Strategies for Implementing Successful IT Security Systems in Small Businesses

Owners of small businesses who do not adequately protect business data are at high risk for a cyber attack. As data breaches against small businesses have increased, it has become a growing source of concern for consumers who rely on owners of small businesses to protect their data from data breaches. Grounded in general systems theory and routine activity approach, the focus of this qualitative multiple case study was to explore strategies used by owners of small businesses to protect confidential company data from cyber attacks. The process used for collecting data involved semistructured face-to-face interviews with 5 owners of small businesses in Florida, as well as a review of company documents that were relevant to strategies used by owners of small businesses to protect confidential company data from cyber attacks. The thematic analysis of the interview transcripts revealed 4 themes for protecting business data against cyber attacks, which are security information management strategy, organizational strategy, consistent security policy, and cybersecurity risk management strategy. A key finding is that owners of small businesses could develop an organizational strategy by incorporating procedures used to protect from and respond to cyber attacks. The implications for positive social change include the potential to increase customers’ confidence and businesses’ economic growth, as well as stimulate the socioeconomic lifecycle, resulting in potential employment gains for residents within the communities

Perfomance Analysis and Resource Optimisation of Critical Systems Modelled by Petri Nets

Un sistema crítico debe cumplir con su misión a pesar de la presencia de problemas de seguridad. Este tipo de sistemas se suele desplegar en entornos heterogéneos, donde pueden ser objeto de intentos de intrusión, robo de información confidencial u otro tipo de ataques. Los sistemas, en general, tienen que ser rediseñados después de que ocurra un incidente de seguridad, lo que puede conducir a consecuencias graves, como el enorme costo de reimplementar o reprogramar todo el sistema, así como las posibles pérdidas económicas. Así, la seguridad ha de ser concebida como una parte integral del desarrollo de sistemas y como una necesidad singular de lo que el sistema debe realizar (es decir, un requisito no funcional del sistema). Así pues, al diseñar sistemas críticos es fundamental estudiar los ataques que se pueden producir y planificar cómo reaccionar frente a ellos, con el fin de mantener el cumplimiento de requerimientos funcionales y no funcionales del sistema. A pesar de que los problemas de seguridad se consideren, también es necesario tener en cuenta los costes incurridos para garantizar un determinado nivel de seguridad en sistemas críticos. De hecho, los costes de seguridad puede ser un factor muy relevante ya que puede abarcar diferentes dimensiones, como el presupuesto, el rendimiento y la fiabilidad. Muchos de estos sistemas críticos que incorporan técnicas de tolerancia a fallos (sistemas FT) para hacer frente a las cuestiones de seguridad son sistemas complejos, que utilizan recursos que pueden estar comprometidos (es decir, pueden fallar) por la activación de los fallos y/o errores provocados por posibles ataques. Estos sistemas pueden ser modelados como sistemas de eventos discretos donde los recursos son compartidos, también llamados sistemas de asignación de recursos. Esta tesis se centra en los sistemas FT con recursos compartidos modelados mediante redes de Petri (Petri nets, PN). Estos sistemas son generalmente tan grandes que el cálculo exacto de su rendimiento se convierte en una tarea de cálculo muy compleja, debido al problema de la explosión del espacio de estados. Como resultado de ello, una tarea que requiere una exploración exhaustiva en el espacio de estados es incomputable (en un plazo prudencial) para sistemas grandes. Las principales aportaciones de esta tesis son tres. Primero, se ofrecen diferentes modelos, usando el Lenguaje Unificado de Modelado (Unified Modelling Language, UML) y las redes de Petri, que ayudan a incorporar las cuestiones de seguridad y tolerancia a fallos en primer plano durante la fase de diseño de los sistemas, permitiendo así, por ejemplo, el análisis del compromiso entre seguridad y rendimiento. En segundo lugar, se proporcionan varios algoritmos para calcular el rendimiento (también bajo condiciones de fallo) mediante el cálculo de cotas de rendimiento superiores, evitando así el problema de la explosión del espacio de estados. Por último, se proporcionan algoritmos para calcular cómo compensar la degradación de rendimiento que se produce ante una situación inesperada en un sistema con tolerancia a fallos

Proceedings of the 3rd International Workshop on Formal Aspects in Security and Trust (FAST2005)

The present report contains the pre-proceedings of the third international Workshop on Formal Aspects in Security and Trust (FAST2005), held in Newcastle upon Tyne, 18-19 July 2005. FAST is an event affliated with the Formal Methods 2005 Congress (FM05). The third international Workshop on Formal Aspects in Security and Trust (FAST2005) aims at continuing the successful effort of the previous two FAST workshop editions for fostering the cooperation among researchers in the areas of security and trust. The new challenges offered by the so-called ambient intelligence space, as a future paradigm in the information society, demand for a coherent and rigorous framework of concepts, tools and methodologies to provide user\u27s trust&confidence on the underlying communication/interaction infrastructure. It is necessary to address issues relating to both guaranteeing security of the infrastructure and the perception of the infrastructure being secure. In addition, user confidence on what is happening must be enhanced by developing trust models effective but also easily comprehensible and manageable by users

