The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Security dialogues: building better relationships between security and business

In the real world, there's often a discrepancy between an organization's mandated security processes and what actually happens. The social practice of security flourishes in the space between and around formal organizational security processes. By recognizing the value of risk management as a communication tool, security practitioners can tap opportunities to improve the security dialogue with staff

Digital interaction: where are we going?

In the framework of the AVI 2018 Conference, the interuniversity center ECONA has organized a thematic workshop on "Digital Interaction: where are we going?". Six contributions from the ECONA members investigate different perspectives around this thematic

Multinational perspectives on information technology from academia and industry

As the term \u27information technology\u27 has many meanings for various stakeholders and continues to evolve, this work presents a comprehensive approach for developing curriculum guidelines for rigorous, high quality, bachelor\u27s degree programs in information technology (IT) to prepare successful graduates for a future global technological society. The aim is to address three research questions in the context of IT concerning (1) the educational frameworks relevant for academics and students of IT, (2) the pathways into IT programs, and (3) graduates\u27 preparation for meeting future technologies. The analysis of current trends comes from survey data of IT faculty members and professional IT industry leaders. With these analyses, the IT Model Curricula of CC2005, IT2008, IT2017, extensive literature review, and the multinational insights of the authors into the status of IT, this paper presents a comprehensive overview and discussion of future directions of global IT education toward 2025

European smart specialization for Ukrainian regional development: path from creation to implementation

The focus of the research is to develop recommendations of smart specialization (SS) for Ukrainian policymakers using European approaches. The authors revealed that the main SS projects are presented in such sectors as agri-food, industrial modernization and energy. More than 12 EU countries were the plot for conducted analysis of SS, as a result of which the level of activity of each country was determined. The creation of consortiums, including SMEs, associations, universities and other participants, disclosed the successful way of SS realization. The structure of SME’s innovative potential in Ukraine was identified underlining their main characteristic features like types of innovations and innovative activity, differentiation according to enterprise size, their regional distribution. The authors explored lack of innovations on regional and national level and significant territorial disparities, which could be eliminated through policy implementation of regional SS. The existing legislative norms for possibility of SS implementation in Ukraine were analyzed due to correspondence with the EU ones. The analysis provides the opportunity to consider them only as general framework documents without any action plans and sectoral prioritization at all. The weak points of these law documents are emphasized. As a result of research, the authors developed recommendations presented by direct action plan for Ukrainian policymakers, which include such activities as underlining key priorities (especially ICT applicability in every SS project) and their correspondence with the EU ones; eliminating regional imbalances by focusing on innovation development and reorientation of some regions according to SS priorities; respecting regional existing capacities; providing organizational mechanism for cooperation of stakeholders and financial mechanism for SS support through the EU structural funds

Teaching Security Defense Through Web-Based Hacking at the Undergraduate Level

The attack surface for hackers and attackers is growing every day. Future cybersecurity professionals must have the knowledge and the skills to defend against these cyber attacks. Learning defensive techniques and tools can help defend against today’s attacks but what about tomorrow\u27s? As the types of attacks change so must the cybersecurity professional. The only way for the cybersecurity professional to achieve this nimbleness is to understand the structural anatomy of the various attack types. Understanding the threat environment is the key to future success. Security defense through offensive techniques should and can be taught at the undergraduate level. Using the OWASP Mutillidae project [5], students can have a self-contained, sandbox environment for dissecting and discussing cyber attacks

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt