Article

Cybersecurity through the lens of Digital Identity and Data Protection: Issues and Trends

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

The use of a secure and robust digital identification system that is capable of protecting privacy is an essential, reliable and user-friendly element for a strong cyber resilience strategy and is a source of new business opportunities and applications for banks, private sector with a return on their investment. The march towards Digital Identity is well underway therefore, focus should be on both adoption and adaption of the new structures and regulations. These are needed to govern the associated services and transactions as well as establishing laws that enforce penalties for violations. There is no doubt then that more and more entities and institutions would move to the cloud. Security challenges affecting the cloud may not be new but the mode of addressing them would be different. The authors develop a Data Colouring technique for securing data processed or stored on both cloud and non-cloud platforms. The technique combines Public Key Infrastructure (PKI), concatenated fingerprints and digital watermarking. Using this technique, data can be secured at creation or during storage and remains secure during processing.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... Artificial intelligence-powered attacks: Sophisticated attacks using AI to evade detection and exploit vulnerabilities (Ahmad et al., 2024;Koops & Leenes, 2006;Nzeakor et al., 2022) Several research papers have highlighted the need for effective strategies to mitigate cyber identity threats in Africa's digital transformation. Maher, (2024) accentuated the significance of protecting personal data and preventing cybercrime Kshetri (2019) highlighted the importance of implementing robust cybersecurity measures, such as encryption, KYC, and two-factor authentication (Burnes et al., 2020;Sule et al., 2021), to protect against identity theft and fraud. Koops and Leenes (2006) investigated the potential of blockchain technology to safeguard personal information and avoid identity theft. ...
... Furthermore, an AfDB (2020) study emphasizes the necessity of developing and implementing effective cybersecurity frameworks and standards to guide cybersecurity efforts in Africa. Sule et al., (2021) suggested that implementing incident response plans can help mitigate the impact of cyber-attacks and prevent identity theft. ...
... Educating users on cybersecurity best practices to prevent cyber identity threats. (Nzeakor et al., 2022;Onyema et al., 2021;Sule et al., 2021). ...
Conference Paper
Full-text available
Executive Summary Cyber identity theft has become a critical concern that needs the attention of researchers, academicians, organisations, and stakeholders to ensure that the Cybersecurity Compliance Framework is applied to the protection and security of information systems for confidentiality. According to a report by Smile Identity, a pan-African digital identity verification company, the identity fraud rate in Africa increased by 28% in 2022 based on about 50 million know-your-customer (KYC) verifications in Africa, as published in "The 2022 State of KYC in Africa". Due to the increasing demand for digitalisation, every individual and organisation in Africa, including Nigeria, faces continual shifting cyber identity thefts. This article provides strategies to mitigate cyber identity thefts in Africa's digital transformation. To stay ahead of the curve in cyber threats, the author conducted a systematic review to uncover the latest state-of-the-art trends and challenges in cybersecurity. Additionally, this paper addresses the future direction of cybersecurity, presenting possible strategies to addressing the increasing cybersecurity threat landscapes and attack surfaces of identity theft, as well as underscoring the importance of ongoing adoption along with collaboration among stakeholders in the cyber ecosystem to detect and automate cyber threat mitigation responses and best practices.
... Artificial intelligence-powered attacks: Sophisticated attacks using AI to evade detection and exploit vulnerabilities (Ahmad et al., 2024;Koops & Leenes, 2006;Nzeakor et al., 2022) Several research papers have highlighted the need for effective strategies to mitigate cyber identity threats in Africa's digital transformation. accentuated the significance of protecting personal data and preventing cybercrime Kshetri (2019) highlighted the importance of implementing robust cybersecurity measures, such as encryption, KYC, and two-factor authentication (Burnes et al., 2020;Sule et al., 2021), to protect against identity theft and fraud. Koops and Leenes (2006) investigated the potential of blockchain technology to safeguard personal information and avoid identity theft. ...
... Furthermore, an AfDB (2020) study emphasizes the necessity of developing and implementing effective cybersecurity frameworks and standards to guide cybersecurity efforts in Africa. Sule et al., (2021) suggested that implementing incident response plans can help mitigate the impact of cyber-attacks and prevent identity theft. ...
... Educating users on cybersecurity best practices to prevent cyber identity threats. (Nzeakor et al., 2022;Onyema et al., 2021;Sule et al., 2021). ...
Article
Full-text available
Cyber identity theft has become a critical concern that needs the attention of researchers, academicians, organizations, and stakeholders to ensure that the Cybersecurity Compliance Framework is applied to the protection and security of information systems for confidentiality. According to a report by Smile Identity, a pan-African digital identity verification company, the identity fraud rate in Africa increased by 28% in 2022 based on about 50 million know-your-customer (KYC) verifications in Africa, as published in "The 2022 State of KYC in Africa." Due to the increasing demand for digitalization, every individual and organization in Africa, including Nigeria, faces continual shifting cyber identity thefts. This article provides strategies to mitigate cyber identity thefts in Africa's digital transformation. To stay ahead of the curve in cyber threats, the author conducted a systematic review to uncover the latest state-of-the-art trends and challenges in cybersecurity. Additionally, this paper addresses the future direction of cybersecurity, presenting possible strategies to address the increasing cybersecurity threat landscapes and attack surfaces of identity theft, as well as underscoring the importance of ongoing adoption along with collaboration among stakeholders in the cyber ecosystem to detect and automate cyber threat mitigation responses and best practices.
... This finding adds to other past studies that showed similar results. For example, Ho and Sule et al. showed that digital identification systems have several advantages for the government and users [25,26]. According to Sule and others, the primary objective of these NDI management systems should be the facilitation of government access [26]. ...
