264 research outputs found

    An innovative custom cyber security solution for protecting enterprises and corporates’ assets

    Get PDF
    Anti-virus software has been the main defense against malicious application and will remain so in the future. However the strength of an anti-virus product will depend on having an updated virus signature and the heuristic engine to detect future and unknown virus. The time gap between an exploit appearing on the internet and the user receiving an update for their anti-virus signature database on their machine is very crucial. Having a diverse multi-Engine anti-virus scanner in the infrastructure with the capability for custom signature definition as part of a defence in-depth strategy will help to close that gap. This paper presents a technique of deploying more than one anti-virus solution at different layers and using custom anti-virus signature which is deployed in a custom proxy solution as part of a defence in-depth strategy

    Securing a "Bring Your Own Application" cloud environment using digital forensics

    Get PDF
    Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Information Systems Security (MSc.ISS) at Strathmore UniversityThe use of cloud applications introduces new challenges to information systems Security. The idea of applications accessible from multiple devices and hosted or provided by third party organizations brings new complications to IT security. In situations where organizations are embracing Bring Your Own Applications (BYOA) and where they allow use of free to public cloud applications within their networks, it is important for IT Security experts to consider how to secure their BYOA environments and also monitor how these applications are used and the flow of information. The aim of this research is to develop a digital forensics based solution for securing BYOA cloud environment. This solution can be used to improve security in an organisation implementing BYOA. The research focuses on free to public cloud applications, whereby security challenges are identified and security measures proposed. The security measures are enforced through the development of a customized solution. The solution has been developed using rapid application development (RAD) system development methodology. Using Geany editor and Python programming language, the prototype developed relies on digital forensics artefacts to gather information about the usage of BYOAs. The solution captures digital forensics artefacts and stores them into a database as logs of the activity on Google Drive application. The solution demonstrates how digital forensics artefacts can be used to enhance security in a BYOA environment

    Trust, legality and exceptionalism

    Get PDF
    Trust is uniquely human and foundation for human cooperation. Today, the Rule of Law is highly relevant to build trust. The current and growing competition between USA and China as two superpowers reduces trust. It is linked to efforts of superiority, especially visible in the sectors of technology, military, trade, research, education and international standard setting and - especially in the U.S. - substantiated with the claim of exceptionalism. This book looks at the concepts, cases and expression of exceptionalism in the current geopolitical context, in the USA and in different countries, which see themselves as exceptional with an exceptional mission. The book offers ethical benchmarks to build trust and to react to notions of exceptionalism

    On the innovation mechanisms of fintech start-ups: insights from Swift's innotribe competition

    Get PDF
    The emergence of nascent forms of financial technology around the globe is driven by efforts to deconstruct and reimagine business models historically embedded within financial services. Entrepreneurial endeavors to this end are diverse. Indeed, the propensity towards complexity across the fintech landscape is considerable. Bridging as it does a diverse range of financial ser-vices, markets, innovations, industry participants, infrastructures and technologies. This study aims to improve the comprehension of the global fintech landscape. It is based on the analysis of start-ups who participated in SWIFT’s Innotribe competition over a three-year period. We used cluster analysis to group 402 fintech start-up firms, and then selected representative cases to create a foundational understanding of the structure of the fintech landscape. We found that six clusters capture the variety of firms and their activities. The main findings of this work are: (1) the development of fintech clusters to classify core services, business infrastructures and underlying component technologies, which characterize the fintech landscape; (2) an analysis of how fintechs synthesize different technologies to restructure and coordinate flows of financial information through competitive and cooperative mechanisms of disintermediation, extension of access, financialization, hybridization and personalization; (3) an analysis of related strate-gies for value creation connected with the competitive and cooperative mechanisms that were identified. Collectively, our results offer new insights into the diversity and range of emergent innovations and technologies which are transforming the financial services industry worldwide

    Cyber-Physical Threat Intelligence for Critical Infrastructures Security

    Get PDF
    Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

    The Digitalisation of African Agriculture Report 2018-2019

    Get PDF
    An inclusive, digitally-enabled agricultural transformation could help achieve meaningful livelihood improvements for Africa’s smallholder farmers and pastoralists. It could drive greater engagement in agriculture from women and youth and create employment opportunities along the value chain. At CTA we staked a claim on this power of digitalisation to more systematically transform agriculture early on. Digitalisation, focusing on not individual ICTs but the application of these technologies to entire value chains, is a theme that cuts across all of our work. In youth entrepreneurship, we are fostering a new breed of young ICT ‘agripreneurs’. In climate-smart agriculture multiple projects provide information that can help towards building resilience for smallholder farmers. And in women empowerment we are supporting digital platforms to drive greater inclusion for women entrepreneurs in agricultural value chains

    Business model innovation in the oil and gas supply industry

    Get PDF
    Master i Energy Management - Nord universitet, 201

    FINTECH ECOSYSTEM IN VIETNAM

    Get PDF
    This paper reviews current status of the fintech ecosystem in Vietnam through the lens of critical actors of a fintech ecosystem and in comparison with Singapore. It is to find out which actors are for setting up an ecosystem now and maintaining a healthy ecosystem in the future. The intention in doing so is to assess the role of each actor and reflect the relationship among them. The final aim is to understand the emergence of fintech ecosystem in Vietnam, from which to suggest some ways to develop the ecosystem. This study adopts theory of Nicoletti (2017) and Adner and Kapoor (2016). From Nicoletti (2017), five actors of a fintech ecosystem are recognized. They are demand,talent, solutions, capital and policy. All individuals, businesses and financial institutions have demand for modern financial products and services, originating from prevalence of technology in nearly all aspects of life now. Good academic performance at school shown by PISA result is not enough to bring excellence to technology and financial institutions. Talent of technology places has little been mentioned. Some banks are incorporating fintech in their operations. Fintech entrepreneurs are generally potential but they need to be better equipped with expertise knowledge and more innovative. Solutions from academic resources are almost zero, from fintech companies not diverse,from crowdsourcing too tiny. The collaboration between fintech companies and banks is bringing advantages to both parties. Angel investors and IPO are now not a viable option for fintech companies in Vietnam. Venture capital is easier to reach. Both local and foreign venture funds are showing interest in Vietnam’s fintech. Policy is still more in paper than in practice. After discussing the role of each actor and their correlation, the discussion moved to recommendations drawn from the theory of Adner and Kapoor (2016). Based on their framework, Vietnam is now in the first stage, in which traditional financial services do not completely meet growing customer need while fintech started to be paid special attention to. A sensible approach is to devote huge effort to fintech. This is proven in reality of Singapore. Fintech companies are in the heart of their ecosystem and all the actors are working hard. Some lessons can be learned from Singapore are: focusing on fintech companies – this is also emphasized in Nicoletti (2017)’s framework, policy offering more incentives to investors in fintech companies and supporting to improve quality of talent and solutions

    Cyber-Physical Threat Intelligence for Critical Infrastructures Security

    Get PDF
    Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well
    • …
    corecore