One can readily find computer and network security courses in most computer science departments, but we are likely overly ambitious calling computer security a science. The profession certainly has the aspects of an art, and it is fair to call much of the work engineering, but it lacks the rigor and objectivity of a science when put into practice. Security metrics are highly desired, but they are difficult to come by. In fact, developing objective security metrics is considered to be one of the grand challenges of the field
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...