Applications of Cyber Threat Intelligence (CTI) in Financial Institutions and Challenges in Its Adoption

The critical nature of financial infrastructures makes them prime targets for cybercriminal activities, underscoring the need for robust security measures. This research delves into the role of Cyber Threat Intelligence (CTI) in bolstering the security framework of financial entities and identifies key challenges that could hinder its effective implementation. CTI brings a host of advantages to the financial sector, including real-time threat awareness, which enables institutions to proactively counteract cyber-attacks. It significantly aids in the efficiency of incident response teams by providing contextual data about attacks. Moreover, CTI is instrumental in strategic planning by providing insights into emerging threats and can assist institutions in maintaining compliance with regulatory frameworks such as GDPR and CCPA. Additional applications include enhancing fraud detection capabilities through data correlation, assessing and managing vendor risks, and allocating resources to confront the most pressing cyber threats. The adoption of CTI technologies is fraught with challenges. One major issue is data overload, as the vast quantity of information generated can overwhelm institutions and lead to alert fatigue. The issue of interoperability presents another significant challenge; disparate systems within the financial sector often use different data formats, complicating seamless CTI integration. Cost constraints may also inhibit the adoption of advanced CTI tools, particularly for smaller institutions. A lack of specialized skills necessary to interpret CTI data exacerbates the problem. The effectiveness of CTI is contingent on its accuracy, and false positives and negatives can have detrimental impacts. The rapidly evolving nature of cyber threats necessitates real-time updates, another hurdle for effective CTI implementation. Furthermore, the sharing of threat intelligence among entities, often competitors, is hampered by mistrust and regulatory complications. This research aims to provide a nuanced understanding of the applicability and limitations of CTI within the financial sector, urging institutions to approach its adoption with a thorough understanding of the associated challenges

Optimization Models and Algorithms for Vulnerability Analysis and Mitigation Planning of Pyro-Terrorism

In this dissertation, an important homeland security problem is studied. With the focus on wildfire and pyro-terrorism management. We begin the dissertation by studying the vulnerability of landscapes to pyro-terrorism. We develop a maximal covering based optimization model to investigate the impact of a pyro-terror attack on landscapes based on the ignition locations of fires. We use three test case landscapes for experimentation. We compare the impact of a pyro-terror wildfire with the impacts of naturally-caused wildfires with randomly located ignition points. Our results indicate that a pyro-terror attack, on average, has more than twice the impact on landscapes than wildfires with randomly located ignition points. In the next chapter, we develop a Stackelberg game model, a min-max network interdiction framework that identifies a fuel management schedule that, with limited budget, maximally mitigates the impact of a pyro-terror attack. We develop a decomposition algorithm called MinMaxDA to solve the model for three test case landscapes, located in Western U.S. Our results indicate that fuel management, even when conducted on a small scale (when 2% of a landscape is treated), can mitigate a pyro-terror attack by 14%, on average, comparing to doing nothing. For a fuel management plan with 5%, and 10% budget, it can reduce the damage by 27% and 43% on average. Finally, we extend our study to the problem of suppression response after a pyro-terror attack. We develop a max-min model to identify the vulnerability of initial attack resources when used to fight a pyro-terror attack. We use a test case landscape for experimentation and develop a decomposition algorithm called Bounded Decomposition Algorithm (BDA) to solve the problem since the model has bilevel max-min structure with binary variables in the lower level and therefore not solvable by conventional methods. Our results indicate that although pyro-terror attacks with one ignition point can be controlled with an initial attack, pyro-terror attacks with two and more ignition points may not be controlled by initial attack. Also, a faster response is more promising in controlling pyro-terror fires

Consumerization of IT: Risk Mitigation Strategies and Good Practices. Responding to the Emerging Threat Environment.