... For example, Ho and Sule et al. showed that digital identification systems have several advantages for the government and users [25,26]. According to Sule and others, the primary objective of these NDI management systems should be the facilitation of government access [26]. Some of the benefits of the NDI system include enhanced verification and authentication standards, increased accuracy in identification, better security, reduced operational costs, better customer experiences, and the integration of government agency services [2]. ...
... In addition, the digital identity management and governance system should incorporate the interests and expectations of various stakeholders, especially the users' privacy rights and data protection concerns. In addition, introducing a National Digital Identity model for the country should help the government implement better service delivery systems [26]. Although the interviewees agreed that the UAE Pass improved their access to government services, they suggested that it should be available to all segments of the population through user-friendly design and customer support. ...
Article
Full-text available
The United Arab Emirates (UAE) is a frontrunner in digitalising government services, demonstrating the successful implementation of National Digital Identity (NDI) systems. Unlike many developing nations with varying levels of success with electronic ID systems due to legal, socio-cultural, and ethical concerns, the UAE has seamlessly integrated digital identities into various sectors, including security, transportation, and more, through initiatives like UAE Pass. This study draws on the UAE’s functional digital ID systems, such as those utilised in the Dubai Smart City project, to highlight the potential efficiencies and productivity gains in public services while addressing the associated risks of cybersecurity and privacy. This paper provides a comprehensive understanding of the UAE’s NDI and its impact on the nation’s digital transformation agenda, offering a thorough analysis of the effectiveness and challenges of NDIs, explicitly focusing on the UAE’s approach.
... The significance of digital identity security is on the rise, driven by long-term trends in the proliferation and personalization of communication technologies such as mobile phones, smart devices, and IoT [3]. These devices form a crucial part of an individual's identity, often containing personal and transactional data [4]. The tightening of data protection legislation, such as GDPR in the EU, CCPA in California, LGPD in Brazil, and POPI in South Africa, mandates companies collecting personal data to proactively safeguard it throughout its lifecycle. ...
... In the Cybersecurity article [4,6] the authors highlight the World Bank's belief that, during the 2020 pandemic, some countries could more reliably identify vulnerable groups in need of emergency financial assistance benefits by leveraging digital identification systems. In their paper, the authors propose techniques to enhance identity data protection, applicable to both public cloud storage and private data centres, such as digital fingerprinting and data dyeing techniques [7]. ...
... Then we compute the vector for the aspect with TLS encryption: enc(TLS) = [5,4,4,4,7,5,4,8,6,5,0,0,7,4,5,5]. Finally, we compute the minimum of the values of both vectors. ...
... Nonetheless, the potential of these models in reshaping the landscape of ransomware response strategies cannot be overlooked [21], [2], [22]. As ransomware continues to evolve, the role of LLMs in cybersecurity is poised to become a focal point of research and application, offering a glimpse into a future where artificial intelligence plays a crucial role in cyber defense [23], [24], [25]. ...
... Beyond these capabilities, AI's role in cybersecurity has extended to the generation of governance, risk management, and compliance (GRC) policies [23], [66]. AI systems have been instrumental in analyzing vast datasets to derive insights for the formulation of comprehensive GRC frameworks, tailored to the unique needs of organizations [67], [41], [68]. ...
... Incorporating human oversight into AI-driven cybersecurity strategies is not just a precaution but a necessity [76]. It ensures that the deployment of AI in sensitive and high-stakes scenarios such as ransomware negotiations is responsible, ethical, and aligned with broader societal values and security objectives [23], [59]. ...
Preprint
Full-text available
This study presents a comprehensive analysis of the application of Large Language Models (LLMs), specifically ChatGPT and Claude, in the context of ransomware negotiation. Ransomware, an increasingly prevalent and sophisticated cyber threat, necessitates innovative response strategies. This study examines the capabilities of these LLMs in simulating human-like negotiation tactics against ransomware attacks, focusing on two main types: cryptographic and data exfiltration ransomware. Through a series of controlled simulations, the efficacy of ChatGPT and Claude in understanding complex language constructs, formulating negotiation strategies, and their adaptability to varying ransomware scenarios is evaluated. The research highlights the strengths of these models in response accuracy, adaptability, and psychological manipulation resistance. However, it also reveals their susceptibility to producing hallucinations — instances of unrealistic or inaccurate responses. The study contributes to the understanding of AI's potential in cybersecurity, emphasizing the need for improvements in AI reliability, ethical considerations, and the integration of human oversight. The findings suggest that while LLMs hold promising potential in enhancing cyber defense mechanisms, their deployment in high-stakes scenarios like ransomware negotiations must be approached with caution and continuous oversight.
... Blockchain technology, at the heart of this proposed system, provides a secure and immutable ledger, which is ideal for recording and verifying digital identities in a tamper-proof manner [40], [41]. The application of blockchain in identity verification ushers in a new era of security, where each identity is verified and stored on a decentralized network, significantly reducing the risk of single-point failures and unauthorized alterations [42], [43]. Furthermore, the system's architecture, which is founded on blockchain technology, facilitates stringent access control mechanisms [44], [45]. ...
... Initial investigations into this technology have revealed its capacity to create unmodifiable records, a critical feature for preserving data integrity [33], [39], [38]. Another significant research avenue has been the development of decentralized public key infrastructure (DPKI), which offers an enhancement over traditional PKI systems by bolstering the security aspects of digital identity management [43], [46], [49]. Moreover, numerous studies have delved into the application of blockchain in establishing platforms for data exchange that are both transparent and secure, highlighting its capability to reduce the likelihood of data breaches [32], [34]. ...
