91 |
Cybersecurity Strategies to Protect Information Systems in Small Financial InstitutionsRawass, Johnny Fadel 01 January 2019 (has links)
Leaders of financial institutions face challenges in protecting data because of the increased use of computer networks in the commerce and governance aspects of their businesses. The purpose of this single case study was to explore the strategies that leaders of a small financial institution used to protect information systems from cyber threats. The actor-network theory was the conceptual framework for this study. Data were collected through face-to-face, semistructured interviews with 5 leaders of a small financial institution in Qatar and a review of company documents relevant to information security, cybersecurity, and risk management. Using thematic analysis and Yin's 5-step data analysis process, the 4 emergent key theme strategies were information security management, cybersecurity policy, risk management, and organizational strategy. The findings of this study indicate that leaders of financial institutions protect their information systems from cyber threats by effectively managing information security practices; developing robust cybersecurity policies; identifying, assessing, and mitigating cybersecurity risks; and implementing a holistic organizational strategy. The protection of information systems through reductions in cyber threats can improve organizational business practices. Leaders of financial institutions might use the findings of this study to affect positive social change by decreasing data breaches, safeguarding consumers' confidential information, and reducing the risks and costs of consumer identity theft.
|
92 |
Development and Validation of a Proof-of-Concept Prototype for Analytics-based Malicious Cybersecurity Insider Threat in a Real-Time Identification SystemHueca, Angel L. 01 January 2018 (has links)
Insider threat has continued to be one of the most difficult cybersecurity threat vectors detectable by contemporary technologies. Most organizations apply standard technology-based practices to detect unusual network activity. While there have been significant advances in intrusion detection systems (IDS) as well as security incident and event management solutions (SIEM), these technologies fail to take into consideration the human aspects of personality and emotion in computer use and network activity, since insider threats are human-initiated. External influencers impact how an end-user interacts with both colleagues and organizational resources. Taking into consideration external influencers, such as personality, changes in organizational polices and structure, along with unusual technical activity analysis, would be an improvement over contemporary detection tools used for identifying at-risk employees. This would allow upper management or other organizational units to intervene before a malicious cybersecurity insider threat event occurs, or mitigate it quickly, once initiated.
The main goal of this research study was to design, develop, and validate a proof-of-concept prototype for a malicious cybersecurity insider threat alerting system that will assist in the rapid detection and prediction of human-centric precursors to malicious cybersecurity insider threat activity. Disgruntled employees or end-users wishing to cause harm to the organization may do so by abusing the trust given to them in their access to available network and organizational resources. Reports on malicious insider threat actions indicated that insider threat attacks make up roughly 23% of all cybercrime incidents, resulting in $2.9 trillion in employee fraud losses globally. The damage and negative impact that insider threats cause was reported to be higher than that of outsider or other types of cybercrime incidents. Consequently, this study utilized weighted indicators to measure and correlate simulated user activity to possible precursors to malicious cybersecurity insider threat attacks. This study consisted of a mixed method approach utilizing an expert panel, developmental research, and quantitative data analysis using the developed tool on simulated data set. To assure validity and reliability of the indicators, a panel of subject matter experts (SMEs) reviewed the indicators and indicator categorizations that were collected from prior literature following the Delphi technique. The SMEs’ responses were incorporated into the development of a proof-of-concept prototype. Once the proof-of-concept prototype was completed and fully tested, an empirical simulation research study was conducted utilizing simulated user activity within a 16-month time frame. The results of the empirical simulation study were analyzed and presented. Recommendations resulting from the study also be provided.
|
93 |
A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc NetworksSolomon, Adam 01 January 2018 (has links)
Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process.
|
94 |
Internet of Things Security Using Proactive WPA/WPA2Kamoona, Mustafa 05 April 2016 (has links)
Indiana University-Purdue University Indianapolis (IUPUI) / The Internet of Things (IoT) is a natural evolution of the Internet and is becoming
more and more ubiquitous in our everyday home, enterprise, healthcare, education,
and many other aspects. The data gathered and processed by IoT networks might be
sensitive and that calls for feasible and adequate security measures. The work in this
thesis describes the use of the Wi-Fi technology in the IoT connectivity, then proposes
a new approach, the Proactive Wireless Protected Access (PWPA), to protect the access
networks. Then a new end to end (e2e) IoT security model is suggested to include
the PWPA scheme. To evaluate the solutions security and performance, rstly, the
cybersecurity triad: con dentiality, integrity, and availability aspects were discussed,
secondly, the solutions performance was compared to a counterpart e2e security solution,
the Secure Socket Layer security. A small e2e IoT network was set up to simulate
a real environment that uses HTTP protocol. Packets were then collected and analyzed.
