Security Challenges from Abuse of Cloud Service Threat

Cloud computing is an ever-growing technology that leverages dynamic and versatile provision of computational resources and services. In spite of countless benefits that cloud service has to offer, there is always a security concern for new threats and risks. The paper provides a useful introduction to the rising security issues of Abuse of cloud service threat, which has no standard security measures to mitigate its risks and vulnerabilities. The threat can result an unbearable system gridlock and can make cloud services unavailable or even complete shutdown. The study has identified the potential challenges, as BotNet, BotCloud, Shared Technology Vulnerability and Malicious Insiders, from Abuse of cloud service threat. It has further described the attacking methods, impacts and the reasons due to the identified challenges. The study has evaluated the current available solutions and proposed mitigating security controls for the security risks and challenges from Abuse of cloud services threat

A System for Detecting Malicious Insider Data Theft in IaaS Cloud Environments

The Cloud Security Alliance lists data theft and insider attacks as critical threats to cloud security. Our work puts forth an approach using a train, monitor, detect pattern which leverages a stateful rule based k-nearest neighbors anomaly detection technique and system state data to detect inside attacker data theft on Infrastructure as a Service (IaaS) nodes. We posit, instantiate, and demonstrate our approach using the Eucalyptus cloud computing infrastructure where we observe a 100 percent detection rate for abnormal login events and data copies to outside systems

Impact and key challenges of insider threats on organizations and critical businesses

The insider threat has consistently been identified as a key threat to organizations and governments. Understanding the nature of insider threats and the related threat landscape can help in forming mitigation strategies, including non-technical means. In this paper, we survey and highlight challenges associated with the identification and detection of insider threats in both public and private sector organizations, especially those part of a nation’s critical infrastructure. We explore the utility of the cyber kill chain to understand insider threats, as well as understanding the underpinning human behavior and psychological factors. The existing defense techniques are discussed and critically analyzed, and improvements are suggested, in line with the current state-of-the-art cyber security requirements. Finally, open problems related to the insider threat are identified and future research directions are discussed

A Comprehensive Cybersecurity Defense Framework for Large Organizations

There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient. This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework. The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached

Overcoming Data Breaches and Human Factors in Minimizing Threats to Cyber-Security Ecosystems

This mixed-methods study focused on the internal human factors responsible for data breaches that could cause adverse impacts on organizations. Based on the Swiss cheese theory, the study was designed to examine preventative measures that managers could implement to minimize potential data breaches resulting from internal employees\u27 behaviors. The purpose of this study was to provide insight to managers about developing strategies that could prevent data breaches from cyber-threats by focusing on the specific internal human factors responsible for data breaches, the root causes, and the preventive measures that could minimize threats from internal employees. Data were collected from 10 managers and 12 employees from the business sector, and 5 government managers in Ivory Coast, Africa. The mixed methodology focused on the why and who using the phenomenological approach, consisting of a survey, face-to-face interviews using open-ended questions, and a questionnaire to extract the experiences and perceptions of the participants about preventing the adverse consequences from cyber-threats. The results indicated the importance of top managers to be committed to a coordinated, continuous effort throughout the organization to ensure cyber security awareness, training, and compliance of security policies and procedures, as well as implementing and upgrading software designed to detect and prevent data breaches both internally and externally. The findings of this study could contribute to social change by educating managers about preventing data breaches who in turn may implement information accessibility without retribution. Protecting confidential data is a major concern because one data breach could impact many people as well as jeopardize the viability of the entire organization

Outsourcing and its Influence on Cybersecurity in SMEs: An Exploratory Study in Norwegian Context

Outsourcing IT services to a third party is a trend that is becoming more common, and the majority of those who do not, are considering it. By outsourcing these services, companies do not have to take care of IT themselves and can expect that the provider ensures safety in the solutions. But exactly how cybersecurity is influenced by this in Norwegian small and medium-sized companies is the purpose of this qualitative study. A purposive sampling method was used to recruit participants who had first-hand experience with outsourcing and the potential to provide us with the insight we sought. Semi-structured interviews were conducted with personnel responsible for managing IT in companies with less than 250 employees. Data from the interviews were transcribed and analyzed by using the qualitative data analysis software NVivo 12 Pro. The study found several different ways in which outsourcing influences cybersecurity. The most prominent security benefits that were identified were quality improvement and increased capacity. Loss of data control, communication issues, dependency and supply chain attacks were the main security challenges found in the study. To address these difficulties, mitigation measures such as control competency, contract with SLA, and a focus on business continuity were discovered. The findings of this study can be used by organizations that consider an outsourcing strategy to be better prepared and make correct choices at an early stage. In addition, it gives companies that already outsource a valuable insight into which measures others have applied to mitigate known challenges. Keywords: Outsourcing, Small and medium-sized enterprises, Managed service provider, Challenges, Benefits, Mitigation technique

Outsourcing and its Influence on Cybersecurity in SMEs: An Exploratory Study in Norwegian Context

Outsourcing IT services to a third party is a trend that is becoming more common, and the majority of those who do not, are considering it. By outsourcing these services, companies do not have to take care of IT themselves and can expect that the provider ensures safety in the solutions. But exactly how cybersecurity is influenced by this in Norwegian small and medium-sized companies is the purpose of this qualitative study. A purposive sampling method was used to recruit participants who had first-hand experience with outsourcing and the potential to provide us with the insight we sought. Semi-structured interviews were conducted with personnel responsible for managing IT in companies with less than 250 employees. Data from the interviews were transcribed and analyzed by using the qualitative data analysis software NVivo 12 Pro. The study found several different ways in which outsourcing influences cybersecurity. The most prominent security benefits that were identified were quality improvement and increased capacity. Loss of data control, communication issues, dependency and supply chain attacks were the main security challenges found in the study. To address these difficulties, mitigation measures such as control competency, contract with SLA, and a focus on business continuity were discovered. The findings of this study can be used by organizations that consider an outsourcing strategy to be better prepared and make correct choices at an early stage. In addition, it gives companies that already outsource a valuable insight into which measures others have applied to mitigate known challenges. Keywords: Outsourcing, Small and medium-sized enterprises, Managed service provider, Challenges, Benefits, Mitigation technique

A systematic literature review on insider threats

Insider threats is the most concerned cybersecurity problem which is poorly addressed by widely used security solutions. Despite the fact that there have been several scientific publications in this area, but from our innovative study classification and structural taxonomy proposals, we argue to provide the more information about insider threats and defense measures used to counter them. While adopting the current grounded theory method for a thorough literature evaluation, our categorization's goal is to organize knowledge in insider threat research. Along with an analysis of major recent studies on detecting insider threats, the major goal of the study is to develop a classification of current types of insiders, levels of access, motivations behind it, insider profiling, security properties, and methods they use to attack. This includes use of machine learning algorithm, behavior analysis, methods of detection and evaluation. Moreover, actual incidents related to insider attacks have also been analyzed