... As the proposed system introduces additional security layers such as multi-factor authentication on top of blockchain-based identity verification, it runs the risk of negatively impacting user experience if proper precautions are not taken [36], [44]. Any added authentication requirements inevitably place more onus on end-users to validate their identities before system access [43], [72], [46]. Factors such as one-time passwords, security keys, fingerprint verification, facial recognition and so forth, while strengthening security, may become inconvenient or cumbersome over time [47], [48], [49]. ...
Preprint
Full-text available
p>The escalating sophistication of ransomware has catalyzed the transition from traditional encryption-focused attacks to more pernicious data exfiltration techniques. This research proposes a Decentralized Identity Verification System to combat the amplified threats of data theft and extortion. The system integrates blockchain technology to establish a resilient identity management framework reinforced by multi-factor authentication and smart contract-based access policies. By addressing fundamental vulnerabilities enabling unauthorized data access, the system proactively reduces attack surfaces vulnerable to ransomware infiltration. Simulated attack scenarios reflect promising security enhancement outcomes across metrics including prevention of data breaches, access control efficiency and system responsiveness to threats. While scope remains for continued innovation, this exploration highlights the synergetic potential of cryptography, access governance decentralization for reshaping data protection against contemporary cyber risks.</p
... Blockchain technology, at the heart of this proposed system, provides a secure and immutable ledger, which is ideal for recording and verifying digital identities in a tamper-proof manner [40], [41]. The application of blockchain in identity verification ushers in a new era of security, where each identity is verified and stored on a decentralized network, significantly reducing the risk of single-point failures and unauthorized alterations [42], [43]. Furthermore, the system's architecture, which is founded on blockchain technology, facilitates stringent access control mechanisms [44], [45]. ...
... Initial investigations into this technology have revealed its capacity to create unmodifiable records, a critical feature for preserving data integrity [33], [39], [38]. Another significant research avenue has been the development of decentralized public key infrastructure (DPKI), which offers an enhancement over traditional PKI systems by bolstering the security aspects of digital identity management [43], [46], [49]. Moreover, numerous studies have delved into the application of blockchain in establishing platforms for data exchange that are both transparent and secure, highlighting its capability to reduce the likelihood of data breaches [32], [34]. ...
... As the proposed system introduces additional security layers such as multi-factor authentication on top of blockchain-based identity verification, it runs the risk of negatively impacting user experience if proper precautions are not taken [36], [44]. Any added authentication requirements inevitably place more onus on end-users to validate their identities before system access [43], [72], [46]. Factors such as one-time passwords, security keys, fingerprint verification, facial recognition and so forth, while strengthening security, may become inconvenient or cumbersome over time [47], [48], [49]. ...
Preprint
Full-text available
p>The escalating sophistication of ransomware has catalyzed the transition from traditional encryption-focused attacks to more pernicious data exfiltration techniques. This research proposes a Decentralized Identity Verification System to combat the amplified threats of data theft and extortion. The system integrates blockchain technology to establish a resilient identity management framework reinforced by multi-factor authentication and smart contract-based access policies. By addressing fundamental vulnerabilities enabling unauthorized data access, the system proactively reduces attack surfaces vulnerable to ransomware infiltration. Simulated attack scenarios reflect promising security enhancement outcomes across metrics including prevention of data breaches, access control efficiency and system responsiveness to threats. While scope remains for continued innovation, this exploration highlights the synergetic potential of cryptography, access governance decentralization for reshaping data protection against contemporary cyber risks.</p
... However, to date, most researchers have focused on the results arising from digitization, including innovation [12], [13], firm productivity [3], [14], and economic growth [15], rather than on data governance, and especially data regulation. Considering the nonrivalry of data assets [8], data governance and regulations are indispensable for effective data utilization, transformation, and CS [16]. However, in spite of its supreme importance, contemporary data governance has been inadequate, overly rigid and risk oriented, and has tended to be limited in scope to an organization's self-interest, rather than the broad set of stakeholders involved [10]. ...
... CS is a nonnegligible issue in the digital economy era and is one of the goals of data regulation. Considering that robust CS is a source of new business opportunities and applications [16], it was rational to introduce CS as a variable. CS was measured using text mining based on corporate annual reports as a control variable in the benchmark model. ...
Article
italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">The research problem : In this article, we identify the hindering effect of industry monopolies and insufficient regulation on China's data asset market. We underscore the necessity for a robust, market-driven data-allocation mechanism to foster the country's digital economy and high-quality development. Motivation : The principal aim of this study is to analyze the catalytic role of government regulations and innovation subsidies in spurring innovation within digital firms, a crucial element in China's push for modernization and high-quality development. The investigation targets digital companies affected by regulatory measures, government institutions responsible for policy development, and policymakers and economists with vested interests in the digital economy and innovation. Adopted methodology : The study utilizes an evolutionary game analysis and fixed-effect regression, deploying a complex evolutionary game model to scrutinize innovation strategies amongst key industry players. The analysis is grounded in empirical data from key Chinese industry sectors over the past decade. Analyses : The findings reveal that government-led data regulation and subsidies, along with firms’ cybersecurity measures, are instrumental in facilitating innovation. However, innovation costs and penalties stifle this progress. These insights provide actionable policy recommendations designed to invigorate digital innovation and propel economic advancement.
... NDIV platform acceptance is the degree to which a person consents to the NDIV platform (Chong et al., 2021). There were several terms for the NDIV platform used in previous research studies, including digital identity (Rivera et al., 2017;Engeness, 2021;Korać et al., 2021;Madon and Schoemaker, 2021;Sule et al., 2021); privacy-preserving authentication technology (Harbach et al., 2013); and digital identity system (Mir et al., 2021). The different countries had different names for their digital identity verification platform. ...
