All at Sea

Master's thesis in Risk management and societal safetyThe Norwegian Ministry of Justice and Public Security emphasized in their 2016-2017 report to the Parliament, that the need for a common understanding of preparedness concepts and knowledge of how cross-institutional organizations use concepts and definitions is a prerequisite for understanding and interaction in preparedness and crisis response measures. The concept of civil preparedness means national measures to maintain or establish effective transportation during times of tension, crisis, and war, in which merchant ships and thus naval cooperation plays a crucial role. The thesis purpose is to discuss the research question: to what extent can differences in risk perspectives within organizations in naval cooperation affect risk communication and civil preparedness in the high North? In order to do so, investigating and associate prominent risk perspectives to organizations with roles and tasks to naval cooperation was necessary. A scenario of a military invasion of Northern Norway published by the Norwegian Directorate of Civil Protection (DSB) is used for the thesis purpose because the concept of naval cooperation includes risk communication between stakeholders which is responsible for civil preparedness. In such a scenario the concept of naval cooperation will be in force and coincides with the DSB scenario. This enables an illumination of the research question. The empirical data identifies that the representative organizations have splayed risk perspectives. This is represented within their own sectors and within the sectoral levels of communication. Based on five pre-defined risk perspectives, the overall prominent risk perspective seems to be a mix of ideas and concepts of risk. This applies both to the investigated organizations as well as the numerous documents, regulations, guidelines, and directives, also to the different organizations from the top level, to the educational system and at the operational level. The empiricism holds consensus with a risk and vulnerability analysis of Norwegian food supply, which concluded that the greatest weakness is associated with the delegation of responsibilities between actors. and one of the suggested measures to improve civil preparedness is to examine the possibility of establishing a joint emergency plan for crises. An important element in such joint emergency plan, also consistent with the Norwegian Ministry of Justice and Public Security 2016-2017 report to the Parliament, is the need for a common understanding of preparedness concepts, knowledge of cross-institutional organizations conceptual use of concepts and definitions in preparedness as a prerequisite for understanding and interaction in naval cooperation for civil preparedness

User requirements for location based services : an analysis on the basis of literature

The high global penetration of mobile telephony provides a strong basis for the development and diffusion of mobile business applications. Especially for location based services, i.e. mobile services that consider the user’s current location to add value to the service provided, a high potential to become a major market success is seen. Nevertheless the development of mobile business and location based services has so far been lagging behind expert expecations. One of the reasons for this disappointing development is the failure of application developers to center their efforts on potential users and their needs and demands. The following paper therefore reviews the existing literature on user requirements in mobile business and location based services. A definition and characterization of location based services is given and a framework to categorize existing location based services is developed. Additionally, usefulness and usability are put in concrete terms as they are identified as the main determinants of end-user acceptance of location based services. Security concerns of potential users of location based services are analyzed and further limitations of the diffusion of location based services are discussed

Sport, children's rights and violence prevention: A source book on global issues and local programmes

Copyright @ Brunel University, 2012In line with the Convention on the Rights of the Child (CRC), UNICEF has been a strong advocate of children’s right to leisure and play. It recognizes the intrinsic value sports have in promoting the child’s health and well-being, education and development, and social inclusion, including by fostering the culture of tolerance and peace. Every child has the right to play safely, in an enabling and protective environment. However, although under-researched, evidence shows that children have been subjected to various forms of violence, abuse and exploitation ranging from undue pressure to achieve high performance, beatings and physical punishment, sexual harassment and assaults, to child labour and trafficking. The violence that children experience can lead to lifelong consequences for their health and development. It can also have devastating consequences. Article 19 of the CRC asserts that all children have the right to be protected from violence, calling on State Parties to take all appropriate measures for the protection of children, including while in the care others. Measures include strengthening child protection systems; increasing awareness and strengthening the protective role of parents, teachers, coaches and others caregivers as well as the media; developing and implementing standards for the protection and well-being of children in sports; implementing sport for development and other international programmes and initiatives; and improving data collection and research to develop an evidence-base of “what works”. Above all, the protection of young athletes starts by ensuring that those around children regard them in a way that is appropriate to their needs and that is respectful of their rights - as children first and athletes second. This book provides an expanded set of evidence and resources to back up the 2010 report from the UNICEF Innocenti Research Centre in Florence, Italy - Protecting Children from Violence in Sport: A review with a focus on industrialized countries. I am delighted to provide a Foreword as it complements the ongoing work being done by UNICEF in development and humanitarian environments to make sport a safer place for children

