A cyber exercise post assessment framework: In Malaysia perspectives

Critical infrastructures are based on complex systems that provide vital services to the nation. The complexities of the interconnected networks, each managed by individual organisations, if not properly secured, could offer vulnerabilities that threaten other organisations’ systems that depend on their services. This thesis argues that the awareness of interdependencies among critical sectors needs to be increased. Managing and securing critical infrastructure is not isolated responsibility of a government or an individual organisation. There is a need for a strong collaboration among critical service providers of public and private organisations in protecting critical information infrastructure. Cyber exercises have been incorporated in national cyber security strategies as part of critical information infrastructure protection. However, organising a cyber exercise involved multi sectors is challenging due to the diversity of participants’ background, working environments and incidents response policies. How well the lessons learned from the cyber exercise and how it can be transferred to the participating organisations is still a looming question. In order to understand the implications of cyber exercises on what participants have learnt and how it benefits participants’ organisation, a Cyber Exercise Post Assessment (CEPA) framework was proposed in this research. The CEPA framework consists of two parts. The first part aims to investigate the lessons learnt by participants from a cyber exercise using the four levels of the Kirkpatrick Training Model to identify their perceptions on reaction, learning, behaviour and results of the exercise. The second part investigates the Organisation Cyber Resilience (OCR) of participating sectors. The framework was used to study the impact of the cyber exercise called X Maya in Malaysia. Data collected through interviews with X Maya 5 participants were coded and categorised based on four levels according to the Kirkpatrick Training Model, while online surveys distributed to ten Critical National Information Infrastructure (CNII) sectors participated in the exercise. The survey used the C-Suite Executive Checklist developed by World Economic Forum in 2012. To ensure the suitability of the tool used to investigate the OCR, a reliability test conducted on the survey items showed high internal consistency results. Finally, individual OCR scores were used to develop the OCR Maturity Model to provide the organisation cyber resilience perspectives of the ten CNII sectors.

A preliminary examination of the relationship between compulsive exercise and shame in individuals with an eating disorder: and clinical research portfolio

Objective: To explore the relationship between compulsive exercise and shame in a clinical sample of eating disorder patients. Method: In a cross-sectional study, individuals with an eating disorder (n=21) completed self-report measures of compulsive exercise, internal shame, external shame, bodily shame, anxiety and depression. Results: Internal shame was moderately associated with compulsive exercise (r=.496, p<.05). No further variables were significantly related to compulsive exercise. Individuals with Anorexia-Nervosa and Bulimia-Nervosa did not significantly differ on any of the study variables. Discussion: Hypotheses regarding the possible nature of the relationship between compulsive exercise and shame are suggested. For instance, that compulsive exercise may serve a role in the regulation of internal shame. That compulsive exercise may act as a compensatory behaviour and be a consequence of high levels of shame. Or that internal shame may result as a response to negative perceptions of one’s exercise habits. The results are discussed in line with current literature.