... The NDIV platform is viewed as beneficial not only to citizens of a country but also to refugees in refugee management (Madon and Schoemaker, 2021); education; health services, and other social benefits (Sule et al., 2021); stakeholders and policymakers (Mir et al., 2021); and for better information security in e-learning systems (Korać et al., 2021;Engeness, 2021). The implementation of the NDIV platform showed numerous success stories in the countries it was implemented. ...
Article
Full-text available
Government and private organisation services online have been adopted rapidly during the digitalisation post-COVID-19 pandemic. The lack of digital identity exacerbates the authentication and verification of online services. This study investigates the mediating role of trust on determinants of national digital identity verification platform acceptance among young investors. The study develops an integrated theoretical framework from the Protection Motivation Theory and Uncertainty Reduction Theory. The study model incorporates three constructs, namely perceived severity, response efficacy, and transparency and accesses how trust as a mediator affects the acceptance of the NDIV platform. The online quantitative survey approach will be used as the method of this study, and data will be distributed among young investors in Malaysia. This study employs a comprehensive framework to understand the acceptance level of the NDIV platform. The study's findings will contribute to the body of knowledge regarding the NDIV platform in the Malaysian context.
... HCCS is becoming a challenge for governments as users question the ability of governments and organizations to maintain data privacy such as the Myhealth record system used in Australia. 13 For example, the process of setting up a myGov account in Australia requires providing identity documents that have been targeted in recent data breaches like Optus and Medibank, emphasizing the importance of humancentric cybersecurity measures to protect users' personal information and prevent fraudulent activities in the use of digital identity systems. 9 Furthermore, privacy concerns related to NDID systems have been a focal point of research. ...
... 43 Additionally, location can influence individuals' access to digital infrastructure and resources, affecting their ability to adopt NDIDs. 13 Education and digital skills can further shape perceptions of the ease of use and benefits associated with NDID adoption. 50 Addressing these indirect variables will allow us to gain insights into NDID use and adoption of NDIDs. ...
Article
Full-text available
National digital identity systems (NDIDs) are increasingly important for users’ authentication and secure access to e-government services. However, there is insufficient research on human-centric cybersecurity (HCCS) that impacts the use of NDIDs. Drawing on the theory of planned behavior and technical formal informal model, this paper proposes and validates a research model that depicts how HCCS affect the use of NDIDs. Data were collected from 203 Australian residents and analyzed using structural equation modeling and multiple linear regression analysis. The findings revealed that security, privacy, perceived risk, usability, flexibility, and cultural and social inter-ference significantly impact the use of NDIDs. Considering HCCS in NDIDs usage, especially in risk- conscious cultures, is crucial. Low cybersecurity awareness and trust impede NDIDs adoption, emphasizing the need for cybersecurity education and awareness. The insights benefit policy-makers, governments, and cybersecurity practitioners, providing a valuable understanding of human-centric cybersecurity influence on the use of NDIDs.
... NDIV platform acceptance is the degree to which a person consents to the NDIV platform (Chong et al., 2021). There were several terms for the NDIV platform used in previous research studies, including digital identity (Rivera et al., 2017;Engeness, 2021;Korać et al., 2021;Madon and Schoemaker, 2021;Sule et al., 2021); privacy-preserving authentication technology (Harbach et al., 2013); digital identity system (Mir et al., 2021;; and biometric facial recognition system (Hizam et al., 2021). The different countries had different names for their digital identity verification platform. ...
... The NDIV platform was viewed as beneficial not only to citizens of a country but also to refugees in refugee management (Madon and Schoemaker, 2021;; education; health services, and other social journal.ump.edu.my/jgi ◄ benefits (Sule et al., 2021); stakeholders and policymakers (Mir et al., 2021); and for better information security in elearning systems (Korać et al., 2021;Engeness, 2021). The implementation of the NDIV platform showed numerous success stories in the countries it was implemented. ...
Article
Full-text available
This study aims to investigate the determinants of NDIV platform acceptance among young investors in Malaysia within the context of protection motivation theory and uncertainty reduction theory. The study proposed a conceptual model comprising five hypotheses tested using structural equation modelling-partial least squares. Data was collected through an online questionnaire survey from 361 young investors in Malaysia. The results show that acceptance of the NDIV platform is directly influenced by perceived severity, response efficacy, self-efficacy, and transparency. This study extended the protection motivation theory by incorporating uncertainty reduction theory to strengthen the predictions of NDIV platform acceptance among young investors in Malaysia. The study brought meaning by filling the theoretical, empirical, and methodological gaps in the body of knowledge. This research contributes to the administrators, regulators, industry practitioners, and government to improve the platforms' strategies and increase citizen engagement conclusions.
... One basic and common enabler of cyberattack is human error. These enablers could be as simple as trusting the electronically sent instructions in a phishing email, to as complex as criminals posing as clients, vendors or even employees or professionals with an aim of gaining access to your assets, both financial and others (Shelby, 2018;Sule et al., 2021). Table 2 illustrates some common threats to information systems. ...
... One basic and common enabler of cyberattack is human error. These enablers could be as simple as trusting the electronically sent instructions in a phishing email, to as complex as criminals posing as clients, vendors or even employees or professionals with an aim of gaining access to your assets, both financial and others (Shelby, 2018;Sule et al., 2021). Table 2 illustrates some common threats to information systems. ...
