Global ETD Search

311	Styrning av cyberrisker i svensk offentlig sektor : En kvalitativ intervju och dokumentstudie om hur svenska offentliga organisationer styr avseende cyberrisker / Governance of cyberrisk in the swedish public sector : A qualitative interview and document study on how Swedish public organizations govern cyber risks Giordano, Simon, Forsman, Frej January 2024 (has links) Background: Cyberattacks have significantly increased recently amongst Swedish public sector organizations, heightening the need for robust governance of cyber risks. Cyber risks are particularly complex and dynamic, requiring strong leadership support and strategic planning. Previously, cyber risks have often been addressed from an IT perspective, whereas this study approaches them from a governance perspective. Purpose: The purpose of the study is to map and increase the knowledge about how authorities and regions govern cyber risks. The aim is to contribute with a practical conceptual model that is useful and to theoretically complement the literature on ERM. Methodology: The study was conducted using a qualitative approach. The empirical data was collected through a combination of document analysis and semi-structured interviews. Respondents were selected due to their high competence in cyber risks or governance. The theoretical material was gathered from previous research in articles and books related to the governance of cyber risks. Conclusion: Public organizations govern cyber risks through laws, policies, and internal models, but there are no unified requirements or frameworks. The ones used need to be adapted to each organization's specific needs. The study's conceptual model for cyber risk governance is proposed to be circular and continuously adaptable, focusing on strategy, identification, evaluation, prioritization. Culture and communication are central governance elements, with revision and follow-up emphasized as critical steps. Collaboration between public organizations for joint data storage is recommended to facilitate risk management. The risk-reducing measures are expressed differently in relation to the governing tools. / Bakgrund: Antalet cyberattacker har ökat den senaste tiden inom svensk offentlig sektor, vilket har gjort att behovet av effektiv styrning av cyberrisker ökat. Cyberrisker är särskilt komplexa och dynamiska, vilket kräver starkt ledningsstöd och strategisk planering. Tidigare har cyberrisker ofta behandlats utifrån ett IT-perspektiv medan denna studie behandlar problematiken ur ett styrande perspektiv. Syfte: Syftet med studien är att genom kartläggning öka kunskapen om myndigheter och regioners styrning av cyberrisker. Syftet har varit att bidra med en praktisk konceptuell modell som är användbar och att bidra teoretiskt genom att komplettera litteraturen kring ERM. Metod: Studien har genomförts genom ett kvalitativt tillvägagångssätt. Empirin har samlats in genom en kombination av dokumentanalys samt semi-strukturerade intervjuer. Respondenterna har valts ut på grund av deras höga kompetens inom cyberrisker, alternativt styrning. Det teoretiska materialet har samlats in genom tidigare forskning från artiklar och annan litteratur som berört styrning av cyberrisker. Slutsats: Offentliga organisationer styr cyberrisker genom lagar, policys och interna modeller, men det finns inga enhetliga krav eller ramverk. De som används kräver anpassning till varje organisations specifika behov. Studiens konceptuella modell för styrning av cyberrisker föreslås vara cirkulär och ständigt anpassningsbar, med fokus på strategi, identifiering, utvärdering, prioritering. Kultur och kommunikation är centrala styrelement, revidering samt uppföljning framhålls som kritiska steg. Ett samarbete mellan offentliga organisationer för gemensam datalagring rekommenderas för att underlätta riskreduceringen. Riskreducerande åtgärderna ter sig tämligen olika, satta i relation till de styrande verktygen. Cyber risks Cybersecurity Public sector Risk governance Risk management Cyberrisker Cybersäkerhet Offentlig sektor Riskstyrning Riskhantering Business Administration Företagsekonomi
312	Secure Satellite Communication : A system design for cybersecurity in space Wallin, Lucas January 2024 (has links) This thesis presents an in-depth exploration of designing a cybersecurity system for satellitecommunication, addressing cyberthreats as the space industry transitions from security byobscurity in mission specific designs to the use of mass-produced components. To counteract these threats, a comprehensive security system must be implemented,considering all facets of satellite communication, from key management and encryption to digitalsignatures, digital certificates, and hardware security modules (HSMs). The role of HSMs insecurely storing cryptographic keys and performing cryptographic operations is emphasized,highlighting their importance in protecting sensitive data. A partial implementation of the digital signature component demonstrates the practicalimportance of using HSMs for key storage, underscoring the