Determining Small Business Cybersecurity Strategies to Prevent Data Breaches

Saber, Jennifer

01 January 2016

Cybercrime is one of the quickest growing areas of criminality. Criminals abuse the speed, accessibility, and privacy of the Internet to commit diverse crimes involving data and identity theft that cause severe damage to victims worldwide. Many small businesses do not have the financial and technological means to protect their systems from cyberattack, making them vulnerable to data breaches. This exploratory multiple case study, grounded in systems thinking theory and routine activities theory, encompassed an investigation of cybersecurity strategies used by 5 small business leaders in Middlesex County, Massachusetts. The data collection process involved open-ended online questionnaires, semistructured face-to-face interviews, and review of company documents. Based on methodological triangulation of the data sources and inductive analysis, 3 emergent themes identified are policy, training, and technology. Key findings include having a specific goal and tactical approach when creating small business cybersecurity strategies and arming employees with cybersecurity training to increase their awareness of security compliance. Recommendations include small business use of cloud computing to remove the burden of protecting data on their own, thus making it unnecessary to house corporate servers. The study has implications for positive social change because small business leaders may apply the findings to decrease personal information leakage, resulting from data breaches, which affects the livelihood of individuals or companies if disclosure of their data occurs.

Cybercrime

Cyber Security

Business

Cibercultura : injúria e difamação nas redes

Rodrigues, Adriele Cristina

09 March 2015

Submitted by Jordan (jordanbiblio@gmail.com) on 2016-09-20T12:45:06Z No. of bitstreams: 1 DISS_2015_Adriele Cristina Rodrigues.pdf: 1529014 bytes, checksum: 35acf5a5099ee2fb55b02caf1926b99d (MD5) / Approved for entry into archive by Jordan (jordanbiblio@gmail.com) on 2016-09-20T14:45:03Z (GMT) No. of bitstreams: 1 DISS_2015_Adriele Cristina Rodrigues.pdf: 1529014 bytes, checksum: 35acf5a5099ee2fb55b02caf1926b99d (MD5) / Made available in DSpace on 2016-09-20T14:45:03Z (GMT). No. of bitstreams: 1 DISS_2015_Adriele Cristina Rodrigues.pdf: 1529014 bytes, checksum: 35acf5a5099ee2fb55b02caf1926b99d (MD5) Previous issue date: 2015-03-09 / CAPES / A pesquisa tem por objetivo analisar de que maneira, no virtual, constituem-se sujeitos cujas produções de sentidos afetam o mundo físico, envolvendo justiça e danos físicos. O cibercrime é estudado como prática simbólica, que se dá através de um aparato tecnológico, que o veicula digitalmente. Os cenários são as comunidades virtuais, sites e revistas onde são narrados os fatos e seus desdobramentos. A metodologia é de abordagem qualitativa, netnográfica e a construção teórico-metodológica é semiodiscursiva. A difamação e a injúria são analisadas como processo de interação e de interatividade. Dentro desse contexto, busca-se redefinir noções como público e privado, virtual e real, identidade e fake, sujeito e autor, quando pensamos nas relações mantidas no ciberespaço. Quatro casos, selecionados enquanto relevantes informacionalmente para a pesquisa, são analisados com o intuito de se observar como as características resultantes à cibercultura podem facilitar os chamados cibercrimes. / The research aims to examine how, in the virtual, constitute subjects whose senses productions affect the physical world, involving justice and physical damage. Cybercrime is studied as a symbolic practice, which takes place through a technological apparatus, which transmits digitally. The scenarios are virtual communities, websites and magazines which are narrated the facts and their consequences. The methodology is qualitative approach, netnográfica and the theoretical and methodological construction is semiodiscursiva. Defamation and libel are analyzed as of interaction and interactivity process. In this context, we seek to redefine notions of public and private, virtual and real, fake identity and, subject and author, when we think of relationships maintained in cyberspace. Four cases, selected as relevant informationally for research, are analyzed in order to observe how cyberculture the resulting characteristics can facilitate the so-called cybercrime.

