Global ETD Search

21	Kontoret flyttar hem - Vad händer medcybersäkerheten? Norling, Katarina January 2021 (has links) No description available. cybersäkerhet informationssäkerhet cyberattack CIA-triangeln distansarbete utbildning Information Systems, Social aspects
22	Kategorisering på uppfattningar om digitala hot på webbapplikationer : Med en studie som visar de ekonomiska konsekvenserna av cyberattacker / Categorization of conceptions about digital threats on web applications : With a study showing the economic consequences of cyber attacks Alyoussef, Elyas January 2022 (has links) Detta examensarbete tar upp digitala hot mot webbapplikationer och kategoriserar allmänhetens uppfattning om dem. Digitala hot är oftast kopplade till ekonomiska konsekvenser varvid även dessa kommer att studeras. Målet med detta arbete är att bidra till en vetenskaplig artikel i framtiden, som kan vara värdefull för allmänheten, samt för framtida arbete och sysselsättning. För att analysera samlade uppfattningar användes konstant jämförande metoden. Resultatet avslöjar flera spännande fynd för teori och praktik, där uppfattningar om cybervärlden presenteras för att kunna förstå mer hur andra ser på cybersäkerhet idag. Det visar även betydande variationer bland deltagarnas uppfattningar och att informationssäkerhet, även om den gradvis utvecklas, har en lång väg tills den blir en obruten del av affärsverksamheten och arbetskraftens verklighet. Denna studie kan även fungera som en guide för de olika uppfattningarna om cyberattacker eftersom den ger en översikt över de idag mest relevanta cyberattackerna. Arbetet kompletterades med en studie som belyser ekonomiska konsekvenser av cyberattacker. Utöver detta studerades även cyberattacken mot Coop under sommaren 2021. / This thesis presents a categorization of conceptions about digital threats on web applications with a study showing the economic consequences of cyber-attacks. The aim of this thesis is to contribute to a scientific article, which can be valuable to the public, as well as for future work and employment. Constant comparison method was used to analyse aggregate perceptions. The results reveal several exciting findings for theory and practice, where perceptions of the cyber world were presented in order to understand more how others see cybersecurity today. It also shows significant variations among the participants' perceptions. This shows that information security, even if it is gradually developed, has a long way to go until it becomes an unbroken part of the business. This study can also serve as a guide for the different perceptions of cyber-attacks as it provides an overview of the most relevant cyber-attacks today. This thesis was supplemented with a study that highlights the economic consequences of cyberattacks. In addition to this, the cyber-attack on Coop during the summer of 2021 was also studied. Security cyber-attack economic digital threats web applications cyber security. Säkerhet cyberattack ekonomi digitala hot webbapplikationer cybersäkerhet. Computer Systems Datorsystem
23	No protection, nu business : An event study on stock volatility reactions to cyberattacks between 2010 and 2015 for firms listed in the USA Collin, Erik, Juntti, Gustav January 2016 (has links) With the surge of Internet-based corporate communication, organization, andinformation management, financial markets have undergone radical transformation. Inthe interconnected economy of today, market participants are forced to acceptcyberattacks, data breaches, system failures, or security flaws as any other (varying)cost of doing business. While cyberspace encompasses practically any firm indeveloped economies and a large portion in developing ones, combatting such risks isdeemed a question of firm-specific responsibility: the situation resembles an ‘every manfor himself’ scenario. Consulting standard financial theory, rational utility-maximizinginvestors assume firm-specific (idiosyncratic) risk under expectations of additionalcompensation for shouldering such risk – they are economically incentivized. The omnipresence of cyberattacks challenges fundamental assumptions of the CapitalAsset Pricing Model, Optimal Portfolio Theory, and the concept of diversifiability. Thethesis problematizes underlying rationality notions by investigating the effect of acyberattack on stock volatility. Explicitly, the use of stock volatility as a proxy for riskallows for linking increased volatility to higher risk premiums and increased cost ofcapital. In essence, we investigate the following research question: What is the effect ofa disclosed cyberattack on stock volatility for firms listed in the USA?. Using event study methodology, we compile a cyberattack database for events between2010 and 2015 involving 115 firms listed on US stock exchanges. The specified timeperiod cover prevailing research gaps; due to literature paucity the focus on volatilityfits well. For a finalized sample of 189 events, stock return data is matched to S&P500index return data within a pre-event estimation window and a post-event window tocalculate abnormal returns using the market model. The outputs are used to estimateabnormal return volatility before and after each event; testing pre and post volatilityagainst each other in significance tests then approximates the event-induced volatility.Identical procedures are performed for all subsamples based on time horizon, industrybelonging, attack type, firm size, and perpetrator motivation. The principal hypothesis, that stock volatility is significantly higher after a cyberattack,is found to hold within both event windows. Evidence on firm-specific characteristics ismore inconclusive. In the long run, inaccessibility and attacks on smaller firms seem torender significantly larger increases in volatility compared to intrusion and attacks onlarger firms; supporting preexisting literature. Contrastingly, perpetrator motive appearsirrelevant. Generally, stocks are more volatile immediately after an attack, attributableto information asymmetry. For most subsamples volatility seem to diminish with time,following the Efficient Market Hypothesis. Summing up, disparate results raisequestions of the relative importance of contingency factors, and also about futuredevelopments within and outside academic research. stock volatility cyberattack abnormal return volatility event study information technology US stock market cybersecurity reaction financial impact market efficiency finance fintech
