39,850 research outputs found
Addressing the cyber safety challenge: from risk to resilience
Addressing the cyber safety challenge: from risk to resilience describes the cyber safety issues emerging from a range of technology trends, how different populations are using technologies and the risks they face, and how we can effectively respond to each groupâs unique cyber safety needs.
Written by the University of Western Sydney for Telstra Corporation Ltd, the report advocates for continuing to move cyber safety from a ârisk and protectionâ framework to one that focuses on building digital resilience, as well as fostering trust and confidence in the online environment. To do this we need to:
Address the needs of populations often neglected by current policies and programs â including adults, seniors, parents, and small to medium enterprises
Continue to build the digital literacy skills of all populations, because digital literacy strongly influences usersâ ability to engage safely online â this is best achieved by a hands-on learning approach
Keep risk in perspective â the risks and benefits of digital participation go hand in hand
Broaden the focus from awareness-raising to long-term behaviour change.
As digital technologies become further integrated into the everyday lives of Australians, users are potentially exposed to greater risks. However, the risks and benefits of digital participation go hand in hand. The challenge, therefore, is to support users to minimise the risks without limiting their digital participation and their capacity to derive the full benefits of connectivity. If Australians are to benefit as either consumers or providers of online services and products in the e-commerce environment, consumer safety and trust need to be improved.
Cyber safety needs to be considered against a transforming backdrop of technology trends, products and practices. While the rise of social media has tended to dominate recent debate and developments in cyber safety, particularly in relation to young people, a range of other trends is also shaping how users engage online, the risks they potentially face in the new media landscape, and the strategies used to address them. These trends include the rise of user generated content and content sharing platforms; the uptake of mobile technologies and, in particular, the adoption of smartphones; cloud computing; platform integration and single sign-on mechanisms; and the rise of GPS and location based services
Is the responsibilization of the cyber security risk reasonable and judicious?
Cyber criminals appear to be plying their trade without much hindrance. Home computer users are particularly vulnerable to attack by an increasingly sophisticated and globally dispersed hacker group. The smartphone era has exacerbated the situation, offering hackers even more attack surfaces to exploit. It might not be entirely coincidental that cyber crime has mushroomed in parallel with governments pursuing a neoliberalist agenda. This agenda has a strong drive towards individualizing risk i.e. advising citizens how to take care of themselves, and then leaving them to face the consequences if they choose not to follow the advice. In effect, citizens are âresponsibilized .â Whereas responsibilization is effective for some risks, the responsibilization of cyber security is, we believe, contributing to the global success of cyber attacks. There is, consequently, a case to be made for governments taking a more active role than the mere provision of advice, which is the case in many countries. We conclude with a concrete proposal for a risk regulation regime that would more effectively mitigate and ameliorate cyber risk
An Assurance Framework for Independent Co-assurance of Safety and Security
Integrated safety and security assurance for complex systems is difficult for
many technical and socio-technical reasons such as mismatched processes,
inadequate information, differing use of language and philosophies, etc.. Many
co-assurance techniques rely on disregarding some of these challenges in order
to present a unified methodology. Even with this simplification, no methodology
has been widely adopted primarily because this approach is unrealistic when met
with the complexity of real-world system development.
This paper presents an alternate approach by providing a Safety-Security
Assurance Framework (SSAF) based on a core set of assurance principles. This is
done so that safety and security can be co-assured independently, as opposed to
unified co-assurance which has been shown to have significant drawbacks. This
also allows for separate processes and expertise from practitioners in each
domain. With this structure, the focus is shifted from simplified unification
to integration through exchanging the correct information at the right time
using synchronisation activities
Recommended from our members
Security-Informed Safety: Supporting Stakeholders with Codes of Practice
Codes of practice provide principles and guidance on how organizations can incorporate security considerations into their safety engineering lifecycle and become more security minded
The future of Cybersecurity in Italy: Strategic focus area
This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management
Global Risks 2012, Seventh Edition
The World Economic Forum's Global Risks 2012 report is based on a survey of 469 experts from industry, government, academia and civil society that examines 50 global risks across five categories. The report emphasizes the singular effect of a particular constellation of global risks rather than focusing on a single existential risk. Three distinct constellations of risks that present a very serious threat to our future prosperity and security emerged from a review of this year's set of risks. Includes a special review of the important lessons learned from the 2011 earthquake, tsunami and the subsequent nuclear crisis at Fukushima, Japan. It focuses on therole of leadership, challenges to effective communication in this information age and resilient business models in response to crises of unforeseen magnitude
Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks
The benefits of autonomous vehicles (AVs) are widely acknowledged, but there
are concerns about the extent of these benefits and AV risks and unintended
consequences. In this article, we first examine AVs and different categories of
the technological risks associated with them. We then explore strategies that
can be adopted to address these risks, and explore emerging responses by
governments for addressing AV risks. Our analyses reveal that, thus far,
governments have in most instances avoided stringent measures in order to
promote AV developments and the majority of responses are non-binding and focus
on creating councils or working groups to better explore AV implications. The
US has been active in introducing legislations to address issues related to
privacy and cybersecurity. The UK and Germany, in particular, have enacted laws
to address liability issues, other countries mostly acknowledge these issues,
but have yet to implement specific strategies. To address privacy and
cybersecurity risks strategies ranging from introduction or amendment of non-AV
specific legislation to creating working groups have been adopted. Much less
attention has been paid to issues such as environmental and employment risks,
although a few governments have begun programmes to retrain workers who might
be negatively affected.Comment: Transport Reviews, 201
A Graphical Adversarial Risk Analysis Model for Oil and Gas Drilling Cybersecurity
Oil and gas drilling is based, increasingly, on operational technology, whose
cybersecurity is complicated by several challenges. We propose a graphical
model for cybersecurity risk assessment based on Adversarial Risk Analysis to
face those challenges. We also provide an example of the model in the context
of an offshore drilling rig. The proposed model provides a more formal and
comprehensive analysis of risks, still using the standard business language
based on decisions, risks, and value.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
- âŠ