{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T22:12:08Z","timestamp":1772057528126,"version":"3.50.1"},"reference-count":69,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2024,9,27]],"date-time":"2024-09-27T00:00:00Z","timestamp":1727395200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,9,27]],"date-time":"2024-09-27T00:00:00Z","timestamp":1727395200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100009238","name":"Swedish Armed Forces","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100009238","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100004270","name":"Royal Institute of Technology","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100004270","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cogn Tech Work"],"published-print":{"date-parts":[[2024,11]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>In recent years, the Swedish public sector has undergone rapid digitalization, while cybersecurity efforts have not kept even steps. This study investigates conditions for cybersecurity work at Swedish administrative authorities by examining organizational conditions at the authorities, what cybersecurity staff do to acquire the cyber situation awareness required for their role, as well as what experience cybersecurity staff have with incidents. In this study, 17\u00a0semi-structured interviews were held with respondents from Swedish administrative authorities. The results showed the diverse conditions for cybersecurity work that exist at the authorities and that a variety of roles are involved in that work. It was found that national-level support for cybersecurity was perceived as somewhat lacking. There were also challenges in getting access to information elements required for sufficient cyber situation awareness.<\/jats:p>","DOI":"10.1007\/s10111-024-00779-1","type":"journal-article","created":{"date-parts":[[2024,9,27]],"date-time":"2024-09-27T05:01:54Z","timestamp":1727413314000},"page":"709-731","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Cybersecurity work at Swedish administrative authorities: taking action or waiting for approval"],"prefix":"10.1007","volume":"26","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1748-3769","authenticated-orcid":false,"given":"Annika","family":"Andreasson","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6903-9072","authenticated-orcid":false,"given":"Henrik","family":"Artman","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2677-9759","authenticated-orcid":false,"given":"Joel","family":"Brynielsson","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2017-7914","authenticated-orcid":false,"given":"Ulrik","family":"Franke","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,9,27]]},"reference":[{"key":"779_CR1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103352","volume":"132","author":"S Ainslie","year":"2023","unstructured":"Ainslie S, Thompson D, Maynard S et al (2023) Cyber-threat intelligence for security decision-making: a review and research agenda for practice. Comput Secur 132:103352. https:\/\/doi.org\/10.1016\/j.cose.2023.103352","journal-title":"Comput Secur"},{"key":"779_CR2","doi-asserted-by":"publisher","first-page":"602","DOI":"10.1016\/j.jbusres.2021.08.011","volume":"136","author":"J Amankwah-Amoah","year":"2021","unstructured":"Amankwah-Amoah J, Khan Z, Wood G et al (2021) COVID-19 and digitalization: the great acceleration. J Bus Res 136:602\u2013611. https:\/\/doi.org\/10.1016\/j.jbusres.2021.08.011","journal-title":"J Bus