Industry views on water resources planning methods – prospects for change in England and Wales

This paper describes a qualitative study of practitioner perspectives on regulated water resources planning practice in England and Wales. The study focuses on strengths and weaknesses of existing practice and the case for change towards a risk-based approach informed by stochastic modelling assessments. In-depth, structured interviews were conducted to capture the views of planners, regulators and consultants closely involved in the planning process. We found broad agreement that the existing water availability assessment methods are fallible; they lack transparency, are often highly subjective and may fail to adequately expose problems of resilience. While most practitioners believe these issues warrant a more detailed examination of risk in the planning process, few believe there is a strong case for a fundamental shift towards risk-based planning informed by stochastic modelling assessments. The study identifies perceived business risks associated with change and exposes widespread scepticism of stochastic methods

Sharpening the Cutting Edge: Corporate Action for a Strong, Low-Carbon Economy

Outlines lessons learned from early efforts to create a low-carbon economy, current and emerging best practices, and next steps, including climate change metrics, greenhouse gas reporting, effective climate policy, and long-term investment choices

Reinforcement learning for efficient network penetration testing

Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the defenses of a computer network by planning and executing all possible attacks to discover and exploit existing vulnerabilities. Current penetration testing methods are increasingly becoming non-standard, composite and resource-consuming despite the use of evolving tools. In this paper, we propose and evaluate an AI-based pentesting system which makes use of machine learning techniques, namely reinforcement learning (RL) to learn and reproduce average and complex pentesting activities. The proposed system is named Intelligent Automated Penetration Testing System (IAPTS) consisting of a module that integrates with industrial PT frameworks to enable them to capture information, learn from experience, and reproduce tests in future similar testing cases. IAPTS aims to save human resources while producing much-enhanced results in terms of time consumption, reliability and frequency of testing. IAPTS takes the approach of modeling PT environments and tasks as a partially observed Markov decision process (POMDP) problem which is solved by POMDP-solver. Although the scope of this paper is limited to network infrastructures PT planning and not the entire practice, the obtained results support the hypothesis that RL can enhance PT beyond the capabilities of any human PT expert in terms of time consumed, covered attacking vectors, accuracy and reliability of the outputs. In addition, this work tackles the complex problem of expertise capturing and re-use by allowing the IAPTS learning module to store and re-use PT policies in the same way that a human PT expert would learn but in a more efficient way

Applying Real Options Thinking to Information Security in Networked Organizations

An information security strategy of an organization participating in a networked business sets out the plans for designing a variety of actions that ensure confidentiality, availability, and integrity of company’s key information assets. The actions are concerned with authentication and nonrepudiation of authorized users of these assets. We assume that the primary objective of security efforts in a company is improving and sustaining resiliency, which means security contributes to the ability of an organization to withstand discontinuities and disruptive events, to get back to its normal operating state, and to adapt to ever changing risk environments. When companies collaborating in a value web view security as a business issue, risk assessment and cost-benefit analysis techniques are necessary and explicit part of their process of resource allocation and budgeting, no matter if security spendings are treated as capital investment or operating expenditures. This paper contributes to the application of quantitative approaches to assessing risks, costs, and benefits associated with the various components making up the security strategy of a company participating in value networks. We take a risk-based approach to determining what types of security a strategy should include and how much of each type is enough. We adopt a real-options-based perspective of security and make a proposal to value the extent to which alternative components in a security strategy contribute to organizational resiliency and protect key information assets from being impeded, disrupted, or destroyed

Concepts and Measurement of Labour Market Institutions

Institutionelle Infrastruktur, Arbeitsmarkt, Messung, Arbeitsmarktpolitik, Beschäftigungspolitik, Lohnbildung, Lohnverhandlungen, OECD-Staaten, Institutional infrastructure, Labour market, Measurement, Labour market policy, Employment policy, Wage determination, Wage bargaining, OECD countries

Identity Trust Framework for iGaming

The online gambling community, or the iGaming industry in the United States has individual solutions and a mix of classic processes to manage universal customer identity but it lacks a standard identity management framework in which to enroll new iGaming users, monitor those users and ensure secure transactions, which leaves it open to identity theft and financial fraud. The iGaming industry offers online poker, sports betting and casino table games. iGaming providers (provider/providers) include companies such as PartyPoker.com, Pokerstars.com, Bovada.com, BetOnline.com among others. An iGaming player (player/players) is anyone who plays to gamble on games through the Internet. This report focuses on the requirements and specification for an Identity Trust Framework to enhance security and privacy in the United States iGaming industry and players.Informatio

Localism and energy: Negotiating approaches to embedding resilience in energy systems

Tensions are evident in energy policy objectives between centralised top-down interconnected energy systems and localised distributed approaches. Examination of these tensions indicates that a localised approach can address a systemic problem of interconnected systems; namely vulnerability. The challenge for energy policy is to realise the interrelated goals of energy security, climate and environmental targets and social and economic issues such as fuel poverty, whilst mitigating vulnerability. The effectiveness of conventional approaches is debateable. A transition to a low carbon pathway should focus on resilience, counter to vulnerability. This article draws from on-going work which evaluates the energy aspects of a Private Finance Initiative (PFI) project to refurbish and re-build a local authority’s entire stock of sheltered accommodation to high environmental standards. Initial findings suggest that whereas more conventional procurement processes tend to increase systemic vulnerability, a user focussed process driven through PFI competitive dialogue is beginning to motivate some developers to adopt innovative approaches to energy system development. Conceptually these findings strongly suggest that embedding ‘Open Source’ principles in energy system development acts to work against systemic vulnerabilities by embedding resilience