Leveraging Technology and Innovation for Disaster Risk Management and Financing

The Asia-Pacific Economic Cooperation (APEC) region is highly exposed to disaster and climate risks, accounting for more than 80% of global economic losses from disaster events in the last 20 years. The destruction and disruption that usually follow disaster events pose an important challenge to economic development and can perpetuate vulnerability. Despite substantial investment in reducing risk across the region, economic losses from disaster events continue to increase at a much faster rate than gross domestic product, implying that the relative economic burden is increasing over time. Efforts to enhance the reach of insurance and other financial protection tools have not significantly reduced the share of economic losses borne by households, businesses, and governments, which often lack the capacity to absorb these impacts. A changing climate as well as continued population growth and asset accumulation in areas exposed to disaster and climate risks is expected to exacerbate these challenges—with particular implications for vulnerable groups with limited economic resources. Enhancing resilience in the face of increasing natural hazards, exposure, and vulnerability will require investments in reducing the economic, social, and financial impacts of disasters by improving risk and impact assessment and leveraging those improvements to invest in risk reduction, preparedness, and response. APEC finance ministers have long recognized the need to build financial resilience to disaster risks and have included this objective in their work for a number of years. The Cebu Action Plan, approved by APEC finance ministers in 2015, aims to enhance financial resilience against economic shocks, including by “developing innovative disaster risk financing and insurance mechanisms (including micro insurance) to enable APEC economies exposed to natural hazards to increase their financial response to disasters and reduce their fiscal burden” (APEC 2015). Referenced by APEC finance ministers in their 2019 Joint Ministerial Statement, this report aims to contribute to this objective by supporting efforts to reduce underlying risk and develop tools to manage the financial consequences

Privacy and Geospatial Technologies

This research examines the role of geospatial and ancillary technologies in the erosion of privacy in contemporary society. The development of Remote Sensing, GIS, and GPS technologies are explored as a means of understanding both their current and predicted uses and capabilities. Examination is also made of the legal basis and current status of privacy rights in the United States. Finally, current and predicted uses and capabilities of geospatial and ancillary technologies are critically examined in light of existing privacy protections as a means of determining the ways in which these technologies are impacting privacy currently and what their effects may be in the future

The Supervisory Impact of Technology on SEACEN Financial Institutions: Issues and Challenges

The development of financial markets cannot be isolated from the influence of technology. Technology, especially information technology (IT), plays a dual role in the financial field - as the engine of development of financial products and as the engine of financial institution operations. The operations of financial institutions in SEACEN countries involving the use of IT take on the second role. The more advanced SEACEN countries can actually compete with the world leaders in IT implementation by financial institutions. However, in terms of the second role of IT, SEACEN countries are still following the lead of the developed countries. This research project is aimed at providing a comparative study on the IT implementation within SEACEN financial sectors, including its supervisory impacts, issues and challenges. The project also serves as a documentation of the development of IT implementation by financial institutions in the SEACEN region. Since most central banks in the region are the authorities for the supervision of banking systems and not of non-bank financial institutions, the discussions on financial institutions pertain to banks. The project addresses the international best practices in IT implementation, cross-country comparison regarding IT implementation by financial institutions, the supervisory impacts, and the IT supervisory framework. SEACEN countries have different levels of IT implementation and IT supervisory frameworks. The country papers and survey results show that there are three different levels of IT implementation in the SEACEN countries. They are: 1) Developed IT implementation and established IT supervisory framework; 2) Early stage of IT implementation with less-established IT supervisory framework; and 3) Less-developed IT implementation. For each level of implementation, countries face different issues and challenges. Wherever IT implementation has become an important part of financial institution operations and management, the SEACEN member central banks consider IT supervision as an integral part of the overall financial institution supervisory framework. However, since there is cross-country heterogeneity of IT implementation and IT supervisory framework, suggesting a minimum requirement for IT implementation for institutions and a model IT supervisory framework is very difficult. The research project also addresses some issues and challenges faced by the countries in the region in terms of mitigating IT risks and bringing IT implementation by financial institutions in the region to a level playing field according to international best practices. The issues and challenges suggest the need to increase cooperation among the SEACEN member countries to increase IT awareness, implement good IT governance through establishing IT supervisory frameworks which conform to international best practices, increase knowledge sharing and training programmes in order to speed up the spill-over effects from the more advanced countries in the region.

