搜索结果：Cybersecurity

Cybersecurity operations demand assistant LLMs that support diverse workflows without exposing sensitive data. Existing solutions either rely on proprietary APIs with privacy risks or on open models lacking domain adaptation. To bridge this gap, we curate 11.8B tokens of cybersecurity-focused continual pretraining data via large-scale web filtering and manual collection of high-quality resources, spanning 28.6K documents across frameworks, offensive techniques, and security tools. Building on this, we design an agentic augmentation pipeline that simulates expert workflows to generate 266K multi-turn cybersecurity samples for supervised fine-tuning. Combined with general open-source LLM data, these resources enable the training of RedSage, an open-source, locally deployable cybersecurity assistant with domain-aware pretraining and post-training. To rigorously evaluate the models, we introduce RedSage-Bench, a benchmark with 30K multiple-choice and 240 open-ended Q&A items covering cybersecurity knowledge, skills, and tool expertise. RedSage is further evaluated on established cybersecurity benchmarks (e.g., CTI-Bench, CyberMetric, SECURE) and general LLM benchmarks to assess bro

Cybersecurity awareness is shaped by a wide range of professional and personal experiences, including information and training at work and the sharing of news and other content at home. In order to explore how people discover cybersecurity content and the effect that participation in workplace training may have on this we present an online study of 1200 participants from the UK, US, France, and Germany. Those undertaking cybersecurity training at work showed reduced intention to share information at home, shifting the focus towards the workplace. They were also more likely to recall cybersecurity information shared by their employer than from any other source, which in turn correlated with content type and distribution channel. We critically reflect on this shift, highlighting opportunities to improve cybersecurity information sharing at work and at home.

Foundation models are increasingly becoming better autonomous programmers, raising the prospect that they could also automate dangerous offensive cyber-operations. Current frontier model audits probe the cybersecurity risks of such agents, but most fail to account for the degrees of freedom available to adversaries in the real world. In particular, with strong verifiers and financial incentives, agents for offensive cybersecurity are amenable to iterative improvement by would-be adversaries. We argue that assessments should take into account an expanded threat model in the context of cybersecurity, emphasizing the varying degrees of freedom that an adversary may possess in stateful and non-stateful environments within a fixed compute budget. We show that even with a relatively small compute budget (8 H100 GPU Hours in our study), adversaries can improve an agent's cybersecurity capability on InterCode CTF by more than 40\% relative to the baseline -- without any external assistance. These results highlight the need to evaluate agents' cybersecurity risk in a dynamic manner, painting a more representative picture of risk.

The increasing adoption of autonomous vehicles is bringing a major shift in the automotive industry. However, as these vehicles become more connected, cybersecurity threats have emerged as a serious concern. Protecting the security and integrity of autonomous systems is essential to prevent malicious activities that can harm passengers, other road users, and the overall transportation network. This paper focuses on addressing the cybersecurity issues in autonomous vehicles by examining the challenges and risks involved, which are important for building a secure future. Since autonomous vehicles depend on the communication between sensors, artificial intelligence, external infrastructure, and other systems, they are exposed to different types of cyber threats. A cybersecurity breach in an autonomous vehicle can cause serious problems, including a loss of public trust and safety. Therefore, it is very important to develop and apply strong cybersecurity measures to support the growth and acceptance of self-driving cars. This paper discusses major cybersecurity challenges like vulnerabilities in software and hardware, risks from wireless communication, and threats through external inte

