Information security failures identified and measured – ISO/IEC 27001:2013 controls ranked based on GDPR penalty case analysis

This paper identifies the failures and impacts of information security, as well as the most effective controls to mitigate information security risks in organizations.Root cause analysis was conducted on all year 2020 GDPR penalty cases (n = 81) based on misconduct as defined in GDPR article 32: “security of processing.” ISO/IEC 27,001 controls were used as failure identifiers in the analysis. As a result, this study presents both the most frequent and most expensive information security failures and correspondingly ranks and presents the correlation of the controls observed in the analysis. From a theoretical perspective, our study contributes by bridging the gap between regulation and information security and introduces a statistical method to analyze the GDPR penalty cases, and provides previously unreported findings about information security failures and their respective solutions. From a practical perspective, the results of our study are useful for organizations which aspire to manage information security more effectively in order to prevent the most typical and expensive information security failures. Organizations, as well as auditors implementing and assuring the ISO 27001, may use our results as a guideline whereby controls should be applied and verified first in sequential order based on their impact and interdependence.© 2023 The Author(s). Published with license by Taylor & Francis Group, LLC. This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. The terms on which this article has been published allow the posting of the Accepted Manuscript in a repository by the author(s) or with their consent.fi=vertaisarvioitu|en=peerReviewed

Information Security Failures Measured and ISO/IEC 27001:2022 Controls Ranked by General Data Protection Regulation Penalty Analysis

Selecting the most important information security controls is a critical and difficult process. Therefore, the decision-making on how to manage risks and threats has to be supported with data-driven performance measurement metrics. This paper identifies and explores the failures and impacts of information security, as well as the most effective controls to mitigate information security risks in organizations. The method of the study was root cause analysis. All year 2020 GDPR penalty cases (n=81) based on misconduct, as defined in GDPR Article 32: “Security of processing” were matched with ISO/IEC 27001:2022 controls, which were used as failure identifiers in the analysis. As a result, the study presents both, the top 10 most frequent and the top 10 most expensive information security failures corresponding to ISO/IEC 27001:2022 controls. Furthermore, the study also illustrates the correlation of these controls.©2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.fi=vertaisarvioitu|en=peerReviewed

Pientalon yläpohjarakenteet

Tiivistelmä. Tämän kandidaatintyön tarkoituksena on perehtyä Suomessa rakennettavien pientalojen yläpohjarakenteisiin. Työssä tarkastellaan yläpohjiin kohdistuvien kuormitusten syntymistä, tyypillisiä rakenneratkaisuja, suunnittelu- ja mitoitusperusteita, sekä rakennusfysikaalisten rasitteiden syntymistä ja hallintaa. Työ tehtiin kirjallisuuskatsauksena, jonka pääasiallisina lähteinä toimivat Eurokoodit sekä kotimainen alaa koskeva kirjallisuus. Työn avulla lukija saa yleiskäsityksen pientalojen yläpohjien rakenteesta ja rakenneosista. Lisäksi lukija ymmärtää perusteet yläpohjien rakennesuunnittelun lähtökohdista, kuten kuormitusten laskennasta, kantavien rakenteiden mitoituksesta sekä yläpohjan toiminnallisuudesta kokonaisuudessaan.Roof structures of a detached house. Abstract. The purpose of this bachelor’s thesis is to provide an overview of roof structures in detached houses made in Finland. This thesis examines the development of loads to supporting roof structures, typical structure solutions, design- and sizing criteria along with development and management of a building’s physical burden. The thesis was made as a literary review, where the main sources were Eurocodes and domestic literature in the field. This thesis explains the basics of a roof structure and its structural components. The reader will further understand the fundamentals of a structural designing basis as calculation of loads, sizing of supporting structure and the roof structure functionality in its entirety

Esteettisten täyteaineiden pistäminen - jatkaako Suomi Euroopan Villinä läntenä?

publishedVersio

Sb-doped zirconium dioxide submicron fibers for separation of pertechnetate (TcO4-) from aqueous solutions

Submicron ZrO(2)fibers with three different Sb-doping levels (5, 10 and 15 cation%) were produced with an electroblowing synthesis for removal of(99)TcO(4)(-). The Sb-doped ZrO(2)fibers showed high selectivity toward(99)TcO(4)(-), which was not interfered by ClO4-, NO(3)(-)or Cl(-)ions and showed no selectivity toward ReO4-. The optimal pH range for the(99)Tc separation was 2-6 but the Sb-doped fibers maintained very high uptake level throughout the studied pH range of 1-10. According to the uptake experiments, Sb(III) is assumed to reduce Tc(VII) to Tc(IV) that is then adsorbed by the zirconia surface.Peer reviewe

Submicron fibers as a morphological improvement of amorphous zirconium oxide particles and their utilization in antimonate (Sb(v)) removal