Data analysis showed a bandwidth e ciency increase by 2% (Internet links)
and 12% (access network), and by 344% (Internet links) and 373% (access network)
when using persistent and non-persistent HTTP respectively. On the other hand, the
analysis showed a reduction in the average request-response delay of 25% and 53%
when using persistent and non-persistent HTTP respectively. This scheme is possibly
a simple and feasible solution that improves the IoT network security performance
by reducing the redundancy in the TCP/IP layers security implementation.
|
95 |
Designing an Interest-to-Function Career Alignment Model for Cybersecurity ProfessionalsPoteete, Paul Wyatt January 2020 (has links)
Cybersecurity professionals are in high demand, but the definition of individual interests and the functions that comprise those roles is more complex than it may seem. In the face of a global shortage of cybersecurity professionals, and an often-difficult team dynamic around these individuals, in addition to a dramatic rise in cybercrime and security breaches, it is important to define and understand career success and career performance within an organization. This research uses a design science approach founded on a sociotechnical theoretical framework based on Information Technology (IT) turnover and Human Resources (HR) theories to analyze individual factors of job satisfaction and job performance for cybersecurity roles to design a cybersecurity interest to function career alignment model through the integration of prominent indicators of individual interest. This is accomplished using a mixed methods approach of surveys, interviews, and a focus group that are employed using various techniques of visual, descriptive, correlation, and thematic analysis. Two key findings within this research involves cybersecurity roles and functions and the ability to align an individual's personal interests to those roles. In the former case, cybersecurity roles are poorly defined and are prone to widespread ambiguity, requiring the design of a taxonomy of discrete functions for analysis. In the latter case, individual interests, as analyzed through popular individual profiling solutions are vague and largely irrelevant to cybersecurity professionals. This requires that individual interests be defined and applied to relevant industry functions to provide meaningful alignment to job satisfaction and job performance. Among the implications for IT Turnover Theory, is the refined attribution of individual interests within cybersecurity roles instead of a monolithic interpretation of cybersecurity professionals as a single factor. This is also true for the Intermediate Linkages Model as the job satisfaction-turnover relationship may be further refined to include industry-specific functions for cybersecurity functions and the specific interests of cybersecurity professionals. The implications for design science research could extend beyond the usage of standard guidelines, venturing into this study's process of using design challenges to illuminate hidden design principles. This challenge-principle relationship may provide additional insight to new or existing facets of reasoning. These new viewpoints may uncover otherwise excluded aspects that provide additional insight into this study or topics beyond. For cybersecurity and human resources practitioners, this study provides several implications beyond the foundation for career training for functional guidance. It provides an alternative viewpoint on organizational and departmental design for cybersecurity to business alignment to increase individual job satisfaction and ultimately improve organizational performance. Future research would result in deployed artifact instantiations that promotes general career direction for future and current cybersecurity personnel, while also providing additional guidance to organizations for the proper deployment of cybersecurity teams. Other research could include IT careers beyond cybersecurity to create a standardized method for the alignment of interests to career functions for the improvement of individual job satisfaction and overall organizational performance. / Thesis (PhD (Information Technology))--University of Pretoria, 2020. / Informatics / PhD (Information Technology) / Unrestricted
|
96 |
DYNAMICKÝ BIOMETRICKÝ PODPIS JAKO EFEKTIVNÍ NÁSTROJ PRO VNITROPODNIKOVOU KOMUNIKACI / DYNAMIC BIOMETRIC SIGNATURE AS AN EFFICIENT TOOL FOR INTERNAL CORPORATE COMMUNICATIONHortai, František January 2019 (has links)
The aim of this thesis is to provide comprehensive information on the possibilities of authentication, combination of authentication factors and the integration of this issue into corporate communication. The work focuses on this issue and specifies the possibilities for obtaining authentication information, analyses the authentication methods, identification and authorization. It examines the applicability of biometric technologies, the principle of their functionality, examples of their use, their impact, the advantages and disadvantages they bring. A natural, easy-to-use, convenient tool for effective and secure communication is authentication including the dynamic biometric signature. The issues of the dynamic biometric signature technology and its implementation are examined from a comprehensive perspective involving experiments. The research proved that the dynamic biometric signature can serve as a method for supporting secure corporate communication and reduce authentication risks in companies and for individuals.