Chapter
Full-text available
The business world around us is changing at a rapid pace and generally, in countries of the west, we are experiencing the death of high street. Not that long ago, we saw well-established companies such as Blockbuster, HMV, Kodak, Nokia and BlackBerry pushed to the brink by smart competitors such as Netflix, Spotify and several other digital businesses reinventing existing industries. In each case, there were opportunities to act before a crisis engulfed these organisations. Today, digital strategies such as investments in general information technology and IT outsourcing are major elements of overall business strategy, sometimes allowing firms to differentiate from competitors, other times creating demands to conform with competitive norms. When it comes to the digital workplace, artificial intelligence and machine learning are moving into most fields, thus the popular opinion, and fear, is that machines are encroaching upon human work activities, and taking an ever-larger percentage of this work away for good, from the dirty and dangerous, to the dull, and decisions. In this chapter, we examine how innovative business models, combined with the appropriate digital strategies, will transform future businesses. We will also explore how disruptive technologies such as social media, mobile, data analytics, cloud, wearables, RPA, robotics, AI and the IoT can be applied in powerful combinations, together with the appropriate digital marketing tools, to give businesses a competitive advantage.
... One of them is the need for efficient system integration between various government agencies, the private sector, and digital service providers. This system must be able to ensure that personal data recorded in digital identities is only used for legitimate purposes and is not misused by irresponsible parties (Sule et al., 2021). ...
Article
Full-text available
The implementation of a digital identity system in Indonesia, specifically through the introduction of digital ID cards, represents a significant milestone in the country's public administration. This policy aims to streamline administrative processes, enhance service access, and ensure more efficient management of citizen data. However, the shift to digital identities presents challenges related to personal data protection, technological infrastructure, and public acceptance. This study explores the implications of the digital identity policy, focusing on legal frameworks, public reception, and the protection of personal data. Using a qualitative approach, the study analyzes key findings from interviews, document reviews, and observations, highlighting critical issues such as the security of biometric data, the integration of digital identity systems across public services, and the public's understanding of digital rights. The study concludes with policy recommendations aimed at strengthening data protection laws, improving infrastructure in underserved areas, and fostering greater public awareness to ensure a successful transition to a digital identity system in Indonesia.
... A rising number of interventions are implemented to enhance cyber resilience, prevent incidents, and develop threat intelligence activities (Conti, Dargahi, & Dehghantanha, 2018): the certification of ICT products and digital service providers (Cadzow, Sanchez, & Baldini, 2018;Kamara, Ronald Leenes, & Stuurman, and Jasper van den Boom., 2020;Khurshid, Alsaaidi, Aslam, & Raza, 2022;Tsvilii, 2021), information sharing among administrations (Luiijf & Klaver, 2015;Pala & Zhuang, 2019;Zibak & Simpson, 2019), audit activities, monitoring, and risk assessments (Dupont, 2019;Mughal, 2018;Onwubiko, 2015), and network security procedures to safeguard data against malware (Badsha, Vakilinia, & Sengupta, 2019;Markopoulou, Papakonstantinou, & de Hert, 2019;Schünemann & Baumann, 2017;Sule, Zennaro, & Thomas, 2021). ...
Article
Full-text available
The escalating threat of cyber risks has propelled cybersecurity policy to the forefront of governmental agendas worldwide. Incident reporting, a cornerstone of cybersecurity legislation, may facilitate swift responses to cyberattacks and foster a learning process for policy enhancement. Despite its widespread adoption, there are no analyses on its efficacy, implementation, and avenues for improvement. This article provides a theory-based evaluation of incident reporting using the methods of realist synthesis and process tracing. We develop a program theory of incident reporting hypothesizing its dual role as a fire alarm and a catalyst for policy learning. The program theory is tested by drawing upon a range of literature and official documents, supplemented by insights from the Italian context through interviews with key informants. The evaluation reveals mixed findings. While incident reporting effectively serves as a fire alarm, particularly for organizations with limited cyberse-curity capacity, challenges persist due to capacity gaps and a reluctance to report incidents. The link between incident reporting and policy learning remains tenuous, with evidence of inertia hindering the implementation of more radical changes. Policy recommendations include streamlining internal communications, combining rapid and in-depth reporting, fostering data-sharing agreements, ensuring dedicated communication of lessons from central cyber actors, and streamlining organizational procedures for implementing changes.
... Cybersecurity threats, such as data breaches and hacking, can compromise sensitive information and disrupt essential services. Protecting the integrity and confidentiality of data is paramount to maintaining public trust and ensuring the resilience of digital governance systems [49]. In addition, it is essential to ensure transparency, accuracy, security, and privacy protection when collecting, using, and sharing data responsibly. ...
Article
Full-text available
This study constructs an analytical framework to assess the effectiveness of collaborative governance in smart communities, focusing on six key elements: collaborative subjects, funding sources, community participants’ literacy, community-specific systems, community culture, and supporting facilities. Using fuzzy set qualitative comparative analysis (QCA) on 20 typical cases of community governance, the study identifies that collaborative subjects and supporting facilities are necessary conditions for achieving effective community governance. Community culture and community participants’ literacy are recognized as sufficient conditions for effective collaborative governance involving multiple subjects in smart communities. The study also identifies several pathways to enhance the effectiveness of collaborative governance in smart communities, including the subject-–culture-embedded pathway, technology–resource-driven pathway, and system–talent-led pathway. These pathways highlight the integration of community-specific cultural elements and the leveraging of modern technologies to foster stakeholder engagement, enhance decision-making processes, and improve service delivery. The findings suggest that robust community culture and literacy, combined with advanced technological infrastructure and diverse funding sources, significantly contribute to the success of collaborative governance initiatives. By providing a comprehensive analysis of the interplay between these factors, the study offers valuable insights into the construction of smart communities and proposes strategies for enhancing the effectiveness of collaborative governance. This research contributes to the broader discourse on sustainable urban development and the knowledge economy, emphasizing the crucial role of innovation, technology, and community engagement in shaping the future of smart cities.