feasibility of the proposed systemin real-world applications. The findings indicate that established protocols and algorithms, when combined effectively, can provide robust security solutions for satellite communication. This research contributes to the development of secure satellite communication systems byoffering a detailed security design tailored to the specific needs and challenges of the spaceenvironment. It provides a framework for future implementations, ensuring that satellite systemscan operate securely and efficiently in an increasingly interconnected and vulnerable digitallandscape. Cybersecurity satellite communication key management digital signatures encryption digital certificates hardware security module Computer and Information Sciences Data- och informationsvetenskap
313	British Library Unplugged : A Media Analysis of Institutional Pressures during a Cyber Attack on a National Library Lindström, Emilie, Spirkina, Sasha January 2024 (has links) This thesis explores the legitimacy of national libraries, by analysing the media's portrayal of the British Library during a major cyber attack by the Rhysida group in October 2023. Using diverse media sources, the research examines how media narratives reflect institutional pressures during prolonged disruption. The research employs a mixed-method approach, combining quantitative media coverage mapping with qualitative thematic analysis. The mapping categorises news articles based on content type, publication section, and perspectives represented. Thematic analysis identifies key themes such as the disruption of library services, cybersecurity concerns, and critiques of digital fragility. The findings reveal a complex interplay between the library's historical role as a national institution and its modern digital vulnerabilities. Additionally, the study discusses the broader implications of digital practices for the institutional identity of libraries, and the perceived responsibilities of national libraries in safeguarding cultural and intellectual heritage against cyber threats. Cybersecurity British Library Institutional Pressures Legitimacy News Media Coverage Thematic Analysis Institutional Theory National Library Information Studies Biblioteks- och informationsvetenskap
314	MODELING RISK IN THE FRONT-END OF THE OSS DEBIAN SUPPLY-CHAIN USING MODELS OF NETWORK PROPAGATION Sahithi Kasim (18859078) 24 June 2024 (has links) <p dir="ltr">Our research revolves around the evolving landscape of Open-Source Software (OSS) supply chains, emphasizing their critical role in contemporary software development while investigating the escalating security concerns associated with their integration. As OSS continues to shape the software ecosystem, our research acknowledges the paradigm shift in the software supply chain, highlighting its complexity and the associated security challenges. Focusing on Debian packages, we employ advanced network science methods to comprehensively assess the structural dynamics and vulnerabilities within the OSS supply chain. The study is motivated by the imperative to understand, model, and mitigate security risks from interconnected software components.</p><p dir="ltr">Our research questions delve into 1) identifying high-risk packages 2) comparing risk profiles between source and build stages and 3) predicting future vulnerabilities. Data collection involves collecting source code repositories, build-info information, and vulnerability data of Debian packages. Leveraging a multifaceted methodology, we perform the following things: graph construction, subsampling, metrics creation, explorative data analysis, and statistical investigations on the Debian package network. This statistical approach integrates the Wilcoxon test, Chi-Square test, and advanced network dynamics modeling with machine learning, to explore evolving trends and correlations between different stages of the OSS supply chain.</p><p dir="ltr">Our goals include providing actionable insights for industry practitioners, policymakers, and developers to enhance risk management in the OSS supply chain. The expected outcomes encompass an enriched understanding of vulnerability propagation, the identification of high-risk packages, and the comparison of network-based risk metrics against traditional software engineering measures. Ultimately, our research contributes to the ongoing discourse on securing open-source ecosystems, offering practical strategies for risk mitigation and fostering a safer and more resilient OSS supply chain.</p> Data security and protection Open Source Software OSS Debian Network Science Security Risk