Mesoporous and large surface area zirconium oxide aggregate granules with good adsorption properties were synthesized using a simple precipitation method. Since utilization of these small and fragile particles is considered rather difficult in larger scale column operation, the product was formed into a fibrous form to improve its usability. The submicron fibers were obtained from an optimized electroblowing synthesis that resulted in elastic and uniform fibers with a tetragonal structure and high length-to-diameter ratio. In antimonate (Sb(v)) adsorption experiments, the higher calcination temperature (350 degrees C) of the fibers did not seem to decrease the Sb(v) adsorption capacity excessively since the high theoretical adsorption capacities were 113 mg g(-1) and 58 mg g(-1) for the aggregate and fibers, respectively. Both materials had fast kinetics, fibers being faster in the beginning of the reaction. Moreover, both materials offered efficient Sb(v) removal in the studied pH range from 1 to 11 by reaching over 99.9% adsorption in the optimal pH range. X-ray absorption near edge spectroscopy (XANES) revealed that Sb(v) stays as pentavalent antimony after being adsorbed by these materials and based on the isoelectric point shifts in the zeta potential measurement, adsorption occurs mainly by an inner-sphere complexation reaction. Finally, our study showed that pressure buildup in a flow-through column packed with zirconium oxide fibers was significantly lower than in a column packed with aggregates. Thus, zirconium oxide aggregates can be formed into submicron fibers with enhanced column operation properties without a too large compromise in the adsorption properties.Peer reviewe

Work ability and physical fitness among aging workers : the Finnish Retirement and Aging Study

Background With advancing age, physical capacity gradually decreases which may lead to decreased work ability, if the physical work requirements remain the same. Examination of the importance of physical fitness for work ability among aging workers will help to find potential strategies to promote work ability in old age. The aim of this study was to investigate the association between physical fitness and work ability among aging workers. Methods Aging workers (n = 288, mean age 62.5, 83% women) from the Finnish Retirement and Aging study underwent cardiorespiratory, muscular fitness and functional testing. Work ability was inquired on a scale 0-10 from poor to excellent. Association between physical fitness indicators and work ability was examined using ordinary least squares regression, taking into account age, gender, occupational status, heavy physical work, body mass index and accelerometer-measured daily total physical activity. Results VO2peak, modified push-up test and maximal walking speed were positively associated with work ability (beta = 0.51, 95% confidence interval (CI) 0.29-0.74, beta = 0.46, 95% CI 0.26-0.66 and beta = 0.23, 95% CI 0.07-0.39, respectively), while chair rise test time was inversely associated with work ability (beta = -0.23, 95% CI -0.39--0.06). No associations were found between hand grip strength or sit-up test and work ability. Conclusions Cardiorespiratory fitness, upper body strength, and lower extremity function were positively associated with work ability. Good physical fitness may help to maintain work ability among aging workers.Peer reviewe

PHYSIOLOGICAL ECOLOGY -ORIGINAL RESEARCH

Abstract Recent studies of long-distance migratory birds show that behavioural and physiological changes associated with predictable or unpredictable challenges during the annual cycle are distinctively regulated by hormones. Corticosterone is the primary energy regulating hormone in birds. Corticosterone levels are elevated during stresses but they are also modulated seasonally according to environmental conditions and life-history demands. We measured the baseline and stress-induced levels of corticosterone in the barn swallow (Hirundo rustica L.) just before spring and autumn migrations in South Africa and Finland, respectively. Barn swallows completing their pre-breeding moult had low body condition (residual body mass) and high baseline corticosterone levels in the wintering grounds. In contrast, baseline corticosterone levels in Finland were low and not related to residual mass. These data contradict the first prediction of the migration modulation hypothesis (MMH) by showing no association with baseline corticosterone levels and pre-migratory fuelling. Yet, the adrenocortical response to the capture and handling stress was notably blunted in South Africa compared to a strong response in Finland. Further, individuals that had started fuelling in Finland showed a reduced response to the handling stress. Taken together, elevated baseline corticosterone levels and high residual mass may blunt the adrenocortical response in long-distance migrants and aerial feeders such as the barn swallow. This observation lends support to the second prediction of the MMH

Work ability and physical fitness among aging workers: the Finnish Retirement and Aging Study

Background With advancing age, physical capacity gradually decreases which may lead to decreased work ability, if the physical work requirements remain the same. Examination of the importance of physical fitness for work ability among aging workers will help to find potential strategies to promote work ability in old age. The aim of this study was to investigate the association between physical fitness and work ability among aging workers.Methods Aging workers (n = 288, mean age 62.5, 83% women) from the Finnish Retirement and Aging study underwent cardiorespiratory, muscular fitness and functional testing. Work ability was inquired on a scale 0-10 from poor to excellent. Association between physical fitness indicators and work ability was examined using ordinary least squares regression, taking into account age, gender, occupational status, heavy physical work, body mass index and accelerometer-measured daily total physical activity.Results VO2peak, modified push-up test and maximal walking speed were positively associated with work ability (beta = 0.51, 95% confidence interval (CI) 0.29-0.74, beta = 0.46, 95% CI 0.26-0.66 and beta = 0.23, 95% CI 0.07-0.39, respectively), while chair rise test time was inversely associated with work ability (beta = -0.23, 95% CI -0.39--0.06). No associations were found between hand grip strength or sit-up test and work ability.Conclusions Cardiorespiratory fitness, upper body strength, and lower extremity function were positively associated with work ability. Good physical fitness may help to maintain work ability among aging workers.</p