more swiftly, thereby restoring normal operations promptly.