Applications in security and evasions in machine learning : a survey

In recent years, machine learning (ML) has become an important part to yield security and privacy in various applications. ML is used to address serious issues such as real-time attack detection, data leakage vulnerability assessments and many more. ML extensively supports the demanding requirements of the current scenario of security and privacy across a range of areas such as real-time decision-making, big data processing, reduced cycle time for learning, cost-efficiency and error-free processing. Therefore, in this paper, we review the state of the art approaches where ML is applicable more effectively to fulfill current real-world requirements in security. We examine different security applications' perspectives where ML models play an essential role and compare, with different possible dimensions, their accuracy results. By analyzing ML algorithms in security application it provides a blueprint for an interdisciplinary research area. Even with the use of current sophisticated technology and tools, attackers can evade the ML models by committing adversarial attacks. Therefore, requirements rise to assess the vulnerability in the ML models to cope up with the adversarial attacks at the time of development. Accordingly, as a supplement to this point, we also analyze the different types of adversarial attacks on the ML models. To give proper visualization of security properties, we have represented the threat model and defense strategies against adversarial attack methods. Moreover, we illustrate the adversarial attacks based on the attackers' knowledge about the model and addressed the point of the model at which possible attacks may be committed. Finally, we also investigate different types of properties of the adversarial attacks

Integrating security into real-time cyber-physical systems

Cyber-physical systems (CPS) such as automobiles, power plants, avionics systems, unmanned vehicles, medical devices, manufacturing and home automation systems have distinct cyber and physical components that must work cohesively with each other to ensure correct operation. Many cyber-physical applications have “real-time” constraints, i.e., they must function correctly within predetermined time scales. A failure to protect these systems could result in significant harm to humans, the system or even the environment. While traditionally such systems were isolated from external accesses and used proprietary components and protocols, modern CPS use off-the-shelf components and are increasingly interconnected, often via networks such as the Internet. As a result, they are exposed to additional attack surfaces and have become increasingly vulnerable to cyber attacks. Enhancing security for real-time CPS, however, is not an easy task due to limited resource availability (e.g., processing power, memory, storage, energy) and stringent timing/safety requirements. Security monitoring techniques for cyber-physical platforms (a) must execute with existing real-time tasks, (b) operate without impacting the timing and safety constraints of the control logic and (c) have to be designed and executed in a way that an adversary cannot easily evade it. The objective of my research is to increase security posture of embedded real-time CPS by integrating monitoring/detection techniques that defeat cyber attacks without violating timing/safety constraints of existing tasks. My dissertation work explores the real-time security domain and shows that by employing a combination of multiple scheduling/analysis techniques and interactions between hardware/software-based security extensions, it becomes feasible to integrate security monitoring mechanisms in real-time CPS without compromising timing/safety requirements of existing tasks. In this research, I (a) develop techniques to raise the responsiveness of security monitoring tasks by increasing their frequency of execution, (b) design a hardware-supported framework to prevent falsification of actuation commands — i.e., commands that control the state of the physical system and (c) propose metrics to trade-off security with real-time guarantees. The solutions presented in this dissertation require minimal changes to system components/parameters and thus compatible for legacy systems. My proposed frameworks and results are evaluated through both, simulations and experiments on real off-the-shelf cyber-physical platforms. The development of analysis techniques and design frameworks proposed in this dissertation will inherently make such systems more secure and hence, safer. I believe my dissertation work will bring researchers and system engineers one step closer to understand how to integrate two seemingly diverse yet important fields — real-time CPS and cyber-security — while gaining a better understanding of both areas

ICT aspects of power systems and their security

This report provides a deep description of four complex Attack Scenarios that have as final goal to produce damage to the Electric Power Transmission System. The details about protocols used, vulnerabilities, devices etc. have been for obvious reasons hidden, and the ones presented have to be understood as mere (even if realistic) simplified versions of possible power systems.JRC.DG.G.6-Security technology assessmen

Technical Strategies Database Managers use to Protect Systems from Security Breaches

Healthcare organizations generate massive amounts of data through their databases that may be vulnerable to data breaches due to extensive user privileges, unpatched databases, standardized query language injections, weak passwords/usernames, and system weaknesses. The purpose of this qualitative multiple case study was to explore technical strategies database managers in Southeast/North Texas used to protect database systems from data breaches. The target population consisted of database managers from 2 healthcare organizations in this region. The integrated system theory of information security management was the conceptual framework. The data collection process included semistructured interviews with 9 database managers, including a review of 14 organizational documents. Data were put into NVivo 12 software for thematic coding. Coding from interviews and member checking was triangulated with corporate documents to produce 5 significant themes and 1 subtheme: focus on verifying the identity of users, develop and enforce security policies, implement efficient encryption, monitor threats posed by insiders, focus on safeguards against external threats, and a subtheme derived from vulnerabilities caused by weak passwords. The findings from the study showed that the implementation of security strategies improved organizations\u27 abilities to protect data from security incidents. Thus, the results may be applied to create social change, decreasing the theft of confidential data, and providing knowledge as a resource to accelerate the adoption of technical approaches to protect database systems rom security incidents