|
97 |
Cybersecurity of remote work migration: A study on the VPN security landscape post covid-19 outbreakEinler Larsson, Lukas, Qollakaj, Kushtrim January 2023 (has links)
Background. The pandemic outbreak commenced a large migration of employees from all kinds of industries from previously working in an industrial or office environment to working from home. The remote migration allowed many kinds of work to continue as usual even during a pandemic. A common tool to use when working remotely is a Virtual Private Network (VPN) that allows remote workers to connect to a Local Area Network (LAN) at the company office. Which further grants the remote worker secure access to organizations resources and services. This remote work setup has increased the complexity of the company networks and therefore also magnified the attack surface for cyber threat actors. Objectives. The objective of this thesis involves studying how the VPN security landscape looks like after the pandemic outbreak. Answering questions related to how the attacks on VPNs changed in numbers, which techniques and tactics the adversaries use against VPN security systems and then, for the thesis to “bite itself in the tail”, investigate countermeasures that can further improve the VPN security. Methods. One research method is used in two different fashions to satisfy the objectives. The research method is a Systematic Literature Review (SLR). The first SLR involves research on secondary data reports, published by cyber companies, cyber experts, or cyber departments of large IT organizations. The second SLR involves qualitative research by reading research papers related to how VPN security can be improved. Results. In direct consequence of the remote work migration the number of VPN attacks have increased. The vulnerabilities found in VPN systems have been used extensively where even national cybersecurity organizations have urged companies to patch systems. Advanced Persistent Threat (APT) groups have leveraged the published vulnerabilities by exploiting unpatched systems and established persistent and defense-evasive access to networks that remote workers connect to with VPNs. To counter these threats and to harden the VPN systems and private networks, there are recommendations involving countermeasures such as enforced Multi Factor Authentication (MFA) and adding multiple defense layers in private networks. Conclusions. This thesis concludes that the covid-19 pandemic outbreak was the root cause to the huge remote work transition which in turn caught 99% of all organizations and home networks off guard when it comes to VPN security for remote workers. This caused huge opportunities for threat actors and state sponsored adversaries which is the main reason for the increased number of cyberattacks post covid-19 outbreak. Cyber adversaries exploited every vulnerability, bug, and misconfiguration they could find by conducting tactics and techniques like phishing, ransomware, exploiting VPN vulnerabilities and performing DDoS-attacks to the best of their abilities. This caused huge damage to organizations, governments, healthcare, and militaries all around the world. In order to increase VPN security for remote workers, small, medium or big organizations, we have developed a new VPN hardening framework.
