21,967 research outputs found

    Managing stimulation of regional innovation subjects’ interaction in the digital economy

    Get PDF
    The reported study was funded by RFBR according to the research project No. 18-01000204_a, No. 16-07-00031_a, No. 18-07-00975_a.Purpose: The article is devoted to solving fundamental scientific problems in the scope of the development of forecasting modeling methods and evaluation of regional company’s innovative development parameters, synthesizing new methods of big data processing and intelligent analysis, as well as methods of knowledge eliciting and forecasting the dynamics of regional innovation developments through benchmarking. Design/Methodology/Approach: For regional economic development, it is required to identify the mechanisms that contribute to (or impede) the innovative economic development of the regions. The synergetic approach to management is based on the fact that there are multiple paths of IS development (scenarios with different probabilities), although it is necessary to reach the required attractor by meeting the management goals. Findings: The present research is focused on obtainment of new knowledge in creating a technique of multi-agent search, collection and processing of data on company’s innovative development indicators, models and methods of intelligent analysis of the collected data. Practical Implications: The author developed recommendations before starting the process of institutional changes in a specific regional innovation system. The article formulates recommendations on the implementation of institutional changes in the region taking into account the sociocultural characteristics of the region’s population. Originality/Value: It is the first time, when a complex of models and methods is based on the use of a convergent model of large data volumes processing is presented.peer-reviewe

    Investing in Prevention or Paying for Recovery - Attitudes to Cyber Risk

    Get PDF
    The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Broadly speaking an individual can invest time and effort to avoid becoming victim to a cyber attack and/or they can invest resource in recovering from any attack. We introduce a new game called the pre-vention and recovery game to study this trade-off. We report results from the experimental lab that allow us to categorize different approaches to risk taking. We show that many individuals appear relatively risk loving in that they invest in recovery rather than prevention. We find little difference in behavior between a gain and loss framing

    An Overview of Economic Approaches to Information Security Management

    Get PDF
    The increasing concerns of clients, particularly in online commerce, plus the impact of legislations on information security have compelled companies to put more resources in information security. As a result, senior managers in many organizations are now expressing a much greater interest in information security. However, the largest body of research related to preventing breaches is technical, focusing on such issues as encryption and access control. In contrast, research related to the economic aspects of information security is small but rapidly growing. The goal of this technical note is twofold: i) to provide the reader with an structured overview of the economic approaches to information security and ii) to identify potential research directions

    Decision-making and biases in cybersecurity capability development: Evidence from a simulation game experiment

    Get PDF
    We developed a simulation game to study the effectiveness of decision-makers in overcoming two complexities in building cybersecurity capabilities: potential delays in capability development; and uncertainties in predicting cyber incidents. Analyzing 1479 simulation runs, we compared the performances of a group of experienced professionals with those of an inexperienced control group. Experienced subjects did not understand the mechanisms of delays any better than inexperienced subjects; however, experienced subjects were better able to learn the need for proactive decision-making through an iterative process. Both groups exhibited similar errors when dealing with the uncertainty of cyber incidents. Our findings highlight the importance of training for decision-makers with a focus on systems thinking skills, and lay the groundwork for future research on uncovering mental biases about the complexities of cybersecurity. Keywords: Cybersecurity; Decision-making; Simulation; Capability developmen

    A comparative analysis of security risk management in Norwegian oil and gas and renewable energy companies.

    Get PDF
    With the recognised urgent need to combat climate change globally, the renewables industry has witnessed significant growth to meet ambitious net zero targets. This thesis aims to emphasize the importance of improving security risk governance to adapt to the evolving energy sector. The increasing adoption of renewable solutions and the expansion of renewable production presents a landscape characterized by uncertain and complex market dynamics. Additionally, these developments contribute to a more adverse threat environment driven by innovation in research and development (R&D), technology, and digitalization. Considering these advancements, criminal actors now have greater opportunity, motive, and increased capabilities, regardless of whether the company is focused on oil and gas, or renewable production. While damages to a renewables asset result in lower costs and less detrimental environmental impacts when compared to an offshore oil and gas asset, they can still have adverse implications on company values. Impacts to critical renewable assets have the potential to increase reliance on traditional fossil fuels, negatively impact local communities, and detrimentally impact company margins. Furthermore, due to market volatility and energy politics, nations aim to safeguard energy supply and reduce dependence on external sources. This is particularly relevant when considering the sanctions imposed on Russian oil and gas following the 2022 invasion of Ukraine. As a result, energy independence and energy security have become increasingly more critical. This thesis has identified with certainty that there is a significant lack of maturity within security risk governance in renewables companies. Therefore, by comparing how both the oil and gas, and renewables sector acknowledge security and therein approach security risk management, a platform is created to offer fit-for-purpose recommendations to the renewables sector. Furthermore, this thesis acknowledges the lower margin nature of renewable production and ultimately emphasises fostering a sustainable and dynamic security culture that allows industry to strategically expand into higher security threat environments. Key words: Renewable production, Security risk, Risk Governance, Security Risk Assessments, risk tolerabilit