CNPQ::LINGUISTICA, LETRAS E ARTES

Comunicação

Cibercultura

Cibercrime

Communication

Cyberculture

Cybercrime

Cibercultura : injúria e difamação nas redes

Rodrigues, Adriele Cristina

09 March 2015

Submitted by Jordan (jordanbiblio@gmail.com) on 2016-09-20T12:45:06Z No. of bitstreams: 1 DISS_2015_Adriele Cristina Rodrigues.pdf: 1529014 bytes, checksum: 35acf5a5099ee2fb55b02caf1926b99d (MD5) / Approved for entry into archive by Jordan (jordanbiblio@gmail.com) on 2016-09-20T14:45:03Z (GMT) No. of bitstreams: 1 DISS_2015_Adriele Cristina Rodrigues.pdf: 1529014 bytes, checksum: 35acf5a5099ee2fb55b02caf1926b99d (MD5) / Made available in DSpace on 2016-09-20T14:45:03Z (GMT). No. of bitstreams: 1 DISS_2015_Adriele Cristina Rodrigues.pdf: 1529014 bytes, checksum: 35acf5a5099ee2fb55b02caf1926b99d (MD5) Previous issue date: 2015-03-09 / CAPES / A pesquisa tem por objetivo analisar de que maneira, no virtual, constituem-se sujeitos cujas produções de sentidos afetam o mundo físico, envolvendo justiça e danos físicos. O cibercrime é estudado como prática simbólica, que se dá através de um aparato tecnológico, que o veicula digitalmente. Os cenários são as comunidades virtuais, sites e revistas onde são narrados os fatos e seus desdobramentos. A metodologia é de abordagem qualitativa, netnográfica e a construção teórico-metodológica é semiodiscursiva. A difamação e a injúria são analisadas como processo de interação e de interatividade. Dentro desse contexto, busca-se redefinir noções como público e privado, virtual e real, identidade e fake, sujeito e autor, quando pensamos nas relações mantidas no ciberespaço. Quatro casos, selecionados enquanto relevantes informacionalmente para a pesquisa, são analisados com o intuito de se observar como as características resultantes à cibercultura podem facilitar os chamados cibercrimes. / The research aims to examine how, in the virtual, constitute subjects whose senses productions affect the physical world, involving justice and physical damage. Cybercrime is studied as a symbolic practice, which takes place through a technological apparatus, which transmits digitally. The scenarios are virtual communities, websites and magazines which are narrated the facts and their consequences. The methodology is qualitative approach, netnográfica and the theoretical and methodological construction is semiodiscursiva. Defamation and libel are analyzed as of interaction and interactivity process. In this context, we seek to redefine notions of public and private, virtual and real, fake identity and, subject and author, when we think of relationships maintained in cyberspace. Four cases, selected as relevant informationally for research, are analyzed in order to observe how cyberculture the resulting characteristics can facilitate the so-called cybercrime.

CNPQ::LINGUISTICA, LETRAS E ARTES

Comunicação

Cibercultura

Cibercrime

Communication

Cyberculture

Cybercrime

Cryptocurrencies and Cybercrime: The Effects of Ransom Events on the Evolution of Bitcoin

Wilson, Jacob

01 January 2018

With the explosion of Bitcoin, various cryptocurrencies are beginning to garner incredible amounts of attention from speculators and institutional investors alike. Simultaneously, the rise in the number of occurrences of cyber ransom attacks has proven to be an increasingly relevant part of the conversation in the formative years of the Bitcoin ecosystem, as hackers demand payments be in the form of bitcoin. To test the relative impact of these different ransom events on the price of bitcoin, this paper conducts an event study to quantify the reaction by investors upon revelation of the news. In addition, it examines differences between Bitcoin and two other cryptocurrencies, Ethereum and Litecoin, to control for any liquidity effects of victims buying up large sums of bitcoin. The findings of the study indicate that following the ransom events there is a positive price reaction, supporting the claim that investors in Bitcoin generally perceive these events as good news. This could have a profound effect on the development and further adoption of cryptocurrencies, as regulators try to determine whether or not to intervene.

