Strategies for Mitigating Cyberattacks Against Small Retail Businesses

Abstract Small retail businesses are increasingly becoming targets for social media cyberattacks, often losing profitability when forced to close operations after a cyberattack. Small retail business leaders are concerned with the negative impact of cyberattacks on firms’ viability and competitiveness. Grounded in general systems theory, the purpose of this qualitative multiple-case study was to explore strategies retail leaders use to deter social media cyberattacks. The participants were 11 small retail business leaders. Data were collected using semistructured interviews and analyzed using thematic analysis. Three themes emerged: using multiple strategies to deter social media cyberattacks, importance of training regarding cybersecurity best practices, and the need for a contingency plan. A key recommendation is for small retail business leaders to provide employees and customers with training regarding proper cybersecurity protocols. The implications for positive social change include the potential to improve cybersecurity measures and enhance a small business’ viability and employment opportunities, positively impacting local communities and tax revenues

ENHANCING PRIVACY IN MULTI-AGENT SYSTEMS

La pérdida de privacidad se está convirtiendo en uno de los mayores problemas en el mundo de la informática. De hecho, la mayoría de los usuarios de Internet (que hoy en día alcanzan la cantidad de 2 billones de usuarios en todo el mundo) están preocupados por su privacidad. Estas preocupaciones también se trasladan a las nuevas ramas de la informática que están emergiendo en los ultimos años. En concreto, en esta tesis nos centramos en la privacidad en los Sistemas Multiagente. En estos sistemas, varios agentes (que pueden ser inteligentes y/o autónomos) interactúan para resolver problemas. Estos agentes suelen encapsular información personal de los usuarios a los que representan (nombres, preferencias, tarjetas de crédito, roles, etc.). Además, estos agentes suelen intercambiar dicha información cuando interactúan entre ellos. Todo esto puede resultar en pérdida de privacidad para los usuarios, y por tanto, provocar que los usuarios se muestren adversos a utilizar estas tecnologías. En esta tesis nos centramos en evitar la colección y el procesado de información personal en Sistemas Multiagente. Para evitar la colección de información, proponemos un modelo para que un agente sea capaz de decidir qué atributos (de la información personal que tiene sobre el usuario al que representa) revelar a otros agentes. Además, proporcionamos una infraestructura de agentes segura, para que una vez que un agente decide revelar un atributo a otro, sólo este último sea capaz de tener acceso a ese atributo, evitando que terceras partes puedan acceder a dicho atributo. Para evitar el procesado de información personal proponemos un modelo de gestión de las identidades de los agentes. Este modelo permite a los agentes la utilización de diferentes identidades para reducir el riesgo del procesado de información. Además, también describimos en esta tesis la implementación de dicho modelo en una plataforma de agentes.Such Aparicio, JM. (2011). ENHANCING PRIVACY IN MULTI-AGENT SYSTEMS [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/13023Palanci

Future worlds: threats and opportunities for policing and security

An article about the threats and opportunities for policing and security in the future operating environment for public and private sector capabilities and capacities

A framework to enhance Information and Communication Technology (ICT) readiness for business continuity at the South African Revenue Services (SARS)

Many organisations, especially public sector organisations, are required to ensure that they are able to continue with their operation in cases of major disasters that affect the organisations. In the same light, the South African Revenue Services (SARS), being a quasi-government organisation, faces a similar phenomenon. The main purpose of conducting this research was to explore a problem in depth that was identified at the SARS. SARS does not have a comprehensive business continuity plan. The study therefore examined possible techniques or actions for ensuring information and communication technology (ICT) readiness and business continuity, explored various frameworks and policy documents which will assist public entities with readiness for business continuity, and identified frameworks that will assist SARS in implementing an effective ICT readiness for business continuity. The study adopted the design science research approach and aspects of design science research in information systems. Data gathered through the questionnaire instrument was used to design a framework that can be adopted at SARS to enhance ICT readiness for business continuity. The research findings show the importance of effective business continuity management (BCM) and a framework that can be used to implement an effective BCM

A framework to enhance Information and Communication Technology (ICT) readiness for business continuity at the South African Revenue Services (SARS)

Many organisations, especially public sector organisations, are required to ensure that they are able to continue with their operation in cases of major disasters that affect the organisations. In the same light, the South African Revenue Services (SARS), being a quasi-government organisation, faces a similar phenomenon. The main purpose of conducting this research was to explore a problem in depth that was identified at the SARS. SARS does not have a comprehensive business continuity plan. The study therefore examined possible techniques or actions for ensuring information and communication technology (ICT) readiness and business continuity, explored various frameworks and policy documents which will assist public entities with readiness for business continuity, and identified frameworks that will assist SARS in implementing an effective ICT readiness for business continuity. The study adopted the design science research approach and aspects of design science research in information systems. Data gathered through the questionnaire instrument was used to design a framework that can be adopted at SARS to enhance ICT readiness for business continuity. The research findings show the importance of effective business continuity management (BCM) and a framework that can be used to implement an effective BCM

A Taxonomy for and Analysis of Anonymous Communications Networks

Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity of new surveillance technologies in cyberspace enables instant, undetectable, and unsolicited information collection about entities. Hence, anonymity and privacy are becoming increasingly important issues. Anonymization enables entities to protect their data and systems from a diverse set of cyber attacks and preserves privacy. This research provides a systematic analysis of anonymity degradation, preservation and elimination in cyberspace to enhance the security of information assets. This includes discovery/obfuscation of identities and actions of/from potential adversaries. First, novel taxonomies are developed for classifying and comparing well-established anonymous networking protocols. These expand the classical definition of anonymity and capture the peer-to-peer and mobile ad hoc anonymous protocol family relationships. Second, a unique synthesis of state-of-the-art anonymity metrics is provided. This significantly aids an entity’s ability to reliably measure changing anonymity levels; thereby, increasing their ability to defend against cyber attacks. Finally, a novel epistemic-based mathematical model is created to characterize how an adversary reasons with knowledge to degrade anonymity. This offers multiple anonymity property representations and well-defined logical proofs to ensure the accuracy and correctness of current and future anonymous network protocol design