12,582 research outputs found

    Overcoming Data Breaches and Human Factors in Minimizing Threats to Cyber-Security Ecosystems

    Get PDF
    This mixed-methods study focused on the internal human factors responsible for data breaches that could cause adverse impacts on organizations. Based on the Swiss cheese theory, the study was designed to examine preventative measures that managers could implement to minimize potential data breaches resulting from internal employees\u27 behaviors. The purpose of this study was to provide insight to managers about developing strategies that could prevent data breaches from cyber-threats by focusing on the specific internal human factors responsible for data breaches, the root causes, and the preventive measures that could minimize threats from internal employees. Data were collected from 10 managers and 12 employees from the business sector, and 5 government managers in Ivory Coast, Africa. The mixed methodology focused on the why and who using the phenomenological approach, consisting of a survey, face-to-face interviews using open-ended questions, and a questionnaire to extract the experiences and perceptions of the participants about preventing the adverse consequences from cyber-threats. The results indicated the importance of top managers to be committed to a coordinated, continuous effort throughout the organization to ensure cyber security awareness, training, and compliance of security policies and procedures, as well as implementing and upgrading software designed to detect and prevent data breaches both internally and externally. The findings of this study could contribute to social change by educating managers about preventing data breaches who in turn may implement information accessibility without retribution. Protecting confidential data is a major concern because one data breach could impact many people as well as jeopardize the viability of the entire organization

    Exploring the motivation behind cybersecurity insider threat and proposed research agenda

    Get PDF
    Cyber exploitation and malicious activities have become more sophisticated. Insider threat is one of the most significant cyber security threat vector, while posing a great concern to corporations and governments. An overview of the fundamental motivating forces and motivation theory are discussed. Such overview is provided to identify motivations that lead trusted employees to become insider threats in the context of cyber security. A research agenda with two sequential experimental research studies are outlined to address the challenge of insider threat mitigation by a prototype development. The first proposed study will classify data intake feeds, as recognized and weighted by cyber security experts, in an effort to establish predictive analytics of novel correlations of activities that may lead to cyber security incidents. It will also develop approach to identify how user activities can be compared against an established baseline, the user’s network cyber security pulse, with visualization of simulated users’ activities. Additionally, the second study will explain the process of assessing the usability of a developed visualization prototype that intends to present correlated suspicious activities requiring immediate action. Successfully developing the proposed prototype via feeds aggregation and an advanced visualization from the proposed research could assist in the mitigation of malicious insider threat

    An integrated risk analysis framework for safety and cybersecurity of industrial SCADA system

    Get PDF
    The industrial control system (ICS) refers to a collection of various types of control systems commonly found in industrial sectors and critical infrastructures such as energy, oil and gas, transportation, and manufacturing. The supervisory control and data acquisition (SCADA) system is a type of ICS that controls and monitors operations and industrial processes scattered across a large geographic area. SCADA systems are relying on information and communication technology to improve the efficiency of operations. This integration means that SCADA systems are targeted by the same threats and vulnerabilities that affect ICT assets. This means that the cybersecurity problem in SCADA system is exacerbated by the IT heritage issue. If the control system is compromised due to this connection, serious consequences may follow. This leads to the necessity to have an integrated framework that covers both safety and security risk analysis in this context. This thesis proposes an integrated risk analysis framework that comprise of four stages, and that build on the advances of risk science and industry standards, to improve understanding of SCADA system complexity, and manage risks considering process safety and cybersecurity in a holistic approach. The suggested framework is committed to improving safety and security risk analysis by examining the expected consequences through integrated risk identifications and identifying adequate safeguards and countermeasures to defend cyber-attack scenarios. A simplified SCADA system and an undesirable scenario of overpressure in the pipeline are presented in which the relevant stages of the framework are applied

    Guest Editorial Special Issue on: Big Data Analytics in Intelligent Systems

    Get PDF
    The amount of information that is being created, every day, is quickly growing. As such, it is now more common than ever to deal with extremely large datasets. As systems develop and become more intelligent and adaptive, analysing their behaviour is a challenge. The heterogeneity, volume and speed of data generation are increasing rapidly. This is further exacerbated by the use of wireless networks, sensors, smartphones and the Internet. Such systems are capable of generating a phenomenal amount of information and the need to analyse their behaviour, to detect security anomalies or predict future demands for example, is becoming harder. Furthermore, securing such systems is a challenge. As threats evolve, so should security measures develop and adopt increasingly intelligent security techniques. Adaptive systems must be employed and existing methods built upon to provide well-structured defence in depth. Despite the clear need to develop effective protection methods, the task is a difficult one, as there are significant weaknesses in the existing security currently in place. Consequently, this special issue of the Journal of Computer Sciences and Applications discusses big data analytics in intelligent systems. The specific topics of discussion include the Internet of Things, Web Services, Cloud Computing, Security and Interconnected Systems

    Adopting Contractors’ Risk Management (CIRIM) Framework using Multi Dimensional Theories

