Defining Cyber Security and Cyber Security Risk within a Multidisciplinary Context using Expert Elicitation.

It is important to have and use standardized terminology and develop a comprehensive common understanding of what is meant by cyber security and cyber security risk given the multidisciplinary nature of cyber security and the pervasiveness of cyber security concerns throughout society. Using expert elicitation methods, collaborating cyber researchers from multiple disciplines and two sectors (academia, government-military) were individually interviewed and asked to define cyber security and cyber security risk. Data-driven thematic analysis was used to identify the most salient themes within each definition, sector, and cyber expert group as a whole with results compared to current standards definitions.