Res"},{"key":"779_CR3","doi-asserted-by":"publisher","unstructured":"Andreasson A, Fallen N (2018) External cybersecurity incident reporting for resilience. In: Zdravkovic J, Grabis J, Nurcan S et\u00a0al (eds) Perspectives in business informatics research. Lecture notes in business information processing. Springer, Cham, pp 3\u201317. https:\/\/doi.org\/10.1007\/978-3-319-99951-7_1","DOI":"10.1007\/978-3-319-99951-7_1"},{"key":"779_CR4","doi-asserted-by":"publisher","unstructured":"Andreasson A, Artman H, Brynielsson J et\u00a0al (2020) A census of Swedish government administrative authority employee communications on cybersecurity during the COVID-19 pandemic. In: Proceedings of the 2020 IEEE\/ACM international conference on advances in social networks analysis and mining (ASONAM 2020). IEEE, Piscataway, NJ, pp 727\u2013733. https:\/\/doi.org\/10.1109\/ASONAM49781.2020.9381324","DOI":"10.1109\/ASONAM49781.2020.9381324"},{"key":"779_CR5","doi-asserted-by":"publisher","unstructured":"Andreasson A, Artman H, Brynielsson J et\u00a0al (2021) A census of Swedish public sector employee communication on cybersecurity during the COVID-19 pandemic. In: 2021 international conference on cyber situational awareness, data analytics and assessment (CyberSA). IEEE, Piscataway, NJ, pp 1\u20138. https:\/\/doi.org\/10.1109\/CyberSA52016.2021.9478241","DOI":"10.1109\/CyberSA52016.2021.9478241"},{"issue":"4","key":"779_CR6","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1007\/s101110050020","volume":"1","author":"H Artman","year":"1999","unstructured":"Artman H, W\u00e6rn Y (1999) Distributed cognition in an emergency co-ordination center. Cogn Technol Work 1(4):237\u2013246. https:\/\/doi.org\/10.1007\/s101110050020","journal-title":"Cogn Technol Work"},{"key":"779_CR7","doi-asserted-by":"publisher","unstructured":"Ask TF, Kullman K, S\u00fctterlin S et al (2023) A 3D mixed reality visualization of network topology and activity results in better dyadic cyber team communication and cyber situational awareness. Front Big Data. https:\/\/doi.org\/10.3389\/fdata.2023.1042783","DOI":"10.3389\/fdata.2023.1042783"},{"key":"779_CR8","doi-asserted-by":"publisher","unstructured":"Atzeni A, Cameroni C, Faily S et\u00a0al (2011) Here\u2019s Johnny: a methodology for developing attacker personas. In: 2011 sixth international conference on availability, reliability and security (ARES 2011), pp 722\u2013727. https:\/\/doi.org\/10.1109\/ARES.2011.115","DOI":"10.1109\/ARES.2011.115"},{"key":"779_CR9","doi-asserted-by":"publisher","unstructured":"Baumard P (2017) Cybersecurity in France. SpringerBriefs in cybersecurity. Springer, Cham. https:\/\/doi.org\/10.1007\/978-3-319-54308-6","DOI":"10.1007\/978-3-319-54308-6"},{"issue":"3","key":"779_CR10","doi-asserted-by":"publisher","first-page":"449","DOI":"10.1111\/gove.12309","volume":"31","author":"S Boeke","year":"2018","unstructured":"Boeke S (2018) National cyber crisis management: different European approaches. Governance 31(3):449\u2013464. https:\/\/doi.org\/10.1111\/gove.12309","journal-title":"Governance"},{"issue":"2","key":"779_CR11","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1191\/1478088706qp063oa","volume":"3","author":"V Braun","year":"2006","unstructured":"Braun V, Clarke V (2006) Using thematic analysis in psychology. Qual Res Psychol 3(2):77\u2013101. https:\/\/doi.org\/10.1191\/1478088706qp063oa","journal-title":"Qual Res Psychol"},{"key":"779_CR12","doi-asserted-by":"publisher","unstructured":"Brynielsson J, Franke U, Tariq MA et\u00a0al (2016a) Using cyber defense exercises