315	Navigating Cybersecurity Challenges : Analysing cyber threats and protective strategies for SMEs Paleczek, Anna-Maria January 2024 (has links) Cybersecurity is a critical concern for all organisations in today’s digital landscape, butespecially for small to medium sized enterprises (SMEs). This thesis investigates the maincyber threats currently relevant for small to medium sized companies as well as whatchallenges these types of companies face in implementing effective cybersecurity measures.Another aim was to identify strategies to help SMEs overcome these challenges and enhancetheir protection against cyberthreats.The data collection method chosen for this thesis was semi-structured interviews based on acomprehensive literature review and with a total of six knowledgeable people in the field. Theresults showed that social engineering and phishing, web-based attacks, malware, maliciousinsiders as well as denial-of-service attacks were the most common cyberthreats faced bySMEs in the last few years. Challenges SMEs face was related to a tendency to underestimatethe risk by management and personnel as well as a general lack of knowledge and awarenessat the companies. Other challenges were resource and technological issues. To protect theirbusiness, most interview participants recommended following a standard like the ones fromthe ISO/IEC 27000 family or an alternative like the SSF 1101. Inventory and risk assessment isrecommended as the first step to take along with hiring employees specifically qualified incybersecurity or taking help from consultants. cybersecurity small to medium sized enterprises small to medium sized businesses sme smb cyber threats Information Systems
316	Balancing Security and Efficiency in Isolated QR Code-Based Authentication Systems in Real Estate Seeth, Axel, Fors, Robin January 2024 (has links) Background. As the real estate sector increasingly integrates smart technology, the security of access control systems like QR code-based authentication needs rigorous enhancement. The prevalent use of QR codes in access management presents unique challenges in security and power efficiency, particularly in standalone systems that operate independently of continuous power sources. Objectives. This thesis aims to develop and explore a secure and efficient QR code-based authentication system tailored for real estate. It focuses on improving security measures against potential breaches and optimising power consumption to extend the lifespan of battery-operated devices. Methods. The research employs a mixed-methods approach, beginning with a comprehensive analysis of existing QR code-based systems to identify common vulnerabilities through threat modeling and a literature review. This is followed by the development of a security framework that addresses these vulnerabilities while considering hardware limitations. The performance of the suggested solution is evaluated. Lastly, a Proof of Concept (PoC) is implemented to validate the effectiveness of the proposed solutions under simulated real-world conditions. Results. The study successfully identifies multiple security vulnerabilities in current QR code systems and introduces a security model that mitigates these risks effectively. The implemented PoC demonstrates a improvement in security without compromising the power efficiency of the authentication system. Power consumption measurements indicate a balanced trade-off between system security and operational longevity. Conclusions. The thesis concludes that enhancing QR code-based authentication systems with a security framework can elevate the security level while maintaining efficient power use. This research contributes to the field by providing a scalable model for secure real estate management that can adapt to various operational environments and hardware configurations. / Bakgrund. I takt med att fastighetssektorn integrerar alltmer smart teknik behöver säkerheten för åtkomstkontrollsystem som använder QR-kodbaserad autentisering förbättras. Den utbredda användningen av QR-koder i åtkomsthantering innebär unika utmaningar för säkerhet och effektivitet, särskilt i fristående system som fungerar oberoende av kontinuerliga strömkällor. Syfte. Arbetet syftar till att utveckla och undersöka ett säkert och effektivt QR-kodbaserat autentiseringssystem anpassat för digitala fastigheter. Arbetet fokuserar på att förbättra säkerhetsåtgärder mot potentiella intrång och optimera energiförbrukning för att förlänga livslängden på batteridrivna enheter. Metod. Forskningen använder olika metoder som börjar med en analys av befintliga QR-kodsystem för att identifiera vanliga sårbarheter genom hotmodellering och en litteraturöversikt. Detta följs av utvecklingen av en säkerhetsram som adresserar dessa sårbarheter samtidigt som hårdvarubegränsningar tas i beaktande. Prestandan hos de föreslagna lösningarna utvärderas. Slutligen skapas en Proof of Concept (PoC) för att validera effektiviteten hos de föreslagna lösningarna under simulerade realistiska förhållanden. Resultat. Studien identifierar flera säkerhetssårbarheter i nuvarande QR-kodsystem och introducerar en säkerhetsmodell som minskar dessa risker. Den genomförda PoC:en visar en förbättring i säkerhet utan att kompromissa med energieffektiviteten i autentiseringssystemet. Mätningar av energiförbrukningen indikerar en balanserad avvägning mellan systemets säkerhet och operationell livslängd. Slutsatser. Arbetet drar slutsatsen att förbättring av QR-kodbaserade autentiseringssystem med ett säkerhetsramverk kan höja säkerhetsnivån samtidigt som effektiv energianvändning bibehålls. Denna forskning bidrar till området genom att tillhandahålla en skalbar modell för säker förvaltning av digitala fastigheter som kan anpassas till olika driftsmiljöer och hårdvarukonfigurationer. Authentication Cybersecurity QR Code Power Efficiency Real Estate Autentisering Cybersäkerhet Energieffektivitet Fastigheter QR-kod Computer Systems Datorsystem
