The Role of Information and Communication Technologies in Civil Law Relations: Analysis of the Civil Code of the Republic of Kazakhstan

[Purpose] The purpose of the study is to establish using the methods of legal linguistics, synthesis and analysis of information the mechanism of formation of the conceptual sphere of cybersecurity and its representation in the texts of regulations. [Methodology] The methodological basis of the study was determined by the hermeneutic approach to jurisprudence which is mainly focused on methodology, legal technique, the logical and semantic interpretation of certain provisions of various branches of law. In the process of research, methods of analysis and synthesis of information, the comparative analysis also were used. [Findings] The authors note that the use of the system of civil law relations affects both the civil sphere directly and the procedural aspects of relations and partially the criminal branch of law. The synergistic nature of informatisation of civil law relations and consider it as a part of the system of general cybersecurity of the state as a whole were emphasized. The use of this concept and its legal construction was revealed. [Practical Implications] The practical significance of the study is determined by the possibility of forming an integrated system of using the mechanism for predicting the development of information and communication technologies to form an equilibrium environment for ensuring the rule of law. [Originality] The novelty of the study is determined by the fact that information and communication technologies are understood as components of a larger system of ensuring legal security in a country as a whole.[Purpose] The purpose of the study is to establish using the methods of legal linguistics, synthesis and analysis of information the mechanism of formation of the conceptual sphere of cybersecurity and its representation in the texts of regulations. [Methodology] The methodological basis of the study was determined by the hermeneutic approach to jurisprudence which is mainly focused on methodology, legal technique, the logical and semantic interpretation of certain provisions of various branches of law. In the process of research, methods of analysis and synthesis of information, the comparative analysis also were used. [Findings] The authors note that the use of the system of civil law relations affects both the civil sphere directly and the procedural aspects of relations and partially the criminal branch of law. The synergistic nature of informatisation of civil law relations and consider it as a part of the system of general cybersecurity of the state as a whole were emphasized. The use of this concept and its legal construction was revealed. [Practical Implications] The practical significance of the study is determined by the possibility of forming an integrated system of using the mechanism for predicting the development of information and communication technologies to form an equilibrium environment for ensuring the rule of law. [Originality] The novelty of the study is determined by the fact that information and communication technologies are understood as components of a larger system of ensuring legal security in a country as a whole.[Purpose] The purpose of the study is to establish using the methods of legal linguistics, synthesis and analysis of information the mechanism of formation of the conceptual sphere of cybersecurity and its representation in the texts of regulations. [Methodology] The methodological basis of the study was determined by the hermeneutic approach to jurisprudence which is mainly focused on methodology, legal technique, the logical and semantic interpretation of certain provisions of various branches of law. In the process of research, methods of analysis and synthesis of information, the comparative analysis also were used. [Findings] The authors note that the use of the system of civil law relations affects both the civil sphere directly and the procedural aspects of relations and partially the criminal branch of law. The synergistic nature of informatisation of civil law relations and consider it as a part of the system of general cybersecurity of the state as a whole were emphasized. The use of this concept and its legal construction was revealed. [Practical Implications] The practical significance of the study is determined by the possibility of forming an integrated system of using the mechanism for predicting the development of information and communication technologies to form an equilibrium environment for ensuring the rule of law. [Originality] The novelty of the study is determined by the fact that information and communication technologies are understood as components of a larger system of ensuring legal security in a country as a whole.[Purpose] The purpose of the study is to establish using the methods of legal linguistics, synthesis and analysis of information the mechanism of formation of the conceptual sphere of cybersecurity and its representation in the texts of regulations. [Methodology] The methodological basis of the study was determined by the hermeneutic approach to jurisprudence which is mainly focused on methodology, legal technique, the logical and semantic interpretation of certain provisions of various branches of law. In the process of research, methods of analysis and synthesis of information, the comparative analysis also were used. [Findings] The authors note that the use of the system of civil law relations affects both the civil sphere directly and the procedural aspects of relations and partially the criminal branch of law. The synergistic nature of informatisation of civil law relations and consider it as a part of the system of general cybersecurity of the state as a whole were emphasized. The use of this concept and its legal construction was revealed. [Practical Implications] The practical significance of the study is determined by the possibility of forming an integrated system of using the mechanism for predicting the development of information and communication technologies to form an equilibrium environment for ensuring the rule of law. [Originality] The novelty of the study is determined by the fact that information and communication technologies are understood as components of a larger system of ensuring legal security in a country as a whole

The Role of Information and Communication Technologies in Civil Law Relations: Analysis of the Civil Code of the Republic of Kazakhstan

[Purpose] The purpose of the study is to establish using the methods of legal linguistics, synthesis and analysis of information the mechanism of formation of the conceptual sphere of cybersecurity and its representation in the texts of regulations. [Methodology] The methodological basis of the study was determined by the hermeneutic approach to jurisprudence which is mainly focused on methodology, legal technique, the logical and semantic interpretation of certain provisions of various branches of law. In the process of research, methods of analysis and synthesis of information, the comparative analysis also were used. [Findings] The authors note that the use of the system of civil law relations affects both the civil sphere directly and the procedural aspects of relations and partially the criminal branch of law. The synergistic nature of informatisation of civil law relations and consider it as a part of the system of general cybersecurity of the state as a whole were emphasized. The use of this concept and its legal construction was revealed. [Practical Implications] The practical significance of the study is determined by the possibility of forming an integrated system of using the mechanism for predicting the development of information and communication technologies to form an equilibrium environment for ensuring the rule of law. [Originality] The novelty of the study is determined by the fact that information and communication technologies are understood as components of a larger system of ensuring legal security in a country as a whole

Analysis of cyber security knowledge gaps based on cyber security body of knowledge

Due to the increasing number of cyber incidents and overwhelming skills shortage, it is required to evaluate the knowledge gap between cyber security education and industrial needs. As such, the objective of this study is to identify the knowledge gaps in cyber security graduates who join the cyber security workforce. We designed and performed an opinion survey by using the Cyber Security Knowledge Areas (KAs) specified in the Cyber Security Body of Knowledge (CyBOK) that comprises 19 KAs. Our data was gathered from practitioners who work in cyber security organizations. The knowledge gap was measured and evaluated by acknowledging the assumption for employing sequent data as nominal data and improved it by deploying chi-squared test. Analyses demonstrate that there is a gap that can be utilized to enhance the quality of education. According to acquired final results, three key KAs with the highest knowledge gap are Web and Mobile Security, Security Operations and Incident Management. Also, Cyber-Physical Systems (CPS), Software Lifecycles, and Vulnerabilities are the knowledge areas with largest difference in perception of importance between less and more experienced personnel. We discuss several suggestions to improve the cyber security curriculum in order to minimize the knowledge gaps. There is an expanding demand for executive cyber security personnel in industry. High-quality university education is required to improve the qualification of upcoming workforce. The capability and capacity of the national cyber security workforce is crucial for nations and security organizations. A wide range of skills, namely technical skills, implementation skills, management skills, and soft skills are required in new cyber security graduates. The use of each CyBOK KA in the industry was measured in response to the extent of learning in university environments. This is the first study conducted in this field, it is considered that this research can inspire the way for further researches. 2022, The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature.Scopus2-s2.0-8513535559

A principlist framework for cybersecurity ethics

The ethical issues raised by cybersecurity practices and technologies are of critical importance. However, there is disagreement about what is the best ethical framework for understanding those issues. In this paper we seek to address this shortcoming through the introduction of a principlist ethical framework for cybersecurity that builds on existing work in adjacent fields of applied ethics, bioethics, and AI ethics. By redeploying the AI4People framework, we develop a domain-relevant specification of five ethical principles in cybersecurity: beneficence, non-maleficence, autonomy, justice, and explicability. We then illustrate the advantages of this principlist framework by examining the ethical issues raised by four common cybersecurity contexts: penetration testing, distributed denial of service attacks (DDoS), ransomware, and system administration. These case analyses demonstrate the utility of this principlist framework as a basis for understanding cybersecurity ethics and for cultivating the ethical expertise and ethical sensitivity of cybersecurity professionals and other stakeholders

Strategies for Cybercrime Prevention in Information Technology Businesses

Cybercrime continues to be a devastating phenomenon, impacting individuals and businesses across the globe. Information technology (IT) businesses need solutions to defend and secure their data and networks from cyberattacks. Grounded in general systems theory and transformational leadership theory, the purpose of this qualitative multiple case study was to explore strategies IT business leaders use to protect their systems from a cyberattack. The participants included six IT business leaders with experience in cybersecurity or system security in the Midlands region of South Carolina. Data were collected using semistructured interviews and reviews of government standards documents; data were analyzed using thematic analysis. Three themes emerged from the study: (a) cybercrime prevention strategy; (b) cybersecurity awareness, training, and education; and (c) effective leadership. A key recommendation is for IT business leaders to ensure employees are current on cybersecurity awareness and defense techniques through regular training and education, use third-party vendors that are subject matter experts where they lack talent, and develop leaders with a transformational mindset. The implications for positive social change include the potential for IT business leaders and employees to become more proactive in learning and implementing effective cybercrime prevention strategies to keep their businesses profitable and support the needs of stakeholders and clients

Incidencia del uso del repositorio de firmas digitales en la gestión de trámites institucionales de la universidad Técnica del Norte

OG1. Implementar un software de servicios de gesti´on de tr´amites institucionales firmados electr´onicamente mediante el repositorio de firmas digitales de la Universidad T´ecnica del Norte.Con la existencia del Habeas Data en la Constitución ecuatoriana y la Ley de Comercio Electrónico, el Banco Central del Ecuador es responsable de emitir y validar Firmas Electrónicas para realizar cualquier intercambio de datos en que se requiera que haya validez legal. La Universidad Técnica del Norte, en adelante UTN, se encuentra implementando nuevas tecnologías de comunicación e información mediante la evolución de sus procesos institucionales para atender adecuadamente a sus estudiantes. QUIPUX es un software para la gestión documental que no cumple con los requisitos para integrarlo al Sistema Integrado Información Universitaria de la UTN, cuyo acrónimo es SIIU. Implementar un software de servicios de firmas digitales para incidir positivamente en al menos un proceso de la gestión de trámites institucionales: emisión n de certificados de matrícula firmados digitalmente en la UTN. Documentar la SRS según el estándar ISO / EC 29148. Diseñar una arquitectura de software y un conjunto de algoritmos para firmar o validar certificados mediante X.509, usar SOAP o JDBC para relacionar servicios del repositorio de firmas digitales con el SIIU, cumpliendo algunas normas de usabilidad y seguridad aplicables según ISO 9126. Existe: Un documento SRS acorde con ISO 29148, una interface para firmar y validar certificados, respuestas estudiantiles de aceptación del software Implementado, certificados de matrícula con validez legal nacional. Al reducir tiempos de respuesta y consumo de papel, automatizando con software algunas tareas repetitivas de certificación entonces el uso del repositorio de firmas digitales incide positivamente en la gestión de trámites institucionales