Risk, Overdiagnosis and Ethical Justifications

Wendy Rogers was supported by Future Fellowship (FT130100346) from the Australian Research Council and a 2018 Residency from the Brocher Foundation. Stacy Carter was supported by National Health and Medical Research Council Centre for Research Excellence 1104136 and a 2018 Residence from the Brocher Foundation. This study was funded by FT130100346 from the Australian Research Council (Rogers) and CRE 1104136 from the National Health and Medical Research Council (Carter), and Rogers and Carter both received support in the form of a 2018 month-long residency at the Brocher Foundation, Switzerland.Peer reviewedPublisher PD

Security challenges and solutions for e-business

The advantages of economic growth and increasing ease of operation afforded by e-business and e-commerce developments are unfortunately matched by growth in cyber attacks. This paper outlines the common attacks faced by e-business and describes the defenses that can be used against them. It also reviews the development of newer security defense methods. These are: (1) biometrics for authentication; parallel processing to increase power and speed of defenses; (2) data mining and machine learning to identify attacks; (3) peer-to-peer security using blockchains; 4) enterprise security modelling and security as a service; and (5) user education and engagement. The review finds overall that one of the most prevalent dangers is social engineering in the form of phishing attacks. Recommended counteractions include education and training, and the development of new machine learning and data sharing approaches so that attacks can be quickly discovered and mitigated

Designing the Extended Zero Trust Maturity Model A Holistic Approach to Assessing and Improving an Organization’s Maturity Within the Technology, Processes and People Domains of Information Security

Zero Trust is an approach to security where implicit trust is removed, forcing applications, workloads, servers and users to verify themselves every time a request is made. Furthermore, Zero Trust means assuming anything can be compromised, and designing networks, identities and systems with this in mind and following the principle of least privilege. This approach to information security has been coined as the solution to the weaknesses of traditional perimeter-based information security models, and adoption is starting to increase. However, the principles of Zero Trust are only applied within the technical domain to aspects such as networks, data and identities in past research. This indicates a knowledge gap, as the principles of Zero Trust could be applied to organizational domains such as people and processes to further strengthen information security, resulting in a holistic approach. To fill this gap, we employed design science research to develop a holistic maturity model for Zero Trust maturity based on these principles: The EZTMM. We performed two systematic literature reviews on Zero Trust and Maturity Model theory respectively and collaborated closely with experts and practitioners on the operational, tactical and strategic levels of six different organizations. The resulting maturity model was anchored in prior Zero Trust and maturity model literature, as well as practitioner and expert experiences and knowledge. The EZTMM was evaluated by our respondent organizations through two rounds of interviews before being used by one respondent organization to perform a maturity assessment of their own organization as a part of our case study evaluation. Each interview round resulted in ample feedback and learning, while the case study allowed us to evaluate and improve on the model in a real-world setting. Our contribution is twofold: A fully functional, holistic Zero Trust maturity model with an accompanying maturity assessment spreadsheet (the artifact), and our reflections and suggestions regarding further development of the EZTMM and research on the holistic application of Zero Trust principles for improved information security

Designing the Extended Zero Trust Maturity Model A Holistic Approach to Assessing and Improving an Organization’s Maturity Within the Technology, Processes and People Domains of Information Security

Zero Trust is an approach to security where implicit trust is removed, forcing applications, workloads, servers and users to verify themselves every time a request is made. Furthermore, Zero Trust means assuming anything can be compromised, and designing networks, identities and systems with this in mind and following the principle of least privilege. This approach to information security has been coined as the solution to the weaknesses of traditional perimeter-based information security models, and adoption is starting to increase. However, the principles of Zero Trust are only applied within the technical domain to aspects such as networks, data and identities in past research. This indicates a knowledge gap, as the principles of Zero Trust could be applied to organizational domains such as people and processes to further strengthen information security, resulting in a holistic approach. To fill this gap, we employed design science research to develop a holistic maturity model for Zero Trust maturity based on these principles: The EZTMM. We performed two systematic literature reviews on Zero Trust and Maturity Model theory respectively and collaborated closely with experts and practitioners on the operational, tactical and strategic levels of six different organizations. The resulting maturity model was anchored in prior Zero Trust and maturity model literature, as well as practitioner and expert experiences and knowledge. The EZTMM was evaluated by our respondent organizations through two rounds of interviews before being used by one respondent organization to perform a maturity assessment of their own organization as a part of our case study evaluation. Each interview round resulted in ample feedback and learning, while the case study allowed us to evaluate and improve on the model in a real-world setting. Our contribution is twofold: A fully functional, holistic Zero Trust maturity model with an accompanying maturity assessment spreadsheet (the artifact), and our reflections and suggestions regarding further development of the EZTMM and research on the holistic application of Zero Trust principles for improved information security