to obtain additional data for attacker profiling. In: Proceedings of the 14th IEEE international conference on intelligence and security informatics (ISI 2016). IEEE, Piscataway, NJ, pp 37\u201342. https:\/\/doi.org\/10.1109\/ISI.2016.7745440","DOI":"10.1109\/ISI.2016.7745440"},{"key":"779_CR13","doi-asserted-by":"publisher","unstructured":"Brynielsson J, Franke U, Varga S (2016b) Cyber situational awareness testing. In: Akhgar B, Brewster B (eds) Combatting cybercrime and cyberterrorism: challenges, trends and priorities. Advanced sciences and technologies for security applications. Springer, Cham, chap\u00a012, pp 209\u2013233. https:\/\/doi.org\/10.1007\/978-3-319-38930-1_12","DOI":"10.1007\/978-3-319-38930-1_12"},{"key":"779_CR14","doi-asserted-by":"publisher","unstructured":"Caruson K, MacManus SA, McPhee BD (2012) Cybersecurity policy-making at the local government level: an analysis of threats, preparedness, and bureaucratic roadblocks to success. J Homel Secur Emerg Manag. https:\/\/doi.org\/10.1515\/jhsem-2012-0003","DOI":"10.1515\/jhsem-2012-0003"},{"key":"779_CR15","doi-asserted-by":"publisher","unstructured":"Cavelty MD (2014) Cybersecurity in Switzerland. SpringerBriefs in cybersecurity. Springer, Cham. https:\/\/doi.org\/10.1007\/978-3-319-10620-5","DOI":"10.1007\/978-3-319-10620-5"},{"key":"779_CR16","doi-asserted-by":"publisher","unstructured":"Cha\u0142ubi\u0144ska-Jentkiewicz K (2022) Cybersecurity as a public task in administration. Springer, Cham, pp 191\u2013208. https:\/\/doi.org\/10.1007\/978-3-030-78551-2_13","DOI":"10.1007\/978-3-030-78551-2_13"},{"issue":"1","key":"779_CR17","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1111\/j.1540-6210.2007.00827.x","volume":"67","author":"LK Comfort","year":"2007","unstructured":"Comfort LK (2007) Crisis management in hindsight: cognition, communication, coordination, and control. Public Admin Rev 67(1):189\u2013197. https:\/\/doi.org\/10.1111\/j.1540-6210.2007.00827.x","journal-title":"Public Admin Rev"},{"key":"779_CR18","unstructured":"Conti G, Nelson J, Raymond D (2013) Towards a cyber common operating picture. In: 2013 5th international conference on cyber conflict (CYCON 2013). IEEE, Piscataway, NJ, pp 1\u201317"},{"key":"779_CR19","volume-title":"The inmates are running the asylum: why high-tech products drive us crazy and how to restore the sanity","author":"A Cooper","year":"2004","unstructured":"Cooper A (2004) The inmates are running the asylum: why high-tech products drive us crazy and how to restore the sanity, 2nd edn. Sams Publishing, Indianapolis","edition":"2"},{"key":"779_CR20","unstructured":"Council of the European Union (2016) Council regulation (EU) no 679\/2016 (GDPR). https:\/\/eur-lex.europa.eu\/legal-content\/EN\/ALL\/?uri=CELEX%3A32016R0679"},{"key":"779_CR21","doi-asserted-by":"publisher","unstructured":"Dayaratne TT, Jaigirdar FT, Dasgupta R et\u00a0al (2023) Improving cybersecurity situational awareness in smart grid environments. In: Haes\u00a0Alhelou H, Hatziargyriou N, Dong ZY (eds) Power systems cybersecurity: methods, concepts, and best practices. Springer, Cham, pp 115\u2013134. https:\/\/doi.org\/10.1007\/978-3-031-20360-2_5","DOI":"10.1007\/978-3-031-20360-2_5"},{"key":"779_CR22","unstructured":"Department for Digital, Culture, Media and Sport (2022) UK digital strategy. Policy paper, Department for Digital, Culture, Media and Sport. https:\/\/assets.publishing.service.