52,031 research outputs found
Preparing for GDPR:helping EU SMEs to manage data breaches
Over the last decade, the number of small and medium (SME) businesses suffering data breaches has risen at an alarming rate. Knowing how to respond to inevitable data breaches is critically important. A number of guidelines exist to advise organisations on the steps necessary to ensure an effective incident response. These guidelines tend to be unsuitable for SMEs, who generally have limited resources to expend on security and incident responses. Qualitative interviews were conducted with SMEs to probe current data breach response practice and to gather best-practice advice from SMEs themselves. The interviews revealed no widespread de facto approach, with a variety of practices being reported. A numberĀ of prevalent unhelpful-practice themes emerged from the responses, which we propose specific mitigation techniques to address. We therefore propose a SME-specific incident response framework that is simple yet powerful enough to inform and guide SME responses to data breach incidents
Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety
According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise wonāt improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information.
A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. Iāve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C.
These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution
Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety
According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise wonāt improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information.
A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. Iāve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C.
These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution
Recommended from our members
Learning the lessons from the developed world: e-banking security in Nigeria
In the past decade banks invested heavily in internet technology so as to engage in e-business and e-commerce activities. However, this development exposed banks to threats, such as online fraud. Consequently, there was a need to adopt security measures and controls to mitigate such threats. Banks in developed countries have developed a level of ābest practiceā to reduce such online threats. The objective of this study was to explore the extent to which banks in the developing world were benefitting from the experiences of banks in the developed world in terms of how they address online security threats. Case studies of two Nigerian Banks were undertaken using interviews and short questionnaire. The findings show respondents perceived the level of threats to e-banking in Nigeria to be low. When adopting e-banking security controls, the case study banks placed more emphasis on the technical dimension than the human dimension. Senior management commitment is a significant barrier to adopting best practice, which is highlighted in limited financial resources being provided for new investment in training or customer education. The study concludes that senior managers need to change their perceptions and priorities towards IT security to reduce the vulnerability of their e-banking services
Rethinking Security Incident Response: The Integration of Agile Principles
In today's globally networked environment, information security incidents can
inflict staggering financial losses on organizations. Industry reports indicate
that fundamental problems exist with the application of current linear
plan-driven security incident response approaches being applied in many
organizations. Researchers argue that traditional approaches value containment
and eradication over incident learning. While previous security incident
response research focused on best practice development, linear plan-driven
approaches and the technical aspects of security incident response, very little
research investigates the integration of agile principles and practices into
the security incident response process. This paper proposes that the
integration of disciplined agile principles and practices into the security
incident response process is a practical solution to strengthening an
organization's security incident response posture.Comment: Paper presented at the 20th Americas Conference on Information
Systems (AMCIS 2014), Savannah, Georgi
Harnessing technology review 2007. Progress and impact of technology in education. Summary report.
This is the summary of the first review of the use and impact of ICT in the education system following the publication of the Government's e-Strategy for the education system, known as Harnessing Technology. The Review drew upon Becta's surveys of schools and FE colleges as well as other research to assess the impact of technology within the education system and the progress made in achieving the system outcomes of the policy
Harnessing technology review 2007. Progress and impact of technology in education. Full Report.
This is the first review of the use and impact of ICT in the education system following the publication of the Government's e-Strategy for the education system, known as Harnessing Technology. The Review drew upon Becta's surveys of schools and FE colleges as well as other research to assess the impact of technology within the education system and the progress made in achieving the system outcomes of the policy
Preparing millennials as digital citizens and socially and environmentally responsible business professionals in a socially irresponsible climate
As of 2015, a millennial born in the 1990's became the largest population in
the workplace and are still growing. Studies indicate that a millennial is tech
savvy but lag in the exercise of digital responsibility. In addition, they are
passive towards environmental sustainability and fail to grasp the importance
of social responsibility. This paper provides a review of such findings
relating to business communications educators in their classrooms. The
literature should enable the development of a millennial as an excellent global
citizen through business communications curricula that emphasizes digital
citizenship, environmental sustainability and social responsibility. The
impetus for this work is to provide guidance in the development of courses and
teaching strategies customized to the development of each millennial as a
digital, environmental and socially responsible global citizen
PriPeARL: A Framework for Privacy-Preserving Analytics and Reporting at LinkedIn
Preserving privacy of users is a key requirement of web-scale analytics and
reporting applications, and has witnessed a renewed focus in light of recent
data breaches and new regulations such as GDPR. We focus on the problem of
computing robust, reliable analytics in a privacy-preserving manner, while
satisfying product requirements. We present PriPeARL, a framework for
privacy-preserving analytics and reporting, inspired by differential privacy.
We describe the overall design and architecture, and the key modeling
components, focusing on the unique challenges associated with privacy,
coverage, utility, and consistency. We perform an experimental study in the
context of ads analytics and reporting at LinkedIn, thereby demonstrating the
tradeoffs between privacy and utility needs, and the applicability of
privacy-preserving mechanisms to real-world data. We also highlight the lessons
learned from the production deployment of our system at LinkedIn.Comment: Conference information: ACM International Conference on Information
and Knowledge Management (CIKM 2018
- ā¦