Filter articles by:
Date published
Article keywords
Article type

UC researchers work on knowledge graph to help small businesses tackle cyber security

Mike Verzosa

6 December 2023: Dr Rosetta Romano, Assistant Professor in Information Technology and Systems at the University of Canberra, aims to help educate small business owners on the importance of cyber security, as part of a new research project.

Dr Romano and fellow researchers from the Faculty of Science and Technology, Associate Professor Blooma John, Associate Professor Abu Barkat Ullah, and Assistant Professor Richa Awasthy, along with Canberra-based data management company Surround Australia, are currently developing a Cyber Security Standards and Frameworks Knowledge Graph for Australian small businesses.

“Large corporations are no stranger to cyber attacks, but they have more resources with which to bounce back and remain operational.  A micro business, small- or medium-sized enterprise (SME) could incur catastrophic losses that could essentially wipe them out,” said Dr Romano.

“The research team was looking at cyber security and thought that this was something we would like to focus on, and hopefully be able to make an impact for such businesses.”

Dr Rosetta Romano and her colleagues at a cyber security conference in New Zealand

The knowledge graph that Dr Romano and her colleagues are working on essentially looks at the many cyber security frameworks and standards that apply to all Australian businesses and analyses the relationships between them. It creates a data map of these relationships, highlighting important connections and where potential risks and data vulnerabilities may occur.

“For example, the international information security standard ISO 27002 gives 1,400 examples of things businesses should be doing to manage information security issues and risks related to people, physical objects, technology, and other things. If you’re a small business, where do you even start with that information?” said Dr Romano.

“The knowledge graph that we’re creating will take the data and simplify the information into something that is useful and easy to understand for business owners. It will educate them on what’s important and what to look out for in terms of cyber security.”

As part of the project, Dr Romano also collaborated with an illustrator and animator to produce a short animated video about the importance of cyber security, titled Know what the Crown Jewels are in your business.

“We were talking to some small business owners and they didn’t fully grasp the concept of cyber security and how it could impact them,” said Dr Romano.

“As teachers, we tried to figure out a way to deliver the message across in a simple and effective way and we felt like that was through an animated video.

“We wanted to take small businesses from the very beginning of the cyber security journey – understanding why you should worry about cyber security – and here’s a short three-minute video which clearly illustrates this.”

The video, and the researchers, have gained the support of the Australian Cyber Security Centre, paving the way for the next stage of the project which requires Dr Romano and her team to go out to more small businesses and test the depth of data in the knowledge graph by getting them to ask questions about cyber security.

“We measure whether the answers are in the knowledge graph and if they’re there, it means that we’re on the right track. If they ask questions and the answers are not in there, that likely means that certain interests are not covered by cyber security standard makers and developers,” Dr Romano said.

“Perhaps that means we’ve identified a knowledge gap which needs to be addressed on a bigger scale.”

With the growing number of small businesses around the country, Dr Romano is hoping that the testing phase will go smoothly and they can proceed to the next phase of the project, which is providing an online user interface for the knowledge graph, with which users can ask and search for frequently asked questions.

“Australian SMEs comprise more than 95 per cent of businesses in Australia and contribute to about 32 per cent of Australia’s total GDP. If we can invest more in providing cyber security education and resources for them, it will mean that we are investing in strengthening cyber security for Australia as a whole, and strengthening our economy at the same time.”

Image supplied.