This report presents security policies that can be deployed to mitigate risks that are related with the trend of Consumerization of IT (COIT) and Bring Your Own Device (BYOD). The aim of this document is to identify mitigation strategies, policies and controls for the risks identified in this area

Quantitative maritime security assessment: a 2020 vision

Maritime security assessment is moving towards a proactive risk-based regime. This opens the way for security analysts and managers to explore and exploit flexible and advanced risk modelling and decision-making approaches in maritime transport. In this article, following a review of maritime security risk assessment, a generic quantitative security assessment methodology is developed. Novel mathematical models for security risk analysis and management are outlined and integrated to demonstrate their use in the developed framework. Such approaches may be used to facilitate security risk modelling and decision making in situations where conventional quantitative risk analysis techniques cannot be appropriately applied. Finally, recommendations on further exploitation of advances in risk and uncertainty modelling technology are suggested with respect to maritime security risk quantification and management

A conceptual framework for cyber counterintelligence

Abstract :D.Com (Computer Science

A comparative analysis of security risk management in Norwegian oil and gas and renewable energy companies.

With the recognised urgent need to combat climate change globally, the renewables industry has witnessed significant growth to meet ambitious net zero targets. This thesis aims to emphasize the importance of improving security risk governance to adapt to the evolving energy sector. The increasing adoption of renewable solutions and the expansion of renewable production presents a landscape characterized by uncertain and complex market dynamics. Additionally, these developments contribute to a more adverse threat environment driven by innovation in research and development (R&D), technology, and digitalization. Considering these advancements, criminal actors now have greater opportunity, motive, and increased capabilities, regardless of whether the company is focused on oil and gas, or renewable production. While damages to a renewables asset result in lower costs and less detrimental environmental impacts when compared to an offshore oil and gas asset, they can still have adverse implications on company values. Impacts to critical renewable assets have the potential to increase reliance on traditional fossil fuels, negatively impact local communities, and detrimentally impact company margins. Furthermore, due to market volatility and energy politics, nations aim to safeguard energy supply and reduce dependence on external sources. This is particularly relevant when considering the sanctions imposed on Russian oil and gas following the 2022 invasion of Ukraine. As a result, energy independence and energy security have become increasingly more critical. This thesis has identified with certainty that there is a significant lack of maturity within security risk governance in renewables companies. Therefore, by comparing how both the oil and gas, and renewables sector acknowledge security and therein approach security risk management, a platform is created to offer fit-for-purpose recommendations to the renewables sector. Furthermore, this thesis acknowledges the lower margin nature of renewable production and ultimately emphasises fostering a sustainable and dynamic security culture that allows industry to strategically expand into higher security threat environments. Key words: Renewable production, Security risk, Risk Governance, Security Risk Assessments, risk tolerabilit

A strategic framework for e-government security: the case in Nigeria

A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for the degree of Doctor of PhilosophyCountries across the globe are striving towards full-scale implementation of e-government. One of the issues arising with the efforts to this realization is the assurance of secure transactions while upholding high privacy standards. In order to engage citizens in the process, there must be transparency and confidence that the e-government systems they are using are reliable and will deliver the services with integrity, confidentiality and accountability. Different systems require different levels of security according to the services they provide to their users. This research presents an investigation into reasons why e-government security frameworks developed by researchers with the claim that it is one-size-fits-all issue may not hold true, particularly in the case of Nigeria, based on certain identified realities. The claim of a generalized framework appears very challenging because there seem to be much diversity across different governments. Countries differ in one or more of the following characteristics: political systems, legal systems, economic situation, available technological infrastructure, Internet and PC penetration, availability of skills and human resources, literacy levels, computer literacy levels, level of poverty, leadership, and ethnic diversities in terms of norms, languages, and expertise. Security measures implemented in e-government projects in some developed countries, beginning with more established e-government systems around the world, were evaluated and a strategic framework for e-government security proposed which considers both technical and non-technical factors that involve people, processes and technologies. The framework is proposed to advance the rapid adoption of practices that will guarantee e-government security. It seeks to provide a flexible, repeatable and cost-effective approach to implementing e-government security. This research examines the issues of enclosure in the implementation of e-government from the perspective of security and ultimately survivability

