Högskolan i Skövde

his.sePublikationer
EnglishSvenskaNorsk
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Towards Agile Cybersecurity Risk Management for Autonomous Software Engineering Teams
Department of Information and Communication Technology, Swedish Transport Administration, Borlänge, Sweden.ORCID-id: 0000-0001-6327-3565
Information Systems, Luleå University of Technology, Sweden.ORCID-id: 0000-0003-1692-5721
2022 (Engelska)Ingår i: Journal of Cybersecurity and Privacy, E-ISSN 2624-800X, Vol. 2, nr 2, s. 276-291Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

In this study, a framework was developed, based on a literature review, to help managers incorporate cybersecurity risk management in agile development projects. The literature review used predefined codes that were developed by extending previously defined challenges in the literature—for developing secure software in agile projects—to include aspects of agile cybersecurity risk management. Five steps were identified based on the insights gained from how the reviewed literature has addressed each of the challenges: (1) risk collection; (2) risk refinement; (3) risk mitigation; (4) knowledge transfer; and (5) escalation. To assess the appropriateness of the identified steps, and to determine their inclusion or exclusion in the framework, a survey was submitted to 145 software developers using a four-point Likert scale to measure the attitudes towards each step. The resulting framework presented herein serves as a starting point to help managers and developers structure their agile projects in terms of cybersecurity risk management, supporting less overloaded agile processes, stakeholder insights on relevant risks, and increased security assurance.
Ort, förlag, år, upplaga, sidor
MDPI, 2022. Vol. 2, nr 2, s. 276-291
Nyckelord [en]
agile methods, risk management, cybersecurity, agile risk management
Nationell ämneskategori
Programvaruteknik
Identifikatorer
URN: urn:nbn:se:his:diva-22958DOI: 10.3390/jcp2020015OAI: oai:DiVA.org:his-22958DiVA, id: diva2:1779649
Anmärkning

CC BY 4.0

Funding: This research received no external funding.

Tillgänglig från: 2023-07-04 Skapad: 2023-07-04 Senast uppdaterad: 2025-09-29Bibliografiskt granskad

Open Access i DiVA

fulltext(555 kB)232 nedladdningar
Filinformation
Filnamn FULLTEXT01.pdfFilstorlek 555 kBChecksumma SHA-512
e1a5fe221335a96b9dc15450c3b4d413c0ccce323fb6aa5a00d9e8cc46744d495a85025210c105af6bd4c7dcba2116dea57c45b73a3a891ad987025fc454ea62
Typ fulltextMimetyp application/pdf

Övriga länkar

Förlagets fulltext

Person

Lundgren, Martin

Sök vidare i DiVA

Av författaren/redaktören
Salin, HannesLundgren, Martin
I samma tidskrift
Journal of Cybersecurity and Privacy
Programvaruteknik

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 232 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 258 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Högskolebiblioteket i Skövde
|
Kontakt