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/1089103\/UK_Digital_Strategy_web_accessible.pdf"},{"issue":"1","key":"779_CR23","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1518\/001872095779049543","volume":"37","author":"MR Endsley","year":"1995","unstructured":"Endsley MR (1995) Toward a theory of situation awareness in dynamic systems. Hum Fact 37(1):32\u201364. https:\/\/doi.org\/10.1518\/001872095779049543","journal-title":"Hum Fact"},{"issue":"1","key":"779_CR24","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1177\/1555343415572631","volume":"9","author":"MR Endsley","year":"2015","unstructured":"Endsley MR (2015) Situation awareness misconceptions and misunderstandings. J Cogn Eng Decis Mak 9(1):4\u201332. https:\/\/doi.org\/10.1177\/1555343415572631","journal-title":"J Cogn Eng Decis Mak"},{"key":"779_CR25","unstructured":"European Commission (2021) EU countries commit to leading the green digital transformation | Shaping Europe\u2019s digital future. https:\/\/digital-strategy.ec.europa.eu\/en\/news\/eu-countries-commit-leading-green-digital-transformation"},{"key":"779_CR26","unstructured":"European Commission (2022) Digital Economy and Society Index (DESI) (2022). https:\/\/digital-strategy.ec.europa.eu\/en\/library\/digital-economy-and-society-index-desi-2022"},{"issue":"8","key":"779_CR27","doi-asserted-by":"publisher","first-page":"558","DOI":"10.1177\/02750740221125432","volume":"52","author":"A Frandell","year":"2022","unstructured":"Frandell A, Feeney M (2022) Cybersecurity threats in local government: a sociotechnical perspective. Am Rev Public Admin 52(8):558\u2013572. https:\/\/doi.org\/10.1177\/02750740221125432","journal-title":"Am Rev Public Admin"},{"key":"779_CR28","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2014.06.008","volume":"46","author":"U Franke","year":"2014","unstructured":"Franke U, Brynielsson J (2014) Cyber situational awareness: a systematic review of the literature. Comput Secur 46:18\u201331. https:\/\/doi.org\/10.1016\/j.cose.2014.06.008","journal-title":"Comput Secur"},{"key":"779_CR29","doi-asserted-by":"publisher","unstructured":"Franke U, Turell J, Johansson I (2021) The cost of incidents in essential services\u2014data from Swedish NIS reporting. In: 16th international conference on critical information infrastructures security (CRITIS 2021). Springer, Cham, pp 116\u2013129. https:\/\/doi.org\/10.1007\/978-3-030-93200-8_7","DOI":"10.1007\/978-3-030-93200-8_7"},{"key":"779_CR30","doi-asserted-by":"publisher","unstructured":"Franke U, Andreasson A, Artman H et\u00a0al (2022) Cyber situational awareness issues and challenges. In: Moustafa AA (ed) Cybersecurity and cognitive science. Academic Press, pp 235\u2013265. https:\/\/doi.org\/10.1016\/B978-0-323-90570-1.00015-2","DOI":"10.1016\/B978-0-323-90570-1.00015-2"},{"key":"779_CR31","unstructured":"Government Offices of Sweden (2017) A national cyber security strategy. Tech. Rep. Skr. 2016\/17:2013, Regeringskansliet. https:\/\/www.government.se\/legal-documents\/2017\/11\/skr.-201617213\/"},{"issue":"3","key":"779_CR32","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3384471","volume":"1","author":"RS Gutzwiller","year":"2020","unstructured":"Gutzwiller RS, Dykstra J, Payne B (2020) Gaps and opportunities in situational awareness for cybersecurity. Dig Threats Res Pract 1(3):1\u20136. https:\/\/doi.org\/10.1145\/3384471","journal-title":"Dig Threats Res Pract"},{"issue":"2","key":"779_CR33","doi-asserted-by":"publisher","first-page":"302","DOI":"10.1080\/23738871.2020.1792956","volume":"5","author":"W Hatcher","year":"2020","unstructured":"Hatcher W, Meares WL, Heslen J (2020) The cybersecurity