An Analytical Study of It Security Governance and its Adoption on Australian Organisations

Contemporary organisations are at infancy stages of adopting IT governance processes in Australia. Organisations who have adopted these processes underestimate the security processes within the governance framework. If the security processes are designed, they are often flawed with operational level implementation. This study investigates IT security governance broadly and in Australian organisations specifically. The objective of this study is to bring the local organisations in alignment with international standards and frameworks in terms of integration of information security, IT audits, risks and control measures. A survey of selected organisations is completed and results are presented in this paper identifying the maturity level of IT security governance in Australian organisations against the well known Capability Maturity Model® (CMM.

Development, Delivery and Dynamics of a Digital Forensics Subject

Digital forensics is a newly developed subject offered at Charles Sturt University (CSU). This subject serves as one of the core subjects for Master of Information Systems Security (Digital Forensics stream) course. The subject covers the legislative, regulatory, and technical aspects of digital forensics. The modules provide students detailed knowledge on digital forensics legislations, digital crime, forensics processes and procedures, data acquisition and validation, e-discovery tools, e-evidence collection and preservation, investigating operating systems and file systems, network forensics, email and web forensics, presenting reports and testimony as an expert witness. This paper summarises the process of subject development, delivery, assessments, teaching critique, and provides results from online subject evaluation survey. The dynamics and reflection on subject delivery is particularly important to determine if the subject has met its objectives. Results from the subject critique and student evaluation survey are presented and a reflection on how to improve the subject is provided

Source code embedded (SCEM) security framework

Security in the Software Development Life Cycle (SDLC) has become imperative due to the variety of threats posed during and after system design. In this paper we have studied the security in system design in general and software development in particular, and have proposed strategies for integration of security in the SDLC. The paper highlights the needs of embedding security right from the earlier processes in the SDLC because patches and controls after the software delivery are more expensive to fix. We propose Source Code EMbedded (SCEM) security framework to improve the design of security policies and standards for the software development process to ensure the security and reliability in government departments such as taxation, auditing, national security, social security, and immigration. It is also envisaged that the implementation of SCEM security framework will ensure commercial and public trust in the software development process within Australia and worldwide, saving enormous redevelopment costs

An empirical study of challenges in managing the security in cloud computing

Cloud computing is being heralded as an important trend in information technology throughout the world. Benefits for business and IT include reducing costs and increasing productivity. The downside is that many organizations are moving swiftly to the cloud without making sure that the information they put in the cloud is secure. The purpose of this paper is to learn from IT and IT security practitioners in the Indian Continent the current state of cloud computing security in their organizations and the most significant changes anticipated by respondents as computing resources migrate from on-premise to the cloud. As organizations grapple with how to create a secure cloud computing environment, we believe the findings from this study can provide guidance on how to address business and technology risks exacerbated by cloud computing. Specifically, in this paper cloud computing users evaluate security technologies and control practices they believe are best deployed either onpremise or in the cloud. Survey results are presented where we have asked cloud-computing users to rate the types of sensitive or confidential information too risky to be moved to the cloud. Alongside this paper also discusses the need of having SSL in the cloud to provide definitive way of securing the cloud

The Economics of Developing Security Embedded Software

Market models for software vulnerabilities have been disparaged in the past citing how these do little to lower the risk of insecure software. In this paper we argue that the market models proposed are flawed and not the concept of a market itself. A well-defined software risk derivative market would improve the information exchange for both the software user and vendor removing the often touted imperfect information state that is said to believe the software industry. In this way, users could have a rational means of accurately judging software risks and costs and as such the vendor could optimally apply their time between delivering features and averting risk in a manner demanded by the end user. It is of little value to increase the cost per unit of software by more than an equal compensating control in an attempt to create secure software. This paper argues that if the cost of an alternative control that can be added to a system is lower than the cost improving the security of the software itself, then it is uneconomical to spend more time and hence money improving the security of the software. It is argued that a software derivative market will provide the mechanism needed to determine these costs

Do mutual funds have consistency in their performance?

Using a comprehensive data set of 714 Chinese mutual funds from 2004 to 2015, the study investigates these funds’ performance persistence by using the Capital Asset Pricing model, the Fama-French three-factor model and the Carhart Four-factor model. For persistence analysis, we categorize mutual funds into eight octiles based on their one year lagged performance and then observe their performance for the subsequent 12 months. We also apply Cross-Product Ratio technique to assess the performance persistence in these Chinese funds. The study finds no significant evidence of persis- tence in the performance of the mutual funds. Winner (loser) funds do not continue to be winner (loser) funds in the subsequent time period. These findings suggest that future performance of funds cannot be predicted based on their past performance.info:eu-repo/semantics/publishedVersio

A clinical study of arrhythmias associated with acute coronary syndrome: a hospital based study of a high risk and previously undocumented population

Background: ACS represents a global epidemic. Arrhythmia in ACS is common. Careful investigation may lead to further improvement of prognosis. Retrospectively analyzed the year- round data of our center. Study was undertaken to analyze the incidence, frequency and type of arrhythmias in ACS. This is to aid timely intervention and to modify the outcome. Identification of the type of arrhythmia is of therapeutic and prognostic importance.Methods: This cross sectional analytical study was conducted in the Department of Cardiology, Apollo Hospitals Dhaka, from January 2019 to January 2020 with ACS patients. Enrolled consecutively and data analyzed.Results: There were 500 patients enrolled considering inclusion and exclusion criteria. Sample was subdivided into 3 groups on the type of ACS. Group-I with UA, Group-II with NSTE - ACS and Group-III with STE - ACS. Different types of arrhythmia noted. Types of arrhythmia were correlated with type of ACS. 500 patients included. Mean age 55.53±12.70, 71.6% male and 28.4% female. 60.4% hypertensive, 46.2% diabetic, 20.2% positive family history of CAD, 32.2% current smoker, 56.4% dyslipidaemic and 9.6% asthmatic. 31.2% UA, 39.2% NSTE-ACS and 29.6% STE-ACS. Type of arrhythmias noted. 22% sinus tachycardia, 20.2% sinus bradycardia, 9% atrial fibrillation, 5.2% ventricular ectopic, 4.8% supra ventricular ectopic, 2.8% bundle branch block, 2.2% atrio-ventricular block, 1% broad complex tachycardia, 0.4% narrow complex tachycardia, 0.2% sinus node dysfunction and 32.2% without any arrhythmia. Significant incidences of arrhythmia detected - respectively 29.8%, 39.2% and 31%, p<0.001.Conclusions: In conclusion, arrhythmias in ACS are common. More attention should be paid to improve their treatment and prognosis

Development, Delivery and Dynamics of a Digital Forensics Subject

Digital forensics is a newly developed subject offered at Charles Sturt University (CSU). This subject serves as one of the core subjects for Master of Information Systems Security (Digital Forensics stream) course. The subject covers the legislative, regulatory, and technical aspects of digital forensics. The modules provide students detailed knowledge on digital forensics legislations, digital crime, forensics processes and procedures, data acquisition and validation, e-discovery tools, e-evidence collection and preservation, investigating operating systems and file systems, network forensics, email and web forensics, presenting reports and testimony as an expert witness. This paper summarises the process of subject development, delivery, assessments, teaching critique, and provides results from online subject evaluation survey. The dynamics and reflection on subject delivery is particularly important to determine if the subject has met its objectives. Results from the subject critique and student evaluation survey are presented and a reflection on how to improve the subject is provided