Next Article in Journal
The Relationship between Perceived Health Message Motivation and Social Cognitive Beliefs in Persuasive Health Communication
Previous Article in Journal
Impresso Inspect and Compare. Visual Comparison of Semantically Enriched Historical Newspaper Articles
 
 
Article

Obérisk: Cybersecurity Requirements Elicitation through Agile Remote or Face-to-Face Risk Management Brainstorming Sessions

1
Thales Research & Technology, 91767 Palaiseau, France
2
Chair of Naval Cyber Defense, Ecole Navale, 29160 Lanvéoc, France
*
Authors to whom correspondence should be addressed.
Academic Editor: Nicolas Guelfi
Information 2021, 12(9), 349; https://doi.org/10.3390/info12090349
Received: 9 July 2021 / Revised: 16 August 2021 / Accepted: 18 August 2021 / Published: 27 August 2021
(This article belongs to the Section Information and Communications Technology)
Cyberattacks make the news daily. Systems must be appropriately secured. Cybersecurity risk analyses are more than ever necessary, but… traveling and gathering in a room to discuss the topic has become difficult due to the COVID, whilst having a cybersecurity expert working isolated with an electronic support tool is clearly not the solution. In this article, we describe and illustrate Obérisk, an agile, cross-disciplinary and Obeya-like approach to risk management that equally supports face-to-face or remote risk management brainstorming sessions. The approach has matured for the last three years by using it for training and a wide range of real industrial projects. The overall approach is detailed and illustrated on a naval use case, with extensive feedback from the end-users. We show that Obérisk is really time-efficient and effective at managing risks at the early stages of a project, whilst remaining extremely low-cost. As the project grows or when the system is deployed, it may eventually be necessary to shift to a more comprehensive commercial electronic support tool. View Full-Text
Keywords: risk management; EBIOS; face-to-face; remote; agile; brainstorming; inter/cross-disciplinary; obeya; posters; sticky notes; cybersecurity requirements; naval/ship use case risk management; EBIOS; face-to-face; remote; agile; brainstorming; inter/cross-disciplinary; obeya; posters; sticky notes; cybersecurity requirements; naval/ship use case
Show Figures

Figure 1

MDPI and ACS Style

Paul, S.; Naouar, D.; Gureghian, E. Obérisk: Cybersecurity Requirements Elicitation through Agile Remote or Face-to-Face Risk Management Brainstorming Sessions. Information 2021, 12, 349. https://doi.org/10.3390/info12090349

AMA Style

Paul S, Naouar D, Gureghian E. Obérisk: Cybersecurity Requirements Elicitation through Agile Remote or Face-to-Face Risk Management Brainstorming Sessions. Information. 2021; 12(9):349. https://doi.org/10.3390/info12090349

Chicago/Turabian Style

Paul, Stéphane, Douraid Naouar, and Emmanuel Gureghian. 2021. "Obérisk: Cybersecurity Requirements Elicitation through Agile Remote or Face-to-Face Risk Management Brainstorming Sessions" Information 12, no. 9: 349. https://doi.org/10.3390/info12090349

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop