Understanding And Measuring Information Security Culture

The purpose of the current paper was to develop a measurement of information security culture. Our literature analysis indicated a lack of clear conceptualization and distinction between factors that constitute information security culture and factors that influence information security culture. A sequential mixed method consisting of a qualitative phase to explore the conceptualisation of information security culture, and a quantitative phase to validate the model is adopted for this research. Eight interviews with information security experts in eight different Saudi organisations were conducted, revealing that security culture can be constituted as reflection of security awareness and security ownership. Additionally, the qualitative interviews have revealed that factors that influence security culture are top management involvement, policy enforcement, and training. These factors were confirmed formed the basis for our initial information security culture model, which was operationalised and tested in different Saudi Arabian organisations. Using data from two hundred and fifty-four valid responses, we demonstrated the validity and reliability of the information security culture model. We were further able to demonstrate the validity of the model in a nomological net, as well as provide some preliminary findings on the factors that influence information security culture

Addressing Cybersecurity and Privacy Concerns in E-Learning: Evidence from Kuwaiti Educational Sector

This study explored cybersecurity and privacy concerns within e-learning in the Kuwaiti educational sector. This is done through adopting a mixed-methods approach that incorporates an online questionnaire and semi-structured interviews. Quantitative data from 384 participants indicated moderate to high cybersecurity and privacy concerns. In order to explore further about such concerns, qualitative data were collected from 16 interviewees and highlighted key issues such as lack of awareness, platform security deficiencies, privacy worries and regulatory needs. To address these concerns, the study proposed a comprehensive "Kuwaiti Educational Cybersecurity and Privacy Assurance Framework" (KECPAF) centred around cybersecurity education, platform security enhancement, clear policy development and robust enforcement. The research calls for collective effort among stakeholders and collaboration with cybersecurity experts to effectively implement the framework, adapt to evolving threats and improve the security of e-learning platforms in Kuwait's educational sector. Keywords: Kuwait, Education, e-learning, Cybersecurity, Privacy, Confidentiality, Framework. DOI: 10.7176/EJBM/16-1-01 Publication date: January 31st 202

A qualitative evaluation of two different law enforcement approaches on dark net markets

This paper presents the results of a qualitative study on discussions about two major law enforcement interventions against Dark Net Market (DNM) users extracted from relevant Reddit forums. We assess the impact of Operation Hyperion and Operation Bayonet (combined with the closure of the site Hansa) by analyzing posts and comments made by users of two Reddit forums created for the discussion of Dark Net Markets. The operations are compared in terms of the size of the discussions, the consequences recorded, and the opinions shared by forum users. We find that Operation Bayonet generated a higher number of discussions on Reddit, and from the qualitative analysis of such discussions it appears that this operation also had a greater impact on the DNM ecosystem. Index Terms—cybercrime, policy, law enforcement, qualitative, drug markets, dark webAccepted manuscrip

Assessing New York City's Youth Gun Violence Crisis: Crews - Volume II - CompStat for Violence Prevention Programs: Collecting Program Specific Data to Manage Performance and Inform Policy

The success or failure of community strategies to address the youth gun violence crisis is often attributed in part to how well the problem is understood and diagnosed. With support from The New York Community Trust, the Crime Commission has undertaken an analysis of youth gun violence and crew activity -- violent turf rivalries among less-organized, smaller and normally younger groups than traditional gangs -- in select New York City communities. Our initial findings from available data, existing research and interviews with stakeholders are presented in a series of papers titled, "Assessing New York City's Youth Gun Violence Crisis: Crews.

Fusing drug enforcement: a study of the El Paso Intelligence Center

This article examines the evolution of the El Paso Intelligence Center (EPIC), a key intelligence component of the Drug Enforcement Administration, to shed light on fusion efforts in drug enforcement. Since 1974, EPIC has strived to fuse the resources and capabilities of multiple government agencies to counter drug trafficking and related threats along the Southwest US border. While undergoing a steady growth, the Center has confronted a host of challenges that illuminate the uses and limits of multi-agency endeavors in drug enforcement. An evaluative study of the Center shows that it is well aligned with the federal government priorities in the realm of drug enforcement; however the extent to which the Center’s activities support the government’s efforts in this domain is not so clear. The Center needs to improve the way it reviews its own performance to better adapt and serve its customers

Cross-border Access to E-Evidence: Framing the Evidence. CEPS in Liberty and Security in Europe No. 2020-02, February 2020

This paper aims at situating the policy discourse accompanying current European Union (EU) initiatives on facilitating access by public authorities to data held by private companies, including in scenarios regarded as crossing jurisdictional borders. More concretely, it contextualises these initiatives in light of the absence of publicly available statistical information on some of the issues which are at the very core of these matters. Firstly, the paper presents the three main current developments, that is, the proposed ‘E-evidence package’, the negotiation of an EU-United States (US) agreement facilitating access to e-evidence for the purpose of judicial cooperation in criminal matters, and the participation of the EU in the negotiations in the Council of Europe on a second additional protocol to the Cybercrime Convention, analysing some of the recurrent messages associated with defending the necessity of all these different measures. The Brief then reviews some of the information upon which are being constructed arguments used to purport the need for these developments, by granting particular attention to the Impact Assessment that accompanied the publication of the ‘E-evidence package’. Finally, it suggests that the absence of statistical data might have implications for the assessment of the proportionality of eventual legislative measures

An exploratory study in to the money laundering threats, vulnerabilities, and controls within the UK bookmaker sector, with a specific focus on Fixed-Odds Betting Terminals

The purpose of this exploratory study was to generate an understanding in to the money laundering threats, vulnerabilities and controls found within UK betting shops, with a direct focus on the exponential growth of Fixed-Odd Betting Terminals. Qualitative research methods facilitated eight semi-structured interviews with key stakeholders linked to the gambling and/or money laundering sphere. This included the Gambling Commission, Campaign for Fairer Gambling, an ex-Head of Security and Safety at a major bookmaker, and five regular Fixed-Odd Betting Terminal users. The interviews were recorded, transcribed and coded for thematic analysis, subsequently resulting in the emergence of four interesting and meaningful themes. These were (1) Ineffective CDD enforcement facilitating anonymity (2) Weak anti-money laundering safeguards unable to mitigate known threats (3) A lack of anti-money laundering training, awareness, and resources (4) The Gambling Commission’s attempt for increased anti-money laundering regulation unsuccessful. By allowing a phenomenological framework to guide the data collection process, the interpreted subjective views and experiences of the participants involved, although somewhat limited, indicate that money laundering threats within the bookmaker sector are inherently high, with a lack of effective safeguards in place to mitigate the identified vulnerabilities

Global Management Effectiveness Study: Integrated Social and Ecological Report for Non-node and Node Sites

The purpose of this study is to provide a critical assessment of the implementation, impact, and performance of Marine Managed Area (MMA) projects to serve as a basis for improved planning and implementation of new MMA projects worldwide. The specific objectives of the study are (1) to determine the socioeconomic, governance and ecological effects of MMAs; (2) to determine the critical factors influencing MMA effects, as well as the impact of the timing of those factors on the effects of the MMA; and (3) to provide tools for predicting MMA effects based on ecological, socioeconomic and governance variable