317	Cyberattacks in international relations Edelman, Ross David January 2013 (has links) New methods of conflict and coercion can prompt tectonic shifts in the international system, reconfiguring power, institutions, and norms of state behavior. Cyberattacks, coercive acts that disrupt or destroy the digital infrastructure on which states increasingly rely, have the potential to be such a tool — but only if put into practice. This study examines which forces in the international system might restrain state use of cyberattacks, even when they are militarily advantageous. To do so I place this novel technology in the context of existing international regimes, employing an analogical approach that identifies the salient aspects of cyberattacks, and compares them to prior weapons and tactics that share those attributes. Specifically, this study considers three possible restraints on state behavior: rationalist deterrence, the jus ad bellum regime governing the resort to force, and incompatibility with the jus in bello canon of law defining just conduct in war. First, I demonstrate that cyberattacks frustrate conventional deterrence models, and invite, instead, a novel form of proto-competition I call ‘structural deterrence.’ Recognizing that states have not yet grounded their sweeping claims about the acceptability of cyberattacks in any formal analysis, I consider evidence from other prohibited uses of force or types of weaponry to defining whether cyberattacks are ‘legal’ in peacetime or ‘usable’ in wartime. Whereas previous studies of cyberattacks have focused primarily on policy guidance for a single state or limited analysis of the letter of international law, this study explicitly relates international law to state decision-making and precedent. It draws together previously disparate literature across strategic studies, international law, and diplomatic history to offer conclusions applicable beyond any single technology, and of increasing importance as states’ dependence on technology grows. 363.325
318	No protection, nu business : An event study on stock volatility reactions to cyberattacks between 2010 and 2015 for firms listed in the USA Collin, Erik, Juntti, Gustav January 2016 (has links) With the surge of Internet-based corporate communication, organization, andinformation management, financial markets have undergone radical transformation. Inthe interconnected economy of today, market participants are forced to acceptcyberattacks, data breaches, system failures, or security flaws as any other (varying)cost of doing business. While cyberspace encompasses practically any firm indeveloped economies and a large portion in developing ones, combatting such risks isdeemed a question of firm-specific responsibility: the situation resembles an ‘every manfor himself’ scenario. Consulting standard financial theory, rational utility-maximizinginvestors assume firm-specific (idiosyncratic) risk under expectations of additionalcompensation for shouldering such risk – they are economically incentivized. The omnipresence of cyberattacks challenges fundamental assumptions of the CapitalAsset Pricing Model, Optimal Portfolio Theory, and the concept of diversifiability. Thethesis problematizes underlying rationality notions by investigating the effect of acyberattack on stock volatility. Explicitly, the use of stock volatility as a proxy for riskallows for linking increased volatility to higher risk premiums and increased cost ofcapital. In essence, we investigate the following research question: What is the effect ofa disclosed cyberattack on stock volatility for firms listed in the USA?. Using event study methodology, we compile a cyberattack database for events between2010 and 2015 involving 115 firms listed on US stock exchanges. The specified timeperiod cover prevailing research gaps; due to literature paucity the focus on volatilityfits well. For a finalized sample of 189 events, stock return data is matched to S&P500index return data within a pre-event estimation window and a post-event window tocalculate abnormal returns using the market model. The outputs are used to estimateabnormal return volatility before and after each event; testing pre and post volatilityagainst each other in significance tests then approximates the event-induced volatility.Identical procedures are performed for all subsamples based on time horizon, industrybelonging, attack type, firm size, and perpetrator motivation. The principal hypothesis, that stock volatility is significantly higher after a cyberattack,is found to hold within both event windows. Evidence on firm-specific characteristics