of municipalities in the United States: an exploratory survey of policies and practices. J Cyber Policy 5(2):302\u2013325. https:\/\/doi.org\/10.1080\/23738871.2020.1792956","journal-title":"J Cyber Policy"},{"key":"779_CR34","unstructured":"HSLF-FS 2020:12 Folkh\u00e4lsomyndighetens f\u00f6reskrifter och allm\u00e4nna r\u00e5d om allas ansvar att f\u00f6rhindra smitta av covid-19 m.m. [Regulation and general guidelines on everyone\u2019s responsibility to prevent the spread of COVID-19, etc.] (2020). https:\/\/www.folkhalsomyndigheten.se\/contentassets\/0ac7c7d33c124428baa198728f813151\/hslf-fs-2020-12u.pdf"},{"key":"779_CR35","doi-asserted-by":"publisher","unstructured":"Hus\u00e1k M, Bajto\u0161 T, Ka\u0161par J et\u00a0al (2020) Predictive cyber situational awareness and personalized blacklisting: a sequential rule mining approach. ACM Trans Manag Inf Syst 11(4):19:1\u201319:16. https:\/\/doi.org\/10.1145\/3386250","DOI":"10.1145\/3386250"},{"key":"779_CR36","unstructured":"ISO\/IEC 27001:2017 Information technology. Security techniques. Information security management systems. Requirements, (2017) Standard. International Organization for Standardization, Geneva, Switzerland"},{"key":"779_CR37","unstructured":"ITU (2020) Global Cybersecurity Index (GCI) 2020. International Telecommunication Union, Geneva, Switzerland. https:\/\/www.itu.int\/epublications\/publication\/D-STR-GCI.01-2021-HTM-E"},{"key":"779_CR38","doi-asserted-by":"publisher","first-page":"57525","DOI":"10.1109\/ACCESS.2022.3178195","volume":"10","author":"L Jiang","year":"2022","unstructured":"Jiang L, Jayatilaka A, Nasim M et al (2022) Systematic literature review on cyber situational awareness visualizations. IEEE Access 10:57525\u201357554. https:\/\/doi.org\/10.1109\/ACCESS.2022.3178195","journal-title":"IEEE Access"},{"key":"779_CR39","unstructured":"Lindstr\u00f6m K (2022) Invasionen i Ukraina satte cyberkriget i fokus\u20142022 ett dystert \u00e5r f\u00f6r it-s\u00e4kerheten [The invasion of Ukraine put cyber war in focus\u20142022 a gloomy year for IT security]. Computer Sweden. https:\/\/computersweden.idg.se\/2.2683\/1.774368\/invasionen-i-ukraina-satte-cyberkriget-i-fokus"},{"key":"779_CR40","doi-asserted-by":"publisher","unstructured":"McKenna S, Staheli D, Meyer M (2015) Unlocking user-centered design methods for building cyber security visualizations. In: Proceedings of the 2015 IEEE symposium on visualization for cyber security (VizSec 2015). IEEE, Piscataway, NJ, pp 1\u20138. https:\/\/doi.org\/10.1109\/VIZSEC.2015.7312771","DOI":"10.1109\/VIZSEC.2015.7312771"},{"key":"779_CR41","unstructured":"Ministry of Finance (2022) National Strategy for Digitalisation\u2014together in the digital development. Tech. rep., Ministry of Finance, Denmark. https:\/\/en.digst.dk\/media\/27861\/national-strategy-for-digitalisation-together-in-the-digital-development.pdf"},{"issue":"3\u20134","key":"779_CR42","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1016\/j.ijcip.2010.10.002","volume":"3","author":"T Moore","year":"2010","unstructured":"Moore T (2010) The economics of cybersecurity: principles and policy options. Int J Crit Infrastruct Prot 3(3\u20134):103\u2013117. https:\/\/doi.org\/10.1016\/j.ijcip.2010.10.002","journal-title":"Int J Crit Infrastruct Prot"},{"key":"779_CR43","unstructured":"MSB (2022) En inblick i Sveriges cybers\u00e4kerhet \u2013\u00c5rsrapport it-incidentrapportering 2021 [An insight into Sweden\u2019s cybersecurity \u2013 Annual report cyber incident reporting 2021]. Publ. MSB1913, Swedish