... Digital identity technologies and biometric solutions are crucial for assuring the security and usability of systems in the healthcare and insurance industries. With the increasing digitization of various sectors, comprehensive identity frameworks are vital to protect sensitive data, restrict illegal access, and promote smooth and secure interactions across platforms (Sule et al., 2021 Insurers can employ decentralized identification systems to streamline claims verification processes, lowering fraud and processing times (Boysen, 2021). ...
Technical Report
Full-text available
The insurance and healthcare sectors in the United States face enormous cybersecurity risks, compounded by their increased reliance on AI, digital infrastructures, and interconnected data ecosystems. These industries are high-value targets for cybercriminals due to their huge reservoirs of sensitive data, including personally identifiable information (PII) and protected health information (PHI). This article analyses techniques to safeguard insurance and healthcare systems by leveraging AI, advanced data security practices, and mitigation frameworks like MITRE ATLAS and EMB3D. Through a review of real-world case studies, including the PyTorch dependency confusion attack, the article highlights the vulnerabilities provided by supply chain concerns, adversarial AI threats, and legacy system deficiencies. It emphasizes the vital significance of privacy-enhancing technology, distributed confidential computing, and digital identity solutions in mitigating cyber dangers. Furthermore, the paper explores the impact of regulatory frameworks such as HIPAA and HITECH and shows their significance in defining corporate tactics to prevent breaches and assure compliance. By merging cutting-edge technology with risk mitigation frameworks, this paper presents concrete ways to boost system resilience, preserve crucial data, and establish confidence in AI-driven healthcare and insurance systems. The proposals aim to equip stakeholders to confront growing threats while guaranteeing the secure deployment of AI and digital tools in these vital industries.
... To deal with potential cyber threats, organizations require a robust cybersecurity setup capable of B Fahad M. Alotaibi Fmmalotaibi@kau.edu.sa Fawad fawad7528@gist.ac.kr protecting data privacy [3]. The traditional signature-based cyber attack detection approaches suffer due to the rapidly evolving nature of cyber threats. ...
Article
Full-text available
The widespread integration of interconnected network elements within the Internet of Things (IoT) has increased its vulnerability to security breaches. This is due to the various software and networks involved in IoT. Numerous elements within these networks lack built-in cyber defenses. Traditional methods like access control, password security, data authentication, malware scanners, and firewalls often fail against sophisticated cyber-attacks due to their reactive nature and limited adaptability. Additionally, intrusion detection systems and security audits can be prone to attacks and may struggle with evolving threats. To address these limitations, We propose a novel hybrid residual layer deep neural network (HRL-DeepNet) for detecting cyber-attacks and anomalies in organizational assets. The HRL-DeepNet employs gated recurrent unit (GRU), bidirectional long short-term memory (BiLSTM), and long short-term memory (LSTM) sequences in hybrid and residual setups. Utilization of hybrid and residual setups not only boosts the distinctiveness of the features but also improves the accuracy of intrusion detection. The proposed HRL-DeepNet, when evaluated on ToN-IoT and CICIDS2017, resulted in high accuracy, with a significantly low false positive rate (FPR) outperforming other state-of-the-art frameworks. Furthermore, the proposed HRL-DeepNet achieves accuracies of 0.999 and 0.986 on the ToN-IoT and CICIDS2017 datasets, respectively, while also achieving F1 scores of 0.977 and 0.966 on the same datasets. This demonstrates its superiority over recently reported works.
... Collecting and gathering sensitive data from students raises security and privacy concerns (Piper, 2024). Inadequate safeguards and protocols for data protection may expose students to risks such as data breaches, identity theft, or misuse of personal information (Sule et al., 2021). Protecting students' sensitive information and ensuring a secure online learning environment have become vital in the digital age. ...
Article
Full-text available
The modern period is witnessing a profound digital revolution in human life, often referred to as an explosion of information. This digitalization trend is revolutionizing various aspects of society, notably the education sector. The advent of sophisticated technologies for information storage, processing, and dissemination has revolutionized learning paradigms. Digital platforms have democratized education, providing enhanced accessibility and personalized learning experiences. Interactive and engaging content delivery methods have redefined traditional pedagogical approaches, fostering increased engagement among learners in diverse educational settings. The integration of digital technologies has empowered students, educators, and researchers to actively participate in educational programs and access hands-on learning opportunities. While digitalization promises to enhance the quality and effectiveness of educational resources, it also presents challenges such as technology disparities, security concerns, inadequate training, and adoption hurdles. This study aims to delve into the multifaceted dimensions of digitalization in education, exploring its potential benefits and obstacles. By addressing the complex issues faced by stakeholders in the education ecosystem, this conceptual analysis seeks to accelerate the seamless integration of digital technologies into the educational landscape, envisioning a digitally empowered educational system for the nation
... Although IP cameras have been established as an everyday experience, the breakthrough of ICT and AI facilitates disruptive identity-related actions (Wang and Tucker 2021). Identity data needed for PPE compliance, which are vulnerable to fraud, are considered highly sensitive (Sule et al. 2021). Despite the existence of regulations such as the European Union's General Data Protection Regulation (GDPR 7 ), that aim to oversee the processing of identity data, existing cybersecurity tools tend to be either application-specific or only partially compliant with these regulatory standards (Rhahla et al. 2021;Ruohonen and Hjerppe 2022). ...
