The effect of cyber-attacks on stock returns

A widely debated issue in recent years is cybercrime. Breaches in the security of accessibility, integrity and confidentiality of information involve potentially high explicit and implicit costs for firms. This paper investigates the impact of information security breaches on stock returns. Using event-study methodology, the study provides empirical evidence on the effect of announcements of cyber-attacks on the market value of firms from 1995 to 2015. Results show that substantial negative market returns occur following announcements of cyber-attacks. Financial entities often suffer greater negative effects than other companies and non-confidential cyber-attacks are the most dangerous, especially for the financial sector. Overall findings seem to show a link between cybercrime and insider trading

Virtual Private Services: Coordinated Policy Enforcement for Distributed Applications

Large scale distributed applications combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security issues, caused by the complexity of the operating environment. In particular, policies at multiple layers and locations force conventional mechanisms such as firewalls and compartmented file storage into roles where they are clumsy and failure-prone. Our approach relies on two functional divisions. First, we split policy specification and policy enforcement, providing local autonomy within the constraints of the global security policy. Second, we create virtual security domains each with its own security policy. Every domain has an associated set of privileges and permissions restricting it to the resources it needs to use and the services it must perform. Virtual private services ensure security and privacy policies are adhered to through coordinated policy enforcement points

Cyber-crime Science = Crime Science + Information Security

Cyber-crime Science is an emerging area of study aiming to prevent cyber-crime by combining security protection techniques from Information Security with empirical research methods used in Crime Science. Information security research has developed techniques for protecting the confidentiality, integrity, and availability of information assets but is less strong on the empirical study of the effectiveness of these techniques. Crime Science studies the effect of crime prevention techniques empirically in the real world, and proposes improvements to these techniques based on this. Combining both approaches, Cyber-crime Science transfers and further develops Information Security techniques to prevent cyber-crime, and empirically studies the effectiveness of these techniques in the real world. In this paper we review the main contributions of Crime Science as of today, illustrate its application to a typical Information Security problem, namely phishing, explore the interdisciplinary structure of Cyber-crime Science, and present an agenda for research in Cyber-crime Science in the form of a set of suggested research questions

Three Decades of Deception Techniques in Active Cyber Defense -- Retrospect and Outlook

Deception techniques have been widely seen as a game changer in cyber defense. In this paper, we review representative techniques in honeypots, honeytokens, and moving target defense, spanning from the late 1980s to the year 2021. Techniques from these three domains complement with each other and may be leveraged to build a holistic deception based defense. However, to the best of our knowledge, there has not been a work that provides a systematic retrospect of these three domains all together and investigates their integrated usage for orchestrated deceptions. Our paper aims to fill this gap. By utilizing a tailored cyber kill chain model which can reflect the current threat landscape and a four-layer deception stack, a two-dimensional taxonomy is developed, based on which the deception techniques are classified. The taxonomy literally answers which phases of a cyber attack campaign the techniques can disrupt and which layers of the deception stack they belong to. Cyber defenders may use the taxonomy as a reference to design an organized and comprehensive deception plan, or to prioritize deception efforts for a budget conscious solution. We also discuss two important points for achieving active and resilient cyber defense, namely deception in depth and deception lifecycle, where several notable proposals are illustrated. Finally, some outlooks on future research directions are presented, including dynamic integration of different deception techniques, quantified deception effects and deception operation cost, hardware-supported deception techniques, as well as techniques developed based on better understanding of the human element.Comment: 19 page

Cryptocurrencies and Bitcoin: Charting the Research Landscape

This systematic literature review examines cryptocurrencies (CCs) and Bitcoin. Because cryptocurrency research has not gained much attention from Information Systems (IS) researchers and needs a more vivid discussion, this review summarizes the main concepts of 42 papers and aligns them to IS Research. Although, cryptocurrency research has not reached IS mainstream yet, there is massive potential for multifaceted research ranging from protocol development to designing alternative digital currency schemes. Cryptocurrencies entail a core digital artifact and present a rich phenomenon based on the intertwining of technological artifacts and social contexts. We argue that cryptocurrencies are an alternative payment method that may replace intermediaries with cryptographic methods and should be embedded in the research areas of SIGeBIZ and SIGSEC. At the end of this literature review, we discuss some open research gaps like new business models based on cryptocurrencies or the influence of culture on cryptocurrencies and Bitcoin

Trust-Based Formal Delegation Framework for Enterprise Social Networks

International audienceCollaborative environments raise major challenges to secure them. These challenges increase when it comes to the domain of Enterprise-Social-Networks (ESNs) as ESNs aim to incorporate the social technologies in an organization setup while asserting greater control of information security. In this context, the security challenges have taken a new shape as an ESN may not be limited to the boundaries of a single organization and users from different organizations can collaborate in a common federated environment. In this paper, we address the problem of the authorization's delegation in federated collaborative environments like ESNs. In contrast to traditional XML based languages, such as XACML, our approach is based on event-calculus, a temporal logic programming formalism. Further, the traditional approaches are either user-centric or organization-centric. However, the domain of ESN requires to bridge the gap between them and the proposed framework deals with this challenge. In order to enhance the delegation scheme, we have proposed a behavior monitoring mechanism, that permits to assess principals' trust level within the federated collaborative environment. We evaluate our trust computing approach based on simulated principals' behaviors and discuss the obtained results