A PREDICTIVE USER BEHAVIOUR ANALYTIC MODEL FOR INSIDER THREATS IN CYBERSPACE

Insider threat in cyberspace is a recurring problem since the user activities in a cyber network are often unpredictable. Most existing solutions are not flexible and adaptable to detect sudden change in user’s behaviour in streaming data, which led to a high false alarm rates and low detection rates. In this study, a model that is capable of adapting to the changing pattern in structured cyberspace data streams in order to detect malicious insider activities in cyberspace was proposed. The Computer Emergency Response Team (CERT) dataset was used as the data source in this study. Extracted features from the dataset were normalized using Min-Max normalization. Standard scaler techniques and mutual information gain technique were used to determine the best features for classification. A hybrid detection model was formulated using the synergism of Convolutional Neural Network (CNN) and Gated Recurrent Unit (GRU) models. Model simulation was performed using python programming language. Performance evaluation was carried out by assessing and comparing the performance of the proposed model with a selected existing model using accuracy, precision and sensitivity as performance metrics. The result of the simulation showed that the developed model has an increase of 1.48% of detection accuracy, 4.21% of precision and 1.25% sensitivity over the existing model. This indicated that the developed hybrid approach was able to learn from sequences of user actions in a time and frequency domain and improves the detection rate of insider threats in cyberspace

Review of Climate Change and Its Effect on Nigeria Ecosystem

This paper examines the issue of climate change and its impact on the environment. The effects of man’s activities as well as those of natural phenomena on global warming, climate change and the environment are presented and discussed. The options that are available as response to global warming: mitigation, adaptation and possible human suffering as consequences of what cannot be avoided by mitigation and adaptation are presented. An overview of the Nigerian environment, preparedness for the impact of global warming and related problems are also presented. The status of environmental data and the need for environmental baseline survey and the creation of a comprehensive database for the country driven by geographical information system are presented and discussed. The paper then underscores the need for governments at all levels to adequately fund geo information production and cultivate the culture of its usage for adequate and proactive response to global warming, sustainable environmental management and national development. Keywords: climate change,mitigation, adaptation,global warming,environmental management

An Energy Aware and Secure MAC Protocol for Tackling Denial of Sleep Attacks in Wireless Sensor Networks

Wireless sensor networks which form part of the core for the Internet of Things consist of resource constrained sensors that are usually powered by batteries. Therefore, careful energy awareness is essential when working with these devices. Indeed,the introduction of security techniques such as authentication and encryption, to ensure confidentiality and integrity of data, can place higher energy load on the sensors. However, the absence of security protection c ould give room for energy drain attacks such as denial of sleep attacks which have a higher negative impact on the life span ( of the sensors than the presence of security features. This thesis, therefore, focuses on tackling denial of sleep attacks from two perspectives A security perspective and an energy efficiency perspective. The security perspective involves evaluating and ranking a number of security based techniques to curbing denial of sleep attacks. The energy efficiency perspective, on the other hand, involves exploring duty cycling and simulating three Media Access Control ( protocols Sensor MAC, Timeout MAC andTunableMAC under different network sizes and measuring different parameters such as the Received Signal Strength RSSI) and Link Quality Indicator ( Transmit power, throughput and energy efficiency Duty cycling happens to be one of the major techniques for conserving energy in wireless sensor networks and this research aims to answer questions with regards to the effect of duty cycles on the energy efficiency as well as the throughput of three duty cycle protocols Sensor MAC ( Timeout MAC ( and TunableMAC in addition to creating a novel MAC protocol that is also more resilient to denial of sleep a ttacks than existing protocols. The main contributions to knowledge from this thesis are the developed framework used for evaluation of existing denial of sleep attack solutions and the algorithms which fuel the other contribution to knowledge a newly developed protocol tested on the Castalia Simulator on the OMNET++ platform. The new protocol has been compared with existing protocols and has been found to have significant improvement in energy efficiency and also better resilience to denial of sleep at tacks Part of this research has been published Two conference publications in IEEE Explore and one workshop paper