ismore inconclusive. In the long run, inaccessibility and attacks on smaller firms seem torender significantly larger increases in volatility compared to intrusion and attacks onlarger firms; supporting preexisting literature. Contrastingly, perpetrator motive appearsirrelevant. Generally, stocks are more volatile immediately after an attack, attributableto information asymmetry. For most subsamples volatility seem to diminish with time,following the Efficient Market Hypothesis. Summing up, disparate results raisequestions of the relative importance of contingency factors, and also about futuredevelopments within and outside academic research. stock volatility cyberattack abnormal return volatility event study information technology US stock market cybersecurity reaction financial impact market efficiency finance fintech
319	Visualising network security attacks with multiple 3D visualisation and false alert classification Musa, Shahrulniza January 2008 (has links) Increasing numbers of alerts produced by network intrusion detection systems (NIDS) have burdened the job of security analysts especially in identifying and responding to them. The tasks of exploring and analysing large quantities of communication network security data are also difficult. This thesis studied the application of visualisation in combination with alerts classifier to make the exploring and understanding of network security alerts data faster and easier. The prototype software, NSAViz, has been developed to visualise and to provide an intuitive presentation of the network security alerts data using interactive 3D visuals with an integration of a false alert classifier. The needs analysis of this prototype was based on the suggested needs of network security analyst's tasks as seen in the literatures. The prototype software incorporates various projections of the alert data in 3D displays. The overview was plotted in a 3D plot named as "time series 3D AlertGraph" which was an extension of the 2D histographs into 3D. The 3D AlertGraph was effectively summarised the alerts data and gave the overview of the network security status. Filtering, drill-down and playback of the alerts at variable speed were incorporated to strengthen the analysis. Real-time visual observation was also included. To identify true alerts from all alerts represents the main task of the network security analyst. This prototype software was integrated with a false alert classifier using a classification tree based on C4.5 classification algorithm to classify the alerts into true and false. Users can add new samples and edit the existing classifier training sample. The classifier performance was measured using k-fold cross-validation technique. The results showed the classifier was able to remove noise in the visualisation, thus making the pattern of the true alerts to emerge. It also highlighted the true alerts in the visualisation. Finally, a user evaluation was conducted to find the usability problems in the tool and to measure its effectiveness. The feed backs showed the tools had successfully helped the task of the security analyst and increased the security awareness in their supervised network. From this research, the task of exploring and analysing a large amount of network security data becomes easier and the true attacks can be identified using the prototype visualisation tools. Visualisation techniques and false alert classification are helpful in exploring and analysing network security data. 005.8
320	Effective Vulnerability Management for Small Scale Organisations in Ghana Lartey, Jerry January 2019 (has links) Most Small and Medium scale Enterprises (SMEs) in Ghana are notparticularly anxious about the consequences of inadequacy or lack of anyform of vulnerability management operation in their normal businesspractices. This case study research explores how a local Internet ServiceProvider (ISP) in Ghana and its local client-base can manage vulnerabilitieswith a targeted patch management practise integrated into their operations.To answer the research question “How can a SME local Internet ServiceProvider (ISP) in Accra, Ghana, assist their local customer base to integrateeffective cybersecurity vulnerability management into their operations?“,This case study comprised the Subject Matter Expert of one local ISP as well as4 other technical Subject Matter Experts of the ISP’s clients about their patchmanagement operations. This case study research revealed that most SMEs donot consider vulnerability management as a key concern in the operation oftheir organisation and therefore, proposes a way to highlight the importanceof vulnerability management whiles doing so at a cost-effective manner. Theimplications of targeted cybersecurity patch management for the local ISP andtheir client-base is also addressed by this thesis research. Vulnerability management patch management small-scale organisations Ghana local ISPs Cybersecurity Framework small and medium-sized enterprises subject matter experts open source. Computer Systems Datorsystem

Search results