Civil Contingencies Agency, Karlstad, Sweden"},{"key":"779_CR44","unstructured":"MSBFS 2020:6 F\u00f6reskrifter om informationss\u00e4kerhet f\u00f6r statliga myndigheter [Regulation on Information Security for Government Agencies] (2020) https:\/\/www.msb.se\/siteassets\/dokument\/regler\/forfattningar\/msbfs-2020-6-foreskrifter-om-informationssakerhet-for-statliga-myndigheter.pdf"},{"key":"779_CR45","unstructured":"MSBFS 2020:7 F\u00f6reskrifter om s\u00e4kerhets\u00e5tg\u00e4rder i informationssystem f\u00f6r statliga myndigheter [Regulation on Security Controls for Information Systems for Government Agencies] (2020) https:\/\/www.msb.se\/siteassets\/dokument\/regler\/forfattningar\/msbfs-2020-7-foreskrifter-om-sakerhetsatgarder-i-informationssystem-for-statliga-myndigheter.pdf"},{"key":"779_CR46","unstructured":"MSBFS 2020:8 F\u00f6reskrifter om rapportering av it-incidenter f\u00f6r statliga myndigheter [Regulation on Incident Reporting for Government Agencies] (2020) https:\/\/www.msb.se\/siteassets\/dokument\/regler\/forfattningar\/msbfs-2020-8-foreskrifter-om-rapportering-av-it-incidenter-for-statliga-myndigheter.pdf"},{"key":"779_CR47","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103368","volume":"132","author":"B Munsinger","year":"2023","unstructured":"Munsinger B, Beebe N, Richardson T (2023) Virtual reality for improving cyber situational awareness in security operations centers. Comput Secur 132:103368. https:\/\/doi.org\/10.1016\/j.cose.2023.103368","journal-title":"Comput Secur"},{"key":"779_CR48","first-page":"405","volume":"2","author":"M Naarttij\u00e4rvi","year":"2019","unstructured":"Naarttij\u00e4rvi M (2019) Rapporteringskrav vid incidenter i myndigheters informationssystem: i sp\u00e4nningsf\u00e4ltet mellan krisberedskap och r\u00e4ttighetsskydd [Reporting requirements for incidents in government information systems: navigating the tension between crisis preparedness and rights protection]. Juridisk Tidskrift 2:405\u2013431","journal-title":"Juridisk Tidskrift"},{"key":"779_CR49","doi-asserted-by":"publisher","unstructured":"Nafees MN, Saxena N, Cardenas A et al (2023) Smart grid cyber-physical situational awareness of complex operational technology attacks: a review. ACM Comput Surv 55(10):215:1\u2013215:36. https:\/\/doi.org\/10.1145\/3565570","DOI":"10.1145\/3565570"},{"key":"779_CR50","unstructured":"Nederland Digitaal (2021) The Dutch Digitalization Strategy 2021. Tech. rep., Nederland Digitaal. https:\/\/www.nederlanddigitaal.nl\/documenten\/publicaties\/2021\/06\/22\/the-dutch-digitalisation-strategy-2021-eng"},{"issue":"8","key":"779_CR51","doi-asserted-by":"publisher","first-page":"1173","DOI":"10.1080\/07352166.2020.1727295","volume":"43","author":"DF Norris","year":"2021","unstructured":"Norris DF, Mateczun L, Joshi A et al (2021) Managing cybersecurity at the grassroots: evidence from the first nationwide survey of local government cybersecurity. J Urb Aff 43(8):1173\u20131195. https:\/\/doi.org\/10.1080\/07352166.2020.1727295","journal-title":"J Urb Aff"},{"key":"779_CR52","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103069","volume":"126","author":"HJ Ofte","year":"2023","unstructured":"Ofte HJ, Katsikas S (2023) Understanding situation awareness in SOCs, a systematic literature review. Comput Secur 126:103069. https:\/\/doi.org\/10.1016\/j.cose.2022.103069","journal-title":"Comput Secur"},{"key":"779_CR53","volume-title":"Qualitative research & evaluation methods","author":"MQ Patton","year":"2002","unstructured":"Patton MQ (2002) Qualitative