24	Managing Security Objectives for Effective Organizational Performance Information Security Management Gutta, Ramamohan 01 January 2019 (has links) Information is a significant asset to organizations, and a data breach from a cyberattack harms reputations and may result in a massive financial loss. Many senior managers lack the competencies to implement an enterprise risk management system and align organizational resources such as people, processes, and technology to prevent cyberattacks on enterprise assets. The purpose of this Delphi study was to explore how the managerial competencies for information security and risk management senior managers help in managing security objectives and practices to mitigate security risks. The National Institute of Standards and Technology framework served as the foundation for this study. The sample was made up of 12 information security practitioners, information security experts, and managers responsible for the enterprise information security management. Participants were from Fortune 500 companies in the United States. Selection was based on their level of experience and knowledge of the topic being studied. Data were collected using a 3 round Delphi study of 12 experts in information security and risk management. Statistical analysis was performed on the collected data during a 3 round Delphi study. The mean, standard deviation, majority agreement, and ranges were used to determine the final concensus for this research study. Findings of this study included the need for managerial support, risk management strategies, and developling the managerial and technical talent to mitigate and respond to cyberattacks. Findings may result in a positive social change by providing information that helps managers to reduce the number of data breaches from cyberattacks, which benefits companies, employees, and customers. Cyberattack Governance Databases and Information Systems
25	Testování zranitelností v průmyslových sítích / Vulnerabilities assessment for industrial protocols Zahradník, Jiří January 2020 (has links) Thesis deals with testing of selected vulnerabilities from the IEC 61850 standard and following design of mitigation measures for selected vulnerabilities. Author simulated vulnerabilities of the GOOSE protocol, NTP attack and attack ona MMS client. Those attacks were GOOSE stNum, GOOSE semantic, GOOSE test bit,GOOSE replay, GOOSE flood, NTP spoofing and MMS password capture. Attacks on protocols GOOSE and MMS were successful, attack on NTP was only partially successful since the device confirmed receiving spoofed time, however it did not change it’s inner clock. Author then designed possible mitigation measures. Tool for automatic testing of selected vulnerabilities, parser for the GOOSE protocol and lightweight multiplatform parser for configuration files were created as well.The outcome of this thesis allows the implementation of lager scale tool for penetration testing of industrial networks as well as it allows implementation of discussed mitigation measures.
26	"It was a massive bombing of all our systems" : en studie av John A. Wardens femringsmodell och NotPetya Hedén, Hugo January 2020 (has links) According to NATO Review, in 2013 it was estimated that over 97% of the world's telecommunications were transmitted via the internet and that this was a growing trend. This essentiality for communication means that information systems have become a natural target and point of attack in military actions and planning. This thesis aims to test the possibility to apply the theory of The enemy as a system and the concentric five-ring modeldeveloped by air force theorist Jon A. Warden III, to the cyber arena. To achieve this aim, the thesis presents a qualitative text analysis of seven different sources describing NotPetya. The targets and effects of the cyber attack are evaluated based upon the concentric five-ring model and the concept of parallel attack. The results of the analysis shows that Warden's theory is highly applicable to the case of NotPetya. This in turn could point to the theory’s applicability to the cyber domain and to strategic operations in cyberspace. However no major conclusions of generalizability can be drawn. The Enemy as a System Center of Gravity CoG. Warden cyberrymden cyberattack NotPetya strategi kritiska sårbarheter
27	Sistemas de control de supervisión y adquisición de datos para la deteccion de ciberataques en la industria minera Ore Huacles, Jonel Pelee, Donaire Arbieto, Ilyan Eduardo 09 May 2021 (has links) Los sistemas de control industrial son objetivos recurrentes de ciberataques con el fin de alterar procesos, detenerlos o secuestro de información. Existen distintas soluciones para contrarrestar estas actividades ilícitas, tales como los sistemas de detección de intrusos. Sin embargo, este tipo de soluciones no contemplan escenarios de trabajo específicos como plantas de procesamiento de minerales. El presente trabajo muestra un esquema a seguir para utilizar un modelo tecnológico capaz de utilizar tecnologías como machine learning y sistemas de detección de intrusos enfocados a plantas mineras. / Industrial control systems are recurring targets of cyberattacks in order to alter processes, stop them or hijack information. There are different solutions to counter these illegal activities, such as intrusion detection systems. However, these types of solutions do not contemplate specific work scenarios such as mineral processing plants. This work shows a scheme to follow to use a technological model capable of using technologies such as machine learning and intrusion detection systems focused on mining plants. / Trabajo de investigación Ciberataque Control industrial Minería Machine learning Cyberattack Mining