An Analysis of the Relationship between Security Information Technology Enhancements and Computer Security Breaches and Incidents

Financial services institutions maintain large amounts of data that include both intellectual property and personally identifiable information for employees and customers. Due to the potential damage to individuals, government regulators hold institutions accountable for ensuring that personal data are protected and require reporting of data security breaches. No company wants a data breach, but finding a security incident or breach early in the attack cycle may decrease the damage or data loss a company experiences. In multiple high profile data breaches reported in major news stories over the past few years, there is a pattern of the adversary being inside the company’s network for months, and often law enforcement is the first to inform the company of the breach. The problem that was investigated in this case study was whether new information technology (IT) utilized by Fortune 500 financial services companies led to the changes in data security incidents and breaches. The goal of this dissertation is to gain a deeper understanding on how IT can increase awareness of a security incident or breach, and can also decrease security incidents and breaches. This dissertation also explores how threat information sharing increases awareness and decreases information security incidents and breaches. The objective of the study was to understand how changes in IT can influence an increase or decrease in data security breaches. This investigation was a case study of nine Fortune 500 financial services companies to understand what types of IT increase or decrease detection of security incidents and breaches. An increase in detecting and stopping a security incident or breach may have positive effects on the security of an enterprise. The longer a hacker has access to IT systems, the more entrenched they become and the more time the hacker has to locate data with high value. Time is of the essence to detect a compromise and react. The results of the case study showed that Fortune 500 companies utilized new IT that allowed them to improve their visibility of security incidents and breaches from months and years to hours and days

Challenges in Cybersecurity and Privacy - the European Research Landscape

Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended nature and the usage of potential untrustworthiness components. Likewise, identity-theft, fraud, personal data leakages, and other related cyber-crimes are continuously evolving, causing important damages and privacy problems for European citizens in both virtual and physical scenarios. In this context, new holistic approaches, methodologies, techniques and tools are needed to cope with those issues, and mitigate cyberattacks, by employing novel cyber-situational awareness frameworks, risk analysis and modeling, threat intelligent systems, cyber-threat information sharing methods, advanced big-data analysis techniques as well as exploiting the benefits from latest technologies such as SDN/NFV and Cloud systems. In addition, novel privacy-preserving techniques, and crypto-privacy mechanisms, identity and eID management systems, trust services, and recommendations are needed to protect citizens’ privacy while keeping usability levels. The European Commission is addressing the challenge through different means, including the Horizon 2020 Research and Innovation program, thereby financing innovative projects that can cope with the increasing cyberthreat landscape. This book introduces several cybersecurity and privacy research challenges and how they are being addressed in the scope of 15 European research projects. Each chapter is dedicated to a different funded European Research project, which aims to cope with digital security and privacy aspects, risks, threats and cybersecurity issues from a different perspective. Each chapter includes the project’s overviews and objectives, the particular challenges they are covering, research achievements on security and privacy, as well as the techniques, outcomes, and evaluations accomplished in the scope of the EU project. The book is the result of a collaborative effort among relative ongoing European Research projects in the field of privacy and security as well as related cybersecurity fields, and it is intended to explain how these projects meet the main cybersecurity and privacy challenges faced in Europe. Namely, the EU projects analyzed in the book are: ANASTACIA, SAINT, YAKSHA, FORTIKA, CYBECO, SISSDEN, CIPSEC, CS-AWARE. RED-Alert, Truessec.eu. ARIES, LIGHTest, CREDENTIAL, FutureTrust, LEPS. Challenges in Cybersecurity and Privacy - the European Research Landscape is ideal for personnel in computer/communication industries as well as academic staff and master/research students in computer science and communications networks interested in learning about cyber-security and privacy aspects

Unmanned Aircraft Systems in the Cyber Domain

Unmanned Aircraft Systems are an integral part of the US national critical infrastructure. The authors have endeavored to bring a breadth and quality of information to the reader that is unparalleled in the unclassified sphere. This textbook will fully immerse and engage the reader / student in the cyber-security considerations of this rapidly emerging technology that we know as unmanned aircraft systems (UAS). The first edition topics covered National Airspace (NAS) policy issues, information security (INFOSEC), UAS vulnerabilities in key systems (Sense and Avoid / SCADA), navigation and collision avoidance systems, stealth design, intelligence, surveillance and reconnaissance (ISR) platforms; weapons systems security; electronic warfare considerations; data-links, jamming, operational vulnerabilities and still-emerging political scenarios that affect US military / commercial decisions. This second edition discusses state-of-the-art technology issues facing US UAS designers. It focuses on counter unmanned aircraft systems (C-UAS) – especially research designed to mitigate and terminate threats by SWARMS. Topics include high-altitude platforms (HAPS) for wireless communications; C-UAS and large scale threats; acoustic countermeasures against SWARMS and building an Identify Friend or Foe (IFF) acoustic library; updates to the legal / regulatory landscape; UAS proliferation along the Chinese New Silk Road Sea / Land routes; and ethics in this new age of autonomous systems and artificial intelligence (AI).https://newprairiepress.org/ebooks/1027/thumbnail.jp