Research into the ethics of cybersecurity is an established and growing topic of investigation, however the translation of this research into practice is lacking: there exists a small number of professional codes of ethics or codes of practice in cybersecurity, however these are very broad and do not offer much insight into the ethical dilemmas that can be faced while performing specific cybersecurity activities. In order to address this gap, we leverage ongoing work on the Cyber Security Body of Knowledge (CyBOK) to help elicit and document the responsibilities and ethics of the profession. Based on a literature review of the ethics of cybersecurity, we use CyBOK to frame the exploration of ethical challenges in the cybersecurity profession through a series of 15 interviews with cybersecurity experts. Our approach is qualitative and exploratory, aiming to answer the research question "What ethical challenges, insights, and solutions arise in different areas of cybersecurity?". Our findings indicate that there are broad ethical challenges across the whole of cybersecurity, but also that different areas of cybersecurity can face specific ethical considerations for which more detaile

This document presents a concise overview of the contemporary research directions in quantum computer cybersecurity. The aim of this document is not to be a survey, but rather a succinct summary of the major research directions in quantum computer cybersecurity at the end of the first half of the current decade. The document has been inspired by the presentations and discussions held at the 3$^{rd}$ Quantum Computer Cybersecurity Symposium, but goes beyond the contents of the symposium and aims to summarize at the high level the last five years of quantum computer cybersecurity work in academia. It is hoped that the document can provide researchers as well as government and industry leaders an overview of the current landscape of security threats and defenses against emergent quantum computing technologies. The document also includes a discussion of the current trends in cybersecurity research on quantum computers, and the perceived research gaps that should be filled with future funding and through academic and industry~research.

Smart homes are increasingly targeted by cyberattacks, yet residents often lack guidance when incidents occur. Since affected residents are likely to seek help from trustworthy sources, this paper asks: What actionable cybersecurity guidance do governments provide to smart home users whose systems have been compromised? To answer this question, we conduct an exploratory, user-centered review of governmental cybersecurity guidance for smart homes across eleven countries to identify and characterize the types of guidance governments provide and to systematize their content. Using a standardized search and screening process, we derive three emergent clusters: incident reporting, general security recommendations, and incident response. Our findings show that governments provide abundant general security advice and accessible reporting channels, but structured incident response guidance tailored to smart homes is rare. Only two sources offer step-by-step recovery guidance for non-expert users, highlighting a gap between preventive advice and post-incident support.

The advancement of Large Language Models (LLMs) has raised concerns regarding their dual-use potential in cybersecurity. Existing evaluation frameworks overwhelmingly focus on Information Technology (IT) environments, failing to capture the constraints, and specialized protocols of Operational Technology (OT). To address this gap, we introduce CritBench, a novel framework designed to evaluate the cybersecurity capabilities of LLM agents within IEC 61850 Digital Substation environments. We assess five state-of-the-art models, including OpenAI's GPT-5 suite and open-weight models, across a corpus of 81 domain-specific tasks spanning static configuration analysis, network traffic reconnaissance, and live virtual machine interaction. To facilitate industrial protocol interaction, we develop a domain-specific tool scaffold. Our empirical results show that agents reliably execute static structured-file analysis and single-tool network enumeration, but their performance degrades on dynamic tasks. Despite demonstrating explicit, internalized knowledge of the IEC 61850 standards terminology, current models struggle with the persistent sequential reasoning and state tracking required to mani

Offensive Robot Cybersecurity introduces a groundbreaking approach by advocating for offensive security methods empowered by means of automation. It emphasizes the necessity of understanding attackers' tactics and identifying vulnerabilities in advance to develop effective defenses, thereby improving robots' security posture. This thesis leverages a decade of robotics experience, employing Machine Learning and Game Theory to streamline the vulnerability identification and exploitation process. Intrinsically, the thesis uncovers a profound connection between robotic architecture and cybersecurity, highlighting that the design and creation aspect of robotics deeply intertwines with its protection against attacks. This duality -- whereby the architecture that shapes robot behavior and capabilities also necessitates a defense mechanism through offensive and defensive cybersecurity strategies -- creates a unique equilibrium. Approaching cybersecurity with a dual perspective of defense and attack, rooted in an understanding of systems architecture, has been pivotal. Through comprehensive analysis, including ethical considerations, the development of security tools, and executing cyber at

As technology increasingly integrates into farm settings, the food and agriculture sector has become vulnerable to cyberattacks. However, previous research has indicated that many farmers and food producers lack the cybersecurity education they require to identify and mitigate the growing number of threats and risks impacting the industry. This paper presents an ongoing research effort describing a cybersecurity initiative to educate various populations in the farming and agriculture community. The initiative proposes the development and delivery of a ten-module cybersecurity course, to create a more secure workforce, focusing on individuals who, in the past, have received minimal exposure to cybersecurity education initiatives.