    Data mining for detecting Bitcoin Ponzi schemes

    Full text link
    Soon after its introduction in 2009, Bitcoin has been adopted by cyber-criminals, which rely on its pseudonymity to implement virtually untraceable scams. One of the typical scams that operate on Bitcoin are the so-called Ponzi schemes. These are fraudulent investments which repay users with the funds invested by new users that join the scheme, and implode when it is no longer possible to find new investments. Despite being illegal in many countries, Ponzi schemes are now proliferating on Bitcoin, and they keep alluring new victims, who are plundered of millions of dollars. We apply data mining techniques to detect Bitcoin addresses related to Ponzi schemes. Our starting point is a dataset of features of real-world Ponzi schemes, that we construct by analysing, on the Bitcoin blockchain, the transactions used to perform the scams. We use this dataset to experiment with various machine learning algorithms, and we assess their effectiveness through standard validation protocols and performance metrics. The best of the classifiers we have experimented can identify most of the Ponzi schemes in the dataset, with a low number of false positives

    Cybersecurity: mapping the ethical terrain

    Get PDF
    This edited collection examines the ethical trade-offs involved in cybersecurity: between security and privacy; individual rights and the good of a society; and between the types of burdens placed on particular groups in order to protect others. Foreword Governments and society are increasingly reliant on cyber systems. Yet the more reliant we are upon cyber systems, the more vulnerable we are to serious harm should these systems be attacked or used in an attack. This problem of reliance and vulnerability is driving a concern with securing cyberspace. For example, a ‘cybersecurity’ team now forms part of the US Secret Service. Its job is to respond to cyber-attacks in specific environments such as elevators in a building that hosts politically vulnerable individuals, for example, state representatives. Cybersecurity aims to protect cyberinfrastructure from cyber-attacks; the concerning aspect of the threat from cyber-attack is the potential for serious harm that damage to cyber-infrastructure presents to resources and people. These types of threats to cybersecurity might simply target information and communication systems: a distributed denial of service (DDoS) attack on a government website does not harm a website in any direct way, but prevents its normal use by stifling the ability of users to connect to the site. Alternatively, cyber-attacks might disrupt physical devices or resources, such as the Stuxnet virus, which caused the malfunction and destruction of Iranian nuclear centrifuges. Cyber-attacks might also enhance activities that are enabled through cyberspace, such as the use of online media by extremists to recruit members and promote radicalisation. Cyber-attacks are diverse: as a result, cybersecurity requires a comparable diversity of approaches. Cyber-attacks can have powerful impacts on people’s lives, and so—in liberal democratic societies at least—governments have a duty to ensure cybersecurity in order to protect the inhabitants within their own jurisdiction and, arguably, the people of other nations. But, as recent events following the revelations of Edward Snowden have demonstrated, there is a risk that the governmental pursuit of cybersecurity might overstep the mark and subvert fundamental privacy rights. Popular comment on these episodes advocates transparency of government processes, yet given that cybersecurity risks represent major challenges to national security, it is unlikely that simple transparency will suffice. Managing the risks of cybersecurity involves trade-offs: between security and privacy; individual rights and the good of a society; and types of burdens placed on particular groups in order to protect others. These trade-offs are often ethical trade-offs, involving questions of how we act, what values we should aim to promote, and what means of anticipating and responding to the risks are reasonably—and publicly—justifiable. This Occasional Paper (prepared for the National Security College) provides a brief conceptual analysis of cybersecurity, demonstrates the relevance of ethics to cybersecurity and outlines various ways in which to approach ethical decision-making when responding to cyber-attacks
    corecore