bitcoin

cybercrime

ransom

cryptocurrency

event study

ethereum

Finance and Financial Management

Perceptions of online fraud and the impact on the countermeasures for the control of online fraud in Saudi Arabian financial institutions

Alanezi, Faisal

January 2016

This study addresses the impact of countermeasures in the control and prevention of online fraud in Saudi Arabia and the influence of the environmental context. Combatting online fraud is facilitated when the public is fully educated and is aware of its types and of the prevention methods available. People are reliant on the Internet; the possibility of being breached by hackers and fraudsters is growing, especially as socialising, online shopping and banking are carried out through personal computers or mobile devices. Online fraud has been described as an epidemic that has spread to most online activities. Its prevalence has been noted to be in regions where there is high adoption of e-commerce, and, along with it, large online financial transactions. The argument is therefore the measures taken are either are inadequate or have failed to effectively address all the issues because of the organisational and environmental context of the country. This research aims to examine online fraud perceptions and the countermeasures designed and used by financial institutions in Saudi Arabia to control and prevent online fraud in its environmental context, to examine the effectiveness/impact of the countermeasures and to examine the factors that may affect/influence the impact of the countermeasures. The qualitative method approach was chosen to ensure balanced coverage of the subject matter. The nature of the research requires a broader, in-depth, examination of the experiences of the participants from their own perspective. Meanwhile levels of awareness are low, because of lack of knowledge and training, a lack of government sensitisation and the religious inclinations of the population. The findings also confirm the efforts of organisations to put in place countermeasures using various technological means, coupled with procedural controls and checks. The measures create obstacles to most customers, who find it cumbersome to engage in online activities because of those procedures and checks. The findings also show two types of regulations: government and organisational rules, with different foci and purposes, which are mostly centred on the monitoring of Internet operations and operational guidelines. The enforcement of rules in the light of prosecuting offenders has also been minimal and passive. The countermeasures of most banks/organisations mostly focus on prevention and detection. However, the findings suggest that the activities in each component and their interrelationships have a collective impact on combatting online fraud. The success of any effort or approach to combat fraudulent activities therefore depends on the activities of the four countermeasure components.

364.16

Podvod a audit / Fraud and audit

Hruška, Tomáš

January 2015

The aim of this Master´s Thesis is to introduce fraudulent schemes within organizations and suggest possible actions to prevent this unjust behaviour that negatively affects not only organizations themselves, but also society as a whole. Audit, which is described in the first chapter, plays a major part in preventing fraud. The evolution of audit is described there as well as its main divisions consisting of external, internal and forensic audit, which is important for the investigation of fraud. Second chapter describes fraud as itself, dividing it into external and, more common, internal fraud, which is divided into corruption, asset misappropriations and financial statement fraud. This chapter also contains cybercrime, which is increasingly relevant nowadays. Detailed fraud statistics put together profile of the typical fraudster. Third chapter describes some real fraud cases within business practice. It contains four fraud cases, namely those in companies Enron, Toshiba, Target and Czech corruption scandal concerning former politician David Rath.