Article
Full-text available
Computerized compliance of Personal Protective Equipment (PPE) is an emerging topic in academic literature that aims to enhance workplace safety through the automation of compliance and prevention of PPE misuse (which currently relies on manual employee supervision and reporting). Although trends in the scientific literature indicate a high potential for solving the compliance problem by employing computer vision (CV) techniques, the practice has revealed a series of barriers that limit their wider applications. This article aims to contribute to the advancement of CV-based PPE compliance by providing a comparative review of high-level approaches, algorithms, datasets, and technologies used in the literature. The systematic review highlights industry-specific challenges, environmental variations, and computational costs related to the real-time management of PPE compliance. The issues of employee identification and identity management are also discussed, along with ethical and cybersecurity concerns. Through the concept of CV-based PPE Compliance 4.0, which encapsulates PPE, human, and company spatio-temporal variabilities, this study provides guidelines for future research directions for addressing the identified barriers. The further advancements and adoption of CV-based solutions for PPE compliance will require simultaneously addressing human identification, pose estimation, object recognition and tracking, necessitating the development of corresponding public datasets.
... As the ID wallet serves as an interface for diverse users to manage identity data and related services, the technical architecture can vary (Podgorelec et al., 2022). Here, one can differentiate between decentralized and centralized architecture concepts, where, for instance, data is stored on a smartphone or cloud environment (Sule et al., 2021;Windley, 2023). Moreover, the visibility of the ID wallet can differ, offering Issue identity data (e.g., driver's license or membership card) to the ecosystem upon the user's request ID wallet providers Provide a platform serving as a central wallet interface for users to store and manage their identity data Relying parties Utilize various identity data at the user's request to enhance shared value creation for business processes Users ...
Article
Full-text available
With the eIDAS 2.0 legislation, the European Union seeks to establish a digital identity data ecosystem and to empower citizens to manage digital credentials from various sources through an ID wallet interface. To achieve this, governments must develop holistic orchestration models integrating technical, regulatory, and economic perspectives. This approach will foster ecosystem value creation, address orchestration tensions, and design sustainable operating models for various ecosystem actors. While IS research has explored private-sector governance mechanisms in platform and data ecosystems, a research gap exists in understanding public–private orchestration where governments act as orchestrators. We address this through a structured document analysis of 80 position papers from various stakeholders participating in a public government consultation process and 14 semi-structured in-depth interviews. By examining ecosystem value creation mechanisms, orchestration tensions, and monetization challenges, we identify two government orchestration standard types for the ID wallet provision. The Government ID-Infrastructure Wallet model embodies an ecosystem-integrated public infrastructure, while the Trust ID Wallet Federation exemplifies a dynamic and competition-driven approach. By bridging the self-sovereign identity ecosystem paradigm with digital identity infrastructure research, our work contributes to the understanding and theoretical development of data ecosystems and digital identity research from a government perspective.
... In an era where personal and financial information is stored digitally, the risk of unauthorized access, data breaches, and misuse of sensitive data is significant. Inadequate data protection measures and cybersecurity vulnerabilities can jeopardize an individual's privacy and financial security (Sule, Zennaro, and Thomas, 2021). ...
Article
Full-text available
In Nigeria’s rapidly evolving digital economy, data privacy and digital credits emerge as critical areas demanding robust stakeholder engagement and strategic oversight. This study examines the intricate web of key stakeholders in digital data privacy and digital credit sectors, their interrelations, responsibilities, and impacts. These stakeholders include governmental regulatory bodies, financial technology firms (fintechs), consumers and international organizations. Through a systematic literature review, the study navigates the complexities of these relationships, particularly in the wake of Nigeria's Data Protection Act and the burgeoning digital credit market. Data is synthesized from policy documents, digital credit transaction trends, and organizational repositories to underscore the growing significance of stakeholder actions and interactions. The findings illuminate the current landscape and forecast the trajectory of digital data governance and credit practices, emphasizing the necessity for a harmonious and secure digital economy that serves all stakeholders equitably.
... 73 For Sule et al., it is a set of individual information or attributes that describe an entity and that is used to determine the transactions in which the entity can legitimately engage. 74 Sullivan as well as the Boston Consulting Group consider that it is the sum of all digitally available information about an individual, regardless of its degree of validity, its form, or its accessibility. 75 Following the ISO/IEC 24760-1, digital identity is 'an item inside or outside an information and communication technology system, such as a person, an organization, a device, a subsystem, or a group of such items that has a recognizably distinct existence' . ...
Article
Full-text available
Digital identity is a basic component of the knowledge economy and society. It is the key for accessing the digital world and for carrying out commercial, economic, or any kind of transactions and communications. Far from being a merely digital version of the physical identity, digital identity is a singular and complex construct which poses three main dilemmas that provide the framework for its analysis. The first arises from the context in which it is located, the digital ecosystem, that changes its scope and nature. The second, conceptual, is a consequence of the lack of agreement about its definition but also of the different legal framework derived from it. A third dilemma, functional, is due to the fact that digital identity can fulfil different, even contradictory, functionalities. An analysis of these dilemmas can contribute to a better understanding of this category leading to a proposal for its definition and legal framework.
... Organizations face an escalating and diversifying landscape of cybersecurity threats, continually growing in sophistication [7,9,19,35]. Various types of cybersecurity attacks, employing techniques such as phishing, malware, web attacks, and the exploitation of IT system vulnerabilities, are identified in the literature. ...
... Individually identifiable information included in personal data such as name, address, identification number, financial information, and so on (Andrew & Baker, 2021;Carvalho et al., 2020;Finck & Pallas, 2020;Huang et al., 2021). The security of personal data is vital to ensure that individual privacy is protected and to prevent potential financial losses or even identity misuse (Burnes et al., 2020;Kröger et al., 2021;Piquero et al., 2021;Sule et al., 2021;Umar et al., 2023). ...
