Cost and Effects of Data Breaches, Precautions, and Disclosure Laws

In recent times the breach of security systems or cyber-attacks leading to unauthorized acquisitions of computerized data that compromises the security, confidentiality, and integrity of personally identifiable information by many organizations has grown. There is a general belief that data breaches and today’s organizational practices are axiomatically regarded as cause and effect. This paper addresses the cost of data breaches, disclosure laws, and precautions that have been instituted for many organizations and concludes that cybersecurity and data breach question is not “if” but “when” it might happen. Data has grown as one of the critical assets, and the absence of security protocols creates a vulnerability that can be misused by bad actors engaged in hacking and other forms of the data breach. This paper documents that the last decade experienced a phenomenal rise in the number of data breaches caused by hacking and the efficacy of disclosure laws that have been instituted by 48 states in the US. The frequency of data breach incidents has been alarming as billions of records have been breached and billions of dollars have been spent to mitigate those breaches, which could have been allocated for other projects. It is recommended that all organizations, big or small, have cybersecurity policies and a business continuity plan in place to deal with data breaches

cii Student Papers - 2021

In this collection of papers, we, the Research Group Critical Information Infrastructures (cii) from the Karlsruhe Institute of Technology, present nine selected student research articles contributing to the design, development, and evaluation of critical information infrastructures. During our courses, students mostly work in groups and deal with problems and issues related to sociotechnical challenges in the realm of (critical) information systems. Student papers came from four different cii courses, namely Emerging Trends in Digital Health, Emerging Trends in Internet Technologies, Critical Information Infrastructures, and Digital Health in the winter term of 2020 and summer term of 2021

Cyber Security of Critical Infrastructures

Critical infrastructures are vital assets for public safety, economic welfare, and the national security of countries. The vulnerabilities of critical infrastructures have increased with the widespread use of information technologies. As Critical National Infrastructures are becoming more vulnerable to cyber-attacks, their protection becomes a significant issue for organizations as well as nations. The risks to continued operations, from failing to upgrade aging infrastructure or not meeting mandated regulatory regimes, are considered highly significant, given the demonstrable impact of such circumstances. Due to the rapid increase of sophisticated cyber threats targeting critical infrastructures with significant destructive effects, the cybersecurity of critical infrastructures has become an agenda item for academics, practitioners, and policy makers. A holistic view which covers technical, policy, human, and behavioural aspects is essential to handle cyber security of critical infrastructures effectively. Moreover, the ability to attribute crimes to criminals is a vital element of avoiding impunity in cyberspace. In this book, both research and practical aspects of cyber security considerations in critical infrastructures are presented. Aligned with the interdisciplinary nature of cyber security, authors from academia, government, and industry have contributed 13 chapters. The issues that are discussed and analysed include cybersecurity training, maturity assessment frameworks, malware analysis techniques, ransomware attacks, security solutions for industrial control systems, and privacy preservation methods