Targeting the escalation of cybercrime in Greece. A systematic literature review

Katerina Rebecca, Paraskeva

January 2019

Abstract:Cybercrime refers to any illegal use of technology, a computer, networked device or a network for criminal acts. It constitutes a rapidly evolving and complex phenomenon as the Internet is ruling on almost every sector of human activity. Innovation plays a highly significant role in the growth of an economy. However, every time there is an advancement in the field of technology, there is bound to be other adverse effects. Such is the case with criminology. In this end, the prevalence of cybercrime is alarmingly increasing, and there have been several attempts by the government and other concerned agencies at stemming its escalation (Curtis et al., 2009). The following thesis shows the investigation of the rise of cybercrime in Greece. It is a systematic literature review available on this topic, aiming to explore areas such as the preparedness of the government in the fight against cybercrime, and the consideration that, in so doing, it is obligated to protect the rights of intellectual property as well as the protection of the rights to privacy of its citizens (Gobran, 2015). Of all the categories of information technology-related crimes, cybercrimes are the most common. The thesis also explores the conventions and laws employed by law enforcement in the efforts to counter the activities of cybercrime, including their effectiveness. It also establishes the different sectors and industries with the highest rates of cybercrime activities and the ways in which these sectors are fighting against these activities.

criminology

cybercrime

escalation

systematic literature review

Social Sciences

Samhällsvetenskap

A qualitative exploration of the challenges the Danish police face in dealing with cybercrime

Mayland, Magnus

January 2019

Cybercrimes have been rapidly increasing over the past decade becoming more sophisticated and increasing victimization, resulting in an increased load of the police in the effort to prevent and stop these crimes. This study explores the challenges the Danish police encounter facing cybercrime and their approach to preventing it. The data were collected through interviewing individuals on a managing level in two different departments dealing with cybercrime within the Danish police force. The data were analyzed thematically to identify key issues. The main challenges found being; the time frame the police has to act upon in reference to the nature of the data, the culture that exists on the internet and distinguishing jokes from threats, the effortlessness of criminals justifying once actions, and the visible presence of the police on the internet. The primary focus of prevention to deal with some of these issues is moving towards creating a healthy network between the police and the private sector, in an effort to create a shared responsibility and a forum of which information can be shared to create a possible united front towards cybercrime.

Cybercrime

data-sharing

justification

responsibility

visibility

Social Sciences

Samhällsvetenskap

L'usurpation d'identité numérique sur Internet : Etude comparée des solutions françaises, mexicaines et nord-américaines / Digital Identity Theft on the Internet : comparative research between the of Mexico , France and the US law / Usurpación de identidad digital : un estudio comparativo de soluciones francesas, mexicanas y norteamericanas