A rapidly growing number of cybersecurity threats and incidents demands that Swedish organisations increase their efforts to improve their cybersecurity capacities. This paper presents results from interviews and a prior survey with key representatives from enterprises and public sector organisations in the Swedish region of Värmland in Inner Scandinavia, examining their cybersecurity readiness and needs for education and competence development. We discuss the generalizability of our findings and the extent to which they may be specific to Sweden and Värmland, and we conclude by proposing efforts to strengthen cybersecurity competences in Inner Scandinavia.

The U.S. public health system increased life expectancy by more than 30 years since 1900 through systematic data collection, evidence-based intervention, and coordinated response. This paper examines whether cybersecurity can benefit from similar organizational principles. We find that both domains exhibit public good characteristics: security improvements create positive externalities that individual actors cannot fully capture, leading to systematic market failure and underinvestment. Current cybersecurity lacks fundamental infrastructure including standardized population definitions, reliable outcome measurements, understanding of transmission mechanisms, and coordinated intervention testing. Drawing on public health's transformation from fragmented local responses to coordinated evidence-based discipline, we propose a national Cyber Public Health System for systematic data collection, standardized measurement, and coordinated response. We argue government coordination is economically necessary rather than merely beneficial, and outline specific federal roles in establishing standards, funding research, coordinating response, and addressing information asymmetries that markets c

The automotive industry has evolved significantly since the introduction of the Ford Model T in 1908. Today's vehicles are not merely mechanical constructs; they are integral components of a complex digital ecosystem, equipped with advanced connectivity features powered by Artificial Intelligence and cloud computing technologies. This evolution has enhanced vehicle safety, efficiency, and the overall driving experience. However, it also introduces new challenges, notably in cybersecurity. With the increasing integration of digital technologies, vehicles have become more susceptible to cyber-attacks, prompting significant cybersecurity concerns. These concerns include securing sensitive data, protecting vehicles from unauthorized access, and ensuring user privacy. In response, the automotive industry is compelled to adopt robust cybersecurity measures to safeguard both vehicles and data against potential threats. Legislative frameworks such as UNR155 and UNR156 by the United Nations, along with other international regulations, aim to establish stringent cybersecurity mandates. These regulations require compliance with comprehensive cybersecurity management systems and necessitate re

The introduction of Smart Electric Vehicles (SEVs) represents an increasingly disruption on automotive area, once integrates advanced computer and communication technologies to highly electrical cars, which come with high performances, environment friendly and user friendly characteristics . But the increasing complexity of SEVs prompted by greater dependence on interconnected systems, autonomous capabilities and electrification, presents new challenges in cybersecurity as well as functional safety. The safety and reliability of such vehicles is paramount, as unsafe or unreliable operation in either case represents an unacceptable risk in terms of the performance of the vehicle and safety of the passenger. This paper investigates the integrated development of cybersecurity and functional safety for SEVs, emphasizing the requirement for the parallel development of these domains as components that are not treated separately. In SEVs, cybersecurity is quite crucial in order to prevent the threats of hacking, data breaches and unauthorized access to vehicle systems. Functional safety ensures that important vehicle functions (braking, steering, battery control, etc.) keep working even i