    Get PDF
    In general, many contractors in Malaysia are found to have a limited expertise in developing an appropriate strategy to mitigate project risks. Consequently, this has led contractors struggling to complete the project on schedule, within the client’s budget and quality parameters. This was proven by the current issues on the delayed projects reported in the Ninth Malaysian Plan. Currently in Malaysia, there is no existing risk management framework specifically designed for contractors. Thus, the idea of introducing CIRIM among the Malaysian contractors is a proactive approach to achieve better project objectives. This paper therefore proposes to introduce the CIRIM framework to be adopted by the Malaysian contractors. The research methodology applied in the main research includes literature reviews, questionnaires and interviews. It is found that although there are some forms of risk management systems being used in the Malaysian construction industry, most of them are not well structured, documented and implemented in a formal manner. Therefore, the idea of establishing the CIRIM framework among Malaysian contractors is paramount and justified.Keywords: Risk Management, Contractors, CIRIM, Construction, Malaysia

    Evaluating Information Assurance Control Effectiveness on an Air Force Supervisory Control and Data Acquisition (SCADA) System

    Get PDF
    Supervisory Control and Data Acquisition (SCADA) systems are increasingly being connected to corporate networks which has dramatically expanded their attack surface to remote cyber attack. Adversaries are targeting these systems with increasing frequency and sophistication. This thesis seeks to answer the research question addressing which Information Assurance (IA) controls are most significant for network defenders and SCADA system managers/operators to focus on in order to increase the security of critical infrastructure systems against a Stuxnet-like cyber attack. This research applies the National Institute of Science and Technology (NIST) IA controls to an attack tree modeled on a remote Stuxnet-like cyber attack against the WPAFB fuels operation. The probability of adversary success of specific attack scenarios is developed via the attack tree. Then an impact assessment is obtained via a survey of WPAFB fuels operation subject matter experts (SMEs). The probabilities of adversary success and impact analysis are used to create a Risk Level matrix, which is analyzed to identify recommended IA controls. The culmination of this research identified 14 IA controls associated with mitigating an adversary from gaining remote access and deploying an exploit as the most influential for SCADA managers, operators and network defenders to focus on in order to maximize system security against a Stuxnet-like remote cyber attack

    Network Based Intrusion Detection System Using Weighted Product Model (WPM)

    Get PDF
    A security technology called a network-based intrusion detection system (NIDS) was created to safeguard computer networks against unauthorised access and criminal activity. This technology works by analysing network traffic, spotting potential risks, and informing administrators of any possible incursions or attacks. NIDS research ensures that intrusion detection systems are built to minimise the gathering and storage of sensitive data by taking into account the value of privacy and data protection .In general, network-based intrusion detection system research has a major impact on how well these security measures operate, how efficiently they perform, and how adaptable they are.By addressing the evolving challenges posed by cyber threats, NIDS research helps organizations enhance their network security posture, protect sensitive information, and defend against potential intrusions and attacks." The weighted product model (WPM), a multi-criteria decision-making (MCDM) technique, is used to evaluate and rank solutions based on a variety of distinct criteria. It provides a methodical approach to decision-making by considering the relative importance of each attribute and the performance of other solutions in relation to those criteria. The WPM normalises the data, weights the criteria, and gives a weighted score for each alternative. The option with the greatest score is regarded as the ideal option. The weighted product model offers a structured framework for making decisions by taking into account many factors and their varying degrees of importance. It enables decision-makers to assess and contrast options using a wide range of criteria, resulting in more informed and unbiased choices. It's crucial to check nonetheless that the model's weights and normalisation techniques appropriately capture the decision-maker's preferences as well as the features of the choice problem.J48, Random Forest, JRIP, RIDOR, PART. The definition of true positive, false positive, true negative and false negative rates has already been established. These metrics for measuring the effectiveness of classification algorithms, anomaly detection systems, and binary decision-making processes are accurately presented. As can be seen from the results, J48 received the highest rank, while PART received the lowest .In order to increase the security of computer networks, network-based intrusion detection systems (NIDS) are essential. They provide real-time monitoring and analysis of network traffic to identify suspected breaches and malicious activities, enabling appropriate action to be taken. However, it is important to recognize that NIDS can have limitations and are not infallible

    Improving Organizational Information Security Strategy via Meso-Level Application of Situational Crime Prevention to the Risk Management Process

    Get PDF
    Existing approaches to formulating IS security strategy rely primarily on the risk management process and the application of baseline security standards (e.g., ISO 27002, previously ISO 17799). The use of existing approaches generally leads to measures that emphasize target hardening and incident detection. While such measures are appropriate and necessary, they do not capitalize on other measures, including those that surface when situational crime prevention (SCP) is applied to specific crimes. In particular, existing approaches do not typically surface measures designed to reduce criminal perceptions of the net benefits of the crime, or justification and provocation to commit the crime. However, the methods prescribed to-date for implementing SCP are cumbersome, requiring micro-level, individual analysis of crimes. In the current article, we propose that concepts derived from SCP can be strategically applied at an intermediate (meso) level of aggregation. We show that such meso-level application of SCP, when combined with the traditional risk management process, can reduce residual information security risk by identifying new strategies for combating computer crime. Using three illustrative cases, we demonstrate that the application of the proposed strategic approach does surface meaningful countermeasures not identified by the traditional risk management process alone
    • …
    corecore