research & evaluation methods, 3rd edn. SAGE, London","edition":"3"},{"key":"779_CR54","doi-asserted-by":"crossref","unstructured":"Rampin R, Rampin V (2021) Taguette: open-source qualitative data analysis. J Open Source Softw 6(68):3522. https:\/\/doi.org\/10.21105\/joss.03522","DOI":"10.21105\/joss.03522"},{"key":"779_CR55","unstructured":"Regeringskansliet (2017) F\u00f6r ett h\u00e5llbart digitaliserat Sverige\u2014en digitaliseringsstrategi [For a sustainable digitalized Sweden\u2014a digitalization strategy]. Tech. rep., Statsr\u00e5dsberedningen, https:\/\/www.regeringen.se\/contentassets\/c9bc0cd3a4374f9388e714ae7fb1ec1d\/for-ett-hallbart-digitaliserat-sverige-en-digitaliseringsstrategi.pdf"},{"issue":"4","key":"779_CR56","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1080\/14639220701561775","volume":"9","author":"PM Salmon","year":"2008","unstructured":"Salmon PM, Stanton NA, Walker GH et al (2008) What really is going on? Review of situation awareness models for individuals and teams. Theor Iss Ergon Sci 9(4):297\u2013323. https:\/\/doi.org\/10.1080\/14639220701561775","journal-title":"Theor Iss Ergon Sci"},{"key":"779_CR57","doi-asserted-by":"publisher","unstructured":"Schallbruch M, Skierka I (2018) Cybersecurity in Germany. SpringerBriefs in cybersecurity. Springer, Cham. https:\/\/doi.org\/10.1007\/978-3-319-90014-8","DOI":"10.1007\/978-3-319-90014-8"},{"key":"779_CR58","unstructured":"SFS 2009:400 Offentlighets- och sekretesslag [Public Access to Information and Secrecy Act] (2009) https:\/\/www.riksdagen.se\/sv\/dokument-lagar\/dokument\/svensk-forfattningssamling\/offentlighets--och-sekretesslag-2009400_sfs-2009-400"},{"key":"779_CR59","unstructured":"SFS 2015:1052 F\u00f6rordning om krisberedskap och bevakningsansvariga myndigheters \u00e5tg\u00e4rder vid h\u00f6jd beredskap [Ordinance on Crisis Preparedness and Supervisory Authorities\u2019 Actions at Heightened Alert] (2015) https:\/\/www.riksdagen.se\/sv\/dokument-lagar\/dokument\/svensk-forfattningssamling\/forordning-20151052-om-krisberedskap-och_sfs-2015-1052"},{"key":"779_CR60","unstructured":"SFS 2018:585 S\u00e4kerhetsskyddslag [Protective Security Act] (2018) https:\/\/riksdagen.se\/sv\/dokument-lagar\/dokument\/svensk-forfattningssamling\/sakerhetsskyddslag-2018585_sfs-2018-585"},{"key":"779_CR61","doi-asserted-by":"publisher","DOI":"10.1016\/j.ssci.2021.105381","volume":"142","author":"K Steen-Tveit","year":"2021","unstructured":"Steen-Tveit K, Munkvold BE (2021) From common operational picture to common situational understanding: an analysis based on practitioner perspectives. Saf Sci 142:105381. https:\/\/doi.org\/10.1016\/j.ssci.2021.105381","journal-title":"Saf Sci"},{"issue":"1","key":"779_CR62","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1109\/MSEC.2019.2945309","volume":"18","author":"P Sterlini","year":"2020","unstructured":"Sterlini P, Massacci F, Kadenko N et al (2020) Governance challenges for European cybersecurity policies: stakeholder views. IEEE Secur Priv 18(1):46\u201354. https:\/\/doi.org\/10.1109\/MSEC.2019.2945309","journal-title":"IEEE Secur Priv"},{"issue":"3","key":"779_CR63","doi-asserted-by":"publisher","first-page":"347","DOI":"10.1365\/s43439-023-00087-w","volume":"4","author":"DJB Svantesson","year":"2023","unstructured":"Svantesson DJB (2023) Australia\u2019s cyber security reform\u2014an update. Int Cybersecur Law Rev 4(3):347\u2013350. https:\/\/doi.org\/10.1365\/s43439-023-00087-w","journal-title":"Int Cybersecur Law Rev"},{"key":"779_CR64","unstructured":"Tanaka S, Flores