Improving cybersecurity education has become a priority for many countries and organizations worldwide. Computing societies and professional associations have recognized cybersecurity as a distinctive computing discipline and created specialized cybersecurity curricular guidelines. Higher education institutions are introducing new cybersecurity programs, attracting students to this expanding field. In this paper, we examined 101 study programs across 24 countries. Based on their analysis, we argue that top-ranked universities have not yet fully implemented the guidelines and offer programs that have "cyber" in their name but lack some essential elements of a cybersecurity program. In particular, most programs do not sufficiently cover non-technical components, such as law, policies, or risk management. Also, most programs teach knowledge and skills but do not expose students to experiential learning outside the traditional classroom (such as internships) to develop their competencies. As a result, graduates of these programs may not meet employer expectations and may require additional training. To help program directors and educators improve their programs and courses, this paper

The promise of quantum computing is not speeding up conventional computing rather delivering an exponential advantage for certain classes of problems, with profound implications for cybersecurity for instance. With the advent and development of quantum computers, cyberspace security can surely become the most critical problem for the Internet in near future. On contrary, prosaic quantum technology can be promising to transform cybersecurity. This research aims to synthesize basic and fundamental studies concerning quantum cybersecurity that can be emerged both as a threat and solution to critical cybersecurity issues based on a systematic study. We provide a comprehensive, illustrative description of the current state-of-the-art quantum computing and cybersecurity and present the proposed approaches to date. Findings in quantum computing cybersecurity suggest that quantum computing can be adopted for the betterment of cybersecurity threats while it poses the most unexpected threats to cybersecurity. The focus and depth of this systematic survey not only provide quantum and cybersecurity practitioners and researchers with a consolidated body of knowledge about current trends in this

Governments around the world are required to strengthen their national cybersecurity capabilities to respond effectively to the growing, changing, and sophisticated cyber threats and attacks, thus protecting society and the way of life as a whole. Responsible government institutions need to revise, evaluate, and bolster their national cybersecurity capabilities to fulfill the new requirements, for example regarding new trends affecting cybersecurity, key supporting laws and regulations, and implementations risk and challenges. This report presents a comprehensive assessment instrument for cybersecurity at the national level in order to help countries to ensure optimum response capability and more effective use of critical resources of each state. More precisely, the report - builds a common understanding of the critical cybersecurity capabilities and competence to be assessed at the national level, - adds value to national strategic planning and implementation which impact the development and adaptation of national cybersecurity strategies, - provides an overview of the assessment approaches at the national level, including capabilities, frameworks, and controls, - introduces a com

Large language models (LLMs) can compile weighted graphs on natural language data to enable automatic coherence-driven inference (CDI) relevant to red and blue team operations in cybersecurity. This represents an early application of automatic CDI that holds near- to medium-term promise for decision-making in cybersecurity and eventually also for autonomous blue team operations.

In the dynamic realm of cybersecurity, awareness training is crucial for strengthening defenses against cyber threats. This survey examines a spectrum of cybersecurity awareness training methods, analyzing traditional, technology-based, and innovative strategies. It evaluates the principles, efficacy, and constraints of each method, presenting a comparative analysis that highlights their pros and cons. The study also investigates emerging trends like artificial intelligence and extended reality, discussing their prospective influence on the future of cybersecurity training. Additionally, it addresses implementation challenges and proposes solutions, drawing on insights from real-world case studies. The goal is to bolster the understanding of cybersecurity awareness training's current landscape, offering valuable perspectives for both practitioners and scholars.

Hands-on training sessions become a standard way to develop and increase knowledge in cybersecurity. As practical cybersecurity exercises are strongly process-oriented with knowledge-intensive processes, process mining techniques and models can help enhance learning analytics tools. The design of our open-source analytical dashboard is backed by guidelines for visualizing multivariate networks complemented with temporal views and clustering. The design aligns with the requirements for post-training analysis of a special subset of cybersecurity exercises -- supervised Capture the Flag games. Usability is demonstrated in a case study using trainees' engagement measurement to reveal potential flaws in training design or organization.