|
98 |
THREE ESSAYS ON THE ECONOMICS OF INFORMATION SECURITYZhang, Leting January 2022 (has links)
In recent years, information security has been gaining increasing public attention and has become a high priority for organizations across various industries. Despite the substantial investment in improving security posture, cyber risks continue to escalate as digital transformations are growing rapidly, and new areas of cyber-vulnerability are exposed and exploited. Thus, a critical question for managers, stakeholders, and policymakers is: How to strategically ensure the security of digital assets? To explore the question, my dissertation explores and advances three critical themes in the economics of the information security field. These themes include: 1) unraveling antecedents of risks, 2) determining the optimal level of investment in cybersecurity, and 3) investigating how cybersecurity affects market dynamics. Essay 1 is motivated by security concerns in sharing data across organizations and empirically evaluates the impact of joining a Health Information Exchange (HIE) initiative on a hospital’s data breach risks and corresponding mechanisms. Essay 2 uses a game theoretical model to investigate how to design a cost-effective crowdsourcing solution to help organizations leverage crowds’ wisdom in vulnerability management. Essay 3 examines the role of peer cyber incidents in information asymmetry issues in the financial market and analyze how peer data breaches affect the quality of a firm’s cyber risk disclosure in its financial report. The dissertation sheds light on three crucial factors in information security management: information systems interdependency, innovated cybersecurity solutions, and cyber information asymmetry. / Business Administration/Management Information Systems
|
99 |
Hack the Human : A qualitative research study exploring the human factor and social engineering awareness in cybersecurity and risk management among Swedish organizations.Andersson, Isak, Bjursell, Liza, Palm, Isak January 2023 (has links)
Background: With the rapid advancements in technology, cybersecurity has become a topic of great importance. However, the weakest link in cybersecurity programs is mainly due to human error. Proper cyber-behavior training and up-to-date information are crucial for employees to defend against cybercrimes, as criminals continue to exploit human vulnerabilities. Cybersecurity has become a critical aspect of today's digital world, necessitating comprehensive policies and practices that align with an organization's overall risk management strategy. Social engineering, a tactic employed by cybercriminals, exploits human weaknesses and biases, making prevention and detection more challenging. There are limited understanding of how human behavior affects leaders in engaging with social engineering practices, as well as a lack of consensus on implementing policies related to social engineering. Purpose: Considering the limited understanding of human behavior in cybersecurity, the purpose of this thesis is to investigate and analyze how different Swedish organizations perceive, enact, and are influenced by the awareness of social engineering in cybersecurity and risk management. Method: This is a qualitative thesis that has followed a case study research design and a positivism research philosophy, the approach has been inductive, and data has been collected through semi-structured interviews. Conclusion: Cybersecurity is an ongoing arms race with no foreseeable end in sight, as strategies and methods of attack are constantly evolving. With the data gathered, we discovered that there is a lack of awareness of how the threats can be approached and how to manage them, as well as different strategies that different organizations had employed to tighten the margin of error. The findings suggest a need for increased awareness and education to improve cybersecurity in Swedish organizations. We became aware that organizations exhibit a greater level of naivety than previously assumed, accompanied by the presence of optimism bias. Considering these findings, we strongly advise raising awareness through comprehensive employee education and adopting the Principle of Least Privilege (POLP) to enhance security measures and the awareness that is necessary. To adopt a more holistic perspective, we have derived a modified version of the risk appetite framework that can effectively facilitate the implementation of these recommendations.
|
100 |
Cybersecurity experiences and practices in charitiesLindström, Christoffer January 2022 (has links)
This study investigates the security practices of nonprofit organisations in Sweden. Nonprofit organisations are organisations with a social mission. They collect sensitive and critical information, use ICT like other organisations, and face threats from cybercrime. But we know little about how nonprofit organisations protect their assets. The method used for the research was an explorative and descriptive study using a survey methodology with interviews and a questionnaire as the instruments of data collection. Interviews were conducted for five weeks beginning in March. The questionnaire was distributed at the beginning of April to 421 charity organisations. Of those, 58 charities provided valid responses after four weeks. Based on the interviews and questionnaire responses, this research describes charity experiences and practises of cybersecurity. It describes the charity's use of both organisational and technical measures. It also describes the importance that the charity places on cybersecurity, previous experiences of breaches, and challenges with trust and transparency. The results are compared to previous research on nonprofits and small business security. The findings indicate that the current cybersecurity practice in charities is weak—most of the respondents report only using standard technical measures like anti-virus and firewalls. Less frequently, other standard technical measures are used. Charities are split on their use of organisational measures. A slight majority have identified attacks in the last 12 months. Charities respond that their level, knowledge, and budget for cybersecurity are either insufficient or sufficient. Interview findings are that charities are incentivised to prioritise money towards the mission, which prevents them from making investments in cybersecurity. Further research looking to make an impact should explore how society can incentivise charities and donors to invest in cybersecurity.
|
Page generated in 0.0604 seconds