28	Threats and Mitigation of DDoS Cyberattacks Against the U.S. Power Grid via EV Charging Morrison, Glenn Sean 30 August 2018 (has links) No description available. Computer Engineering Computer Science DDoS Distributed Denial of Service DDoS Cyberattacks United States power grid electric vehicle EV EV Charging cyberattack cyber threat
29	Distributed Denial of Service : Svenska bankers uppfattning om hotbilden av DDoS-attacker Macchiavello, Sabrina, Wulkan, Linnea January 2023 (has links) As the financial sector has become increasingly digitized, its vulnerability to cyberattacks has increased. Distributed Denial of Service attacks are one of the biggest threats on the internet today and has been growing steadily for the last few years. The increase applies to both the size and frequency of the attacks. DDoS-attacks have been a threat especially towards banks and therefore it is important to have a well functional cyber security strategy to withstand the attacks. This thesis investigates Swedish banks perception regarding the threat picture of DDoS-attacks against banks. As a result of a qualitative case study, Swedish banks opinion has been investigated through interviews with IT security managers at Swedish banks. The banks are considered to have effective strategies to prevent and manage DDoS-attacks but the threat of cyber attacks continues to increase. The participants mention various factors that show an increase in DDoS-attacks and the media can be an influence. The empirical material is analyzed using the National Cybersecurity Strategy (NCSS) framework developed by the European Union Agency for Cybersecurity (ENISA). Distributed Denial of Service attack Denial of Service attack överbelastningsattack finansiell sektor bank cybersäkerhet cyberhot cyberattack National Cybersecurity Strategy NCSS Information Systems
30	A security analysis in a life science environment : a case study / En säkerhetsanalys inom life science : en fallstudie Gripenstedt, Daniel, Öberg, Joakim January 2021 (has links) The cyber-threat against life-science is much larger today than just a couple of years back. Companies within the field have valuable information from example R& Din pharmaceuticals, biotech, personal data of vulnerable patients or medical devices and that is something attackers are very much aware of. Lab equipment have generally been disconnected from the internet to protect their data even more but the benefits a company would gain in diagnostics and support could outweigh it. In this paper a fictional environment with lab instruments, control units and databases is set up based on a real system used by Company X. A security analysis for the system is conducted with the goal to identify and analyse potential threats and risks. This was done by first study relevant literature along with meetings with representatives from Company X. The security analysis is made with a threat model called Yacraf which includes six different phases, the process was easy to follow and resulted in potential ways how an attacker could gain access to the system. The results also show different protection scenarios for these attacks and how Company X could implement preventive measures in advance. If Company X where to implement such a remote control system a first step would be to educate the employees to recognize common cyber-threats and only set up the remote connection when needed. / Cyberhotet mot life science är mycket större idag än för bara ett par år tillbaka. Företag sitter på värdefull information från exempel forskning och utveckling inom läkemedel, bioteknik, personuppgifter om utsatta patienter eller medicintekniska produkter och det är något som hackare är mycket medvetna om. Labutrustning har i allmänhet kopplats bort från internet för att skydda deras data ännu mer, men fördelar företag kan vinna på diagnistik och support skulle kunna uppväga det. I denna uppsats skapas en fiktiv miljö med laboratorieinstrument, styrenheter och databaser baserat på ett verkligt system som används av företag X. En säkerhetsanalys för systemet genomförs med målet att identifiera och analysera potentiella hot och risker. Detta gjordes genom att först studera relevant litteratur tillsammans med möten med företrädare för företag X. Säkerhetsanalysen är gjord med en hotmodell som heter Yacraf som innehåller sex olika faser, processen var lätt att följa och resulterade i potentiella sätt hur en angripare kunde vinna tillgång till systemet. Resultaten visar också olika skyddsscenarier för dessa attacker och hur Company X kunde genomföra förebyggande åtgärder i förväg. Om företag X skulle implementera ett sådant fjärrkontrollsystem skulle ett första steg vara att utbilda de anställda att känna igen vanliga cyberhot och bara ansluta fjärranslutningen vid behov. Cyber-security in life-science Cyberbiosecurity Remote controlling software Cyber-attacks Threat modelling Yacraf. Cybersäkerhet inom life science Fjärrstyrningprogram Cyberattack Hotmodellering Yacraf Computer and Information Sciences Data- och informationsvetenskap

Search results