SecSAGE: NIST Cybersecurity Framework Visualization on SAGE2
Issued Date
2024-07-01
Resource Type
eISSN
22869131
Scopus ID
2-s2.0-85201814853
Journal Title
ECTI Transactions on Computer and Information Technology
Volume
18
Issue
3
Start Page
417
End Page
428
Rights Holder(s)
SCOPUS
Bibliographic Citation
ECTI Transactions on Computer and Information Technology Vol.18 No.3 (2024) , 417-428
Suggested Citation
Sawangphol W., Khurat A., Niampradit N. SecSAGE: NIST Cybersecurity Framework Visualization on SAGE2. ECTI Transactions on Computer and Information Technology Vol.18 No.3 (2024) , 417-428. 428. doi:10.37936/ecti-cit.2024183.256034 Retrieved from: https://repository.li.mahidol.ac.th/handle/123456789/100680
Title
SecSAGE: NIST Cybersecurity Framework Visualization on SAGE2
Author(s)
Author's Affiliation
Corresponding Author(s)
Other Contributor(s)
Abstract
Cybersecurity has been an area of great interest for an organization, given the significance of data and the increasing cybersecurity threats. The National Institute of Standards and Technology (NIST) has developed a cybersecurity framework intended for voluntary utilization by critical infrastructure owners and operators. Its primary purpose is to aid in the effective management of cybersecurity risks. This framework, similar to many other security standards, comprises a substantial volume of textual information that can be challenging to grasp comprehensively in a limited timeframe. In response to this challenge, we designed and developed an interactive visualization of the NIST Cybersecurity Framework using the SAGE2 platform. Our objective is to facilitate a better understanding of the framework. In addition, using SAGE2 enhances collaborative working. In our project, we analyze the content within the NIST document and map the framework's five core functions into a rich visualization workflow. Each function includes categories, sub-categories, and references that users can interactively explore. Our experiments show that our visualization can help participants correctly find the information about the NIST Cybersecurity Framework faster than manually finding the information in the document. For all tasks, participants can complete the tasks around 4.25 times faster than the manual method on average.