J (2023) \u00d6verbelastningsattacker mot flera svenska sajter [Distributed denial of service attacks on several Swedish sites]. https:\/\/www.dn.se\/sverige\/overbelastningsattacker-mot-flera-svenska-sajter\/"},{"key":"779_CR65","doi-asserted-by":"publisher","unstructured":"Tariq MA, Brynielsson J, Artman H (2012) Framing the attacker in organized cybercrime. In: 2012 European intelligence and security informatics conference, IEEE, Piscataway, NJ, pp 30\u201337, https:\/\/doi.org\/10.1109\/EISIC.2012.48","DOI":"10.1109\/EISIC.2012.48"},{"key":"779_CR66","doi-asserted-by":"publisher","unstructured":"Varga S, Brynielsson J, Franke U (2018) Information requirements for national level cyber situational awareness. In: 2018 IEEE\/ACM international conference on advances in social networks analysis and mining (ASONAM). IEEE, Piscataway, NJ, pp 774\u2013781. https:\/\/doi.org\/10.1109\/ASONAM.2018.8508410","DOI":"10.1109\/ASONAM.2018.8508410"},{"issue":"3","key":"779_CR67","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1093\/cybsec\/tyx005","volume":"3","author":"S Weber","year":"2017","unstructured":"Weber S (2017) Coercion in cybersecurity: what public health models reveal. J Cybersecur 3(3):173\u2013183. https:\/\/doi.org\/10.1093\/cybsec\/tyx005","journal-title":"J Cybersecur"},{"issue":"13","key":"779_CR68","doi-asserted-by":"publisher","first-page":"1085","DOI":"10.1080\/01900692.2016.1242614","volume":"40","author":"BW Wirtz","year":"2017","unstructured":"Wirtz BW, Weyerer JC (2017) Cyberterrorism and cyber attacks in the public sector: how public administration copes with digital threats. Int J Public Admin 40(13):1085\u20131100. https:\/\/doi.org\/10.1080\/01900692.2016.1242614","journal-title":"Int J Public Admin"},{"issue":"4","key":"779_CR69","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1111\/1468-5973.12027","volume":"21","author":"J Wolbers","year":"2013","unstructured":"Wolbers J, Boersma K (2013) The common operational picture as collective sensemaking. J Conting Crisis Manag 21(4):186\u2013199. https:\/\/doi.org\/10.1111\/1468-5973.12027","journal-title":"J Conting Crisis Manag"}],"container-title":["Cognition, Technology &amp; Work"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10111-024-00779-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10111-024-00779-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10111-024-00779-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T06:13:31Z","timestamp":1730700811000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10111-024-00779-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,27]]},"references-count":69,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,11]]}},"alternative-id":["779"],"URL":"https:\/\/doi.org\/10.1007\/s10111-024-00779-1","relation":{},"ISSN":["1435-5558","1435-5566"],"issn-type":[{"value":"1435-5558","type":"print"},{"value":"1435-5566","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,9,27]]},"assertion":[{"value":"5 May 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 August 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"27 September 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no known competing financial interests or personal relationships that could have influenced the work reported in this paper. The empirical material analyzed in the current study is not publicly available in order to protect participant anonymity. All participants in this study gave informed consent in accordance with Swedish law.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}