Article
Full-text available
In the digital era, the protection of personal data is crucial due to the growing privacy of individuals and the potential for security risks, including cyber threats. This research aims to provide a deeper understanding of the Indonesian legal regulations in safeguarding personal data and how this can affect public trust in financial institutions, especially banks, in maintaining the security of their customers' data from data leaks. The author uses a normative juridical research method by taking an approach that is carried out based on the main legal materials by examining the laws and regulations related to this research. The focus of this research is legal protection for bank customers in protecting personal data leakage in the era of rapid technology. The research contribution lies in exploring and analyzing the effectiveness of Indonesian law regulations in protecting the personal data, and how these measures influence public confidence in the banking sector.
... As it was shown in [17,18], the analysis of digital footprints (hereinafter referred to as DF) of users (in particular, university teachers and students) is directly relevant to information security issues. This is due to the following factors: the analysis of DF allows to identify potential vulnerabilities in systems and behavioral patterns of users (patterns); analysis of DF helps to monitor and control the activity of users, which is important for detecting abnormal behavior or unauthorized access; the study of DF allows in some cases to improve the strategies of CS, taking into account the habits of users and the peculiarities of their interaction with information systems, etc. ...
Article
Full-text available
The analysis of digital footprints (DF) related to the cybersecurity (cyber risk) user behavior of university information and education systems (UIES) involves the study and evaluation of various aspects of activity in the systems. In particular, such analysis includes the study of typical patterns (patterns) of access to UIES, password usage, network activity, compliance with security policies, identification of anomalous behavior, and more. It is shown that user behavior in UIES is represented by sequences of actions and can be analyzed using the sequential analysis method. Such analysis will allow information security (IS) systems of UIES to efficiently process categorical data associated with sequential patterns of user actions. It is shown that analyzing sequential patterns of cyberthreatening user behavior will allow UIES IS systems to identify more complex threats that may be hidden in chains of actions, not just individual events. This will allow for more effective identification of potential threats and prevention of security incidents in the UIES.
... Cybersecurity, which is the protection of computer networks and systems from attacks, is a relatively emerging topic in today's technological society (Sule et al., 2021). Organizations have become victims of complex cyber threats, indicating a prevalence of traditional security solutions, The user is now in need of new approaches to security not because of extravagant desire, but due to necessity (Tounsi & Rais, 2018). ...
Article
Full-text available
Blockchain technology features of decentralization, immutability, transparency, and cryptographic security, makes it promising in addressing cybersecurity issues and bringing about immense improvements in the field. The methodology entails a qualitative analysis of the published literature comprising of academic journals, industry reports, and cases to consider the aspects of blockchain that enhance cybersecurity, the use of blockchain in cybersecurity domains, emerging challenges, and solutions. Redundancy is reduced by avoiding single points of failure, data is less likely to be corrupted or manipulated, and transactions are more transparent when the protection of blockchains strengthens the architecture of digital systems. It is used in areas such as identity and access management, data privacy, financial transactions, Internet of Things (IoT) security, and other relevant areas that have shown great enhancement in the protection of sensitive information and counter tackling of cyber threats. Nonetheless, there are a few challenges that are still emerging when integrating blockchain with cybersecurity: scalability issues, regulatory and legal frameworks, technical challenges of integration, and high energy consumption. Possible solutions include technological advancements such as sharding and new consensus algorithms like Proof of Stake, as well as synergistic strategies for unifying blockchain with artificial intelligence and machine learning. Policy development and the formulation of best practices and principles can contribute to the achievement of safe and responsible blockchain implementation. This paper examines the ramifications of incorporating blockchain in cybersecurity, ways that can derive utility from its attributes, and ongoing approaches of handling its problems suggesting that more work is still needed in this dynamic area.
... Voice over Internet Protocol (VoIP) technology has also emerged, allowing voice communication to be transmitted over the Internet, reducing costs and enabling seamless integration with other communication channels (Chakraborty et al., 2019). However, the proliferation of digital technologies and the ease of information access have also raised concerns about cybersecurity, privacy and data protection (Sule et al., 2021). As more sensitive information is shared and stored digitally, robust security measures and data governance practices are crucial to mitigate risks and ensure the responsible use of these technologies. ...
Article
Full-text available
The rapid advancement of Information Technology (IT) and telecommunications has transformed various aspects of modern society, including academic libraries. This research explores the nexus between IT, telecommunications and academic libraries and how their integration can foster an inclusive and equitable research environment within universities. It examines the historical development of IT and telecommunications, the evolving role of academic libraries in the digital era, and the challenges and opportunities posed by digital transformation. The study highlights the integration of IT and telecommunications in academic library services, such as digital collections, virtual reference and collaborative platforms, enabling remote access, interdisciplinary research and knowledge sharing. Strategies for enhancing research inclusion, such as investing in technological infrastructure, promoting open access initiatives and providing digital literacy training are discussed. Successful implementation examples from Nigerian academic libraries are presented, demonstrating the practical application of these technologies. Additionally, the research examines emerging trends and technologies and proposes strategies for academic libraries to adapt and remain relevant in the evolving landscape. The conclusion emphasizes the importance of collaboration among policymakers, researchers and library professionals to leverage the transformative potential of IT and telecommunications for research inclusion and societal progress. ÖZ Bilgi Teknolojisi (BT) ve telekomünikasyondaki hızlı ilerleme, akademik kütüphaneler de dahil olmak üzere modern toplumun çeşitli yönlerini dönüştürdü. Bu araştırmada BT, telekomünikasyon ve akademik kütüphaneler arasındaki bağı ve bunların entegrasyonunun üniversitelerde kapsayıcı ve eşitlikçi bir araştırma ortamını nasıl teşvik edebileceği araştırılmıştır. BT ve telekomünikasyonun tarihsel gelişimi, dