Cyber Security Violation in I0T-Enabled Bright Society: A Proposed Framework

The undesirable consequences of ICT proliferation remains a big concern. The rise in Internet of Things (IoT) have further exacerbated security and information privacy challenges. One main reason is organizations and individuals constantly violate regulations and rules. While cybersecurity and privacy scholars accentuate on the likelihood of rule violations at the individual and organizational levels, the evidence for and discussion of this concept is still scant. This study proposes an empirical response to the Bright ICT initiative of the Association of Information System. This initiative aims to drastically eliminate adverse effect of Internet of Things (IoT). However, a robust privacy and cybersecurity model is needed. This study draws on the selective organizational information privacy and security violation model and delineate it at individual level. Specifically, attitude towards behaviour and subjective norms, contextual conditions, rule and regulatory conditions, perceived risk of violating a privacy or security rule, economic and non-economic strain constructs are hypothesized to determine the likelihood of a privacy and cybersecurity rule violation. In this context, pertinent cybersecurity literatures for IoT-enabled environment were examined to suggest solutions to reduce the dark side of IoT-enabled bright society. This paper presents the proposed model

A Graphical Adversarial Risk Analysis Model for Oil and Gas Drilling Cybersecurity

Oil and gas drilling is based, increasingly, on operational technology, whose cybersecurity is complicated by several challenges. We propose a graphical model for cybersecurity risk assessment based on Adversarial Risk Analysis to face those challenges. We also provide an example of the model in the context of an offshore drilling rig. The proposed model provides a more formal and comprehensive analysis of risks, still using the standard business language based on decisions, risks, and value.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

Cyber security education is as essential as “The Three R’s”

Smartphones have diffused rapidly across South African society and constitute the most dominant information and communication technologies in everyday use. That being so, it is important to ensure that all South Africans know how to secure their smart devices. This requires a high level of security awareness and knowledge. As yet, there is no formal curriculum addressing cyber security in South African schools. Indeed, it seems to be left to Universities to teach cyber security principles, and they currently only do this when students take computing-related courses. The outcome of this approach is that only a very small percentage of South Africans, i.e. those who take computing courses at University, are made aware of cyber security risks and know how to take precautions. Moreover, because this group is overwhelmingly male, this educational strategy disproportionately leaves young female South Africans vulnerable to cyber attacks. We thus contend that cyber security ought to be taught as children learn the essential “3 Rs” – delivering requisite skills at University level does not adequately prepare young South Africans for a world where cyber security is an essential skill. Starting to provide awareness and knowledge at primary school, and embedding it across the curriculum would, in addition to ensuring that people have the skills when they need them, also remove the current gender imbalance in cyber security awareness

Moving from a "human-as-problem" to a "human-as-solution" cybersecurity mindset

Cybersecurity has gained prominence, with a number of widely publicised security incidents, hacking attacks and data breaches reaching the news over the last few years. The escalation in the numbers of cyber incidents shows no sign of abating, and it seems appropriate to take a look at the way cybersecurity is conceptualised and to consider whether there is a need for a mindset change.To consider this question, we applied a "problematization" approach to assess current conceptualisations of the cybersecurity problem by government, industry and hackers. Our analysis revealed that individual human actors, in a variety of roles, are generally considered to be "a problem". We also discovered that deployed solutions primarily focus on preventing adverse events by building resistance: i.e. implementing new security layers and policies that control humans and constrain their problematic behaviours. In essence, this treats all humans in the system as if they might well be malicious actors, and the solutions are designed to prevent their ill-advised behaviours. Given the continuing incidences of data breaches and successful hacks, it seems wise to rethink the status quo approach, which we refer to as "Cybersecurity, Currently". In particular, we suggest that there is a need to reconsider the core assumptions and characterisations of the well-intentioned human's role in the cybersecurity socio-technical system. Treating everyone as a problem does not seem to work, given the current cyber security landscape.Benefiting from research in other fields, we propose a new mindset i.e. "Cybersecurity, Differently". This approach rests on recognition of the fact that the problem is actually the high complexity, interconnectedness and emergent qualities of socio-technical systems. The "differently" mindset acknowledges the well-intentioned human's ability to be an important contributor to organisational cybersecurity, as well as their potential to be "part of the solution" rather than "the problem". In essence, this new approach initially treats all humans in the system as if they are well-intentioned. The focus is on enhancing factors that contribute to positive outcomes and resilience. We conclude by proposing a set of key principles and, with the help of a prototypical fictional organisation, consider how this mindset could enhance and improve cybersecurity across the socio-technical system

Using Artificial Intelligence and Cybersecurity in Medical and Healthcare Applications

Healthcare fields have made substantial use of cybersecurity systems to provide excellent patient safety in many healthcare situations. As dangers increase and hackers work tirelessly to elude law enforcement, cybersecurity has been a rapidly expanding field in the news over the past ten years. Although the initial motivations for conducting cyberattacks have generally remained the same over time, hackers have improved their methods. It is getting harder to identify and stop evolving threats using conventional cybersecurity tools. The development of AI methodologies offers hope for equipping cybersecurity professionals to fend against the ever-evolving threat posed by attackers. Therefore, an artificial intelligence- based Convolutional Neural Network (CNN) is introduced in this paper in which the cyberattacks are detected with more excellent performance. This paper presents unique conditions using the Ant Colony Optimization based Convolutional Neural Network (ACO-CNN) mechanism. This model has been built and supplied collaboratively with a dataset containing samples of web attacks for detecting cyberattacks in the healthcare sector. The results show that the created framework performs better than the modern techniques by detecting cyberattacks more accurately

High Performance Technology in Algorithmic Cryptography

Alan Turing’s article, “Computation and intelligence”, gives the preamble of the characteristics of guessing if it is a machine or another human being. Currently, the use of ubiquitous technologies, such as the use of firmware, allows direct access to analog data, however, we must find a way to secure the information. Analyzing cryptographic algorithms for the transfer of multimedia information. Raise the use of cryptarithmetic. Finite automata will be developed that will govern the logic of the cryptographic algorithms to be integrated into Firmware, performance tests and controls will be carried out to determine the best strategies for their performance and algorithmic complexity. Technologies are expressed that allow the creation of learning environments, such as neural networks, that support other processes as the recognition of patterns on images