Solis Arredondo, Cynthia

22 January 2018

L'identité numérique des personnes est devenue une des plus importantes valeurs immatérielles dans la vie quotidienne, la réputation personnelle, académique, le profil et le déroulement de la carrière professionnelle, mais encore plus que ça, la liberté d'être sur la toile sans avoir peur de l'usurpation de notre identité est l'inspiration de ce travail de thèse. Dans le monde numérique les frontières n'existent plus, les interactions avec les personnes de tout le monde sont de plus en plus courantes, le commerce électronique, les réseaux sociaux, les démarches administratives en ligne, l’échange d’information entre pays et gouvernements, et aussi les rapports romantiques dans les applications mobiles, c’est aussi la raison d’être une étude de droit comparé entre le droit mexicain, français et américain. Dans la première partie nous développons les éléments de l’identité numérique, les données personnelles comprises dans l’ensemble de ce concept qui est à la fois mal compris et en conséquence mal protégé mais aussi très importante dans le développement de l’économie numérique. La deuxième partie, comprend les interprétations de l’identité numérique dans le domaine du droit pénal du droit administratif et du droit civil et commercial. Il y a notamment des différences entre l’interprétation qui fait le droit pénal de l’identité en tant que bien juridique protégé ; en comparaison avec les interprétations du droit administratif qui protège l’identité numérique en tant que donnée personnelle, la mise en œuvre de la reconnaissance internationale du droit à la protection des données à caractère personnel et devient la régulation qui définit les règles de leur traitement, ainsi qui impose les sanctions au traitement illicite et de l’autre côté le droit civil qui d’une part reconnait le droit de la personnalité et le droit à l’image. La troisième partie est dédiée à l’étude de l’identité numérique comme source d’évolution du droit, ainsi qu’aux atteintes à l’ensemble des éléments qui font partie de cette identité. Le droit est toujours derrière l’innovation et malgré tout, à côté de l’évolution de l’humanité, des inventions, de la technologie et du développement, il existe l’évolution des actes illicites et de moyens de commission des délits dans l’endroit numérique. Même si le phénomène de l’usurpation d’identité n’est pas nouveau, il a surmonté dans le monde dans les cinq dernières années grâce aux nouvelles technologies qui permettent de créer, modifier, altérer, falsifier, reproduire et diffuser les données personnelles, photos et identifiants de façon très rapide et au niveau mondial, ce qui permet de vendre dans le marché noir plein de données personnelles pour après faire différents types d’utilisation illicite, notamment l’usurpation d’identité. Ainsi comme la nouvelle technologie sert à la sophistication des activités illicites, il existe un travail des entreprises de sécurité informatique pour lutter de façon technique contre les atteintes aux systèmes d’information, aux réseaux et à l’information, en particulier les atteintes aux données personnelles, donc, à la fin de cette partie on fait une étude des outils numériques crées à cet effet. / The digital identity has become one of the most important immaterial values in everyday life, the personal and academic reputation, the professional profile, but even more than that, the freedom to be on the web without to be afraid of the usurpation of our identity is the inspiration of this thesis work. In the digital world, borders no longer exist, interactions with people around the world are becoming more common, e-commerce, social networks, online procedures, information exchange between countries and governments, and also personal relationships in mobile applications, this is also the reason for being a comparative law study between Mexican, French and American law. In the first part, we develop the elements of digital identity, the personal data included in the whole of this concept which is both misunderstood and therefore poorly protected but also very important in the development of the digital economy. The second part, understands the interpretations of digital identity in the field of criminal law administrative law and civil and commercial law. In particular, there are differences between the interpretation of the criminal law of identity as protected legal property; in comparison with interpretations of the administrative law that protects the digital identity as personal data, the implementation of international recognition of the right to the protection of personal data and becomes the regulation that defines the rules of their treatment, thus imposing sanctions on the unlawful treatment and on the other side the civil right which a party recognizes the right of the personality and the right to the personal image. The third part is dedicated to the study of digital identity as a source of evolution of the law, as well as to the attacks on all the elements that are part of this identity. Law is always behind innovation and yet, alongside the evolution of humanity, inventions, technology and development, there is the evolution of illicit acts and means of committing crimes in the world digital environment. Even though the phenomenon of identity theft is not new, it has overcome in the world in the last five years thanks to new technologies that allow to create, modify, alter, falsify, reproduce and disseminate personal data, photos and identifiers in a very fast and global way, which allows to sell in the deep web full of personal data for later to make different types of illegal use, including identity theft. As the new technology is used for the sophistication of illicit activities, there is a work of computer security companies to fight technically against attacks on information systems, networks and information, especially data breaches of personal data, so at the end of this part we do a study of digital tools created for this purpose.

Données Personnelles

Cybercriminalité

Usurpation d'Identité

Personal Data

Cybercrime

Identity Theft

Latentní kriminalita / Latent criminality

Mikysková, Aneta

January 2021

1 Latent criminality Abstract This submitted diploma thesis deals with the phenomenon of latent criminality. Latent criminality is the part of criminality that is for some reason not registered by the law enforcement authorities. The thesis itself consists of four consecutive chapters. The first chapter deals with the concept of crime. It discusses the different approaches to concept of crime in criminology and the indicators that are used to describe it. Furthermore, this chapter is dedicated to the division of crime into latent and registered crime and the sources of information about registered crime. In particular, it focuses on official crime statistics. In the second chapter, the issue of latent crime is discussed in more detail. It defines the concept of latency, in which cases it is considered being latent criminality and what its types are. Furthermore, the ratio of latent and registered crime, the rate and extent of latency are described. At the end the possible causes of its existence are presented, one of the main reasons being the failure to report the crime by its victims. The third chapter focuses on possible methods of detecting latent crime, where more space is subsequently devoted to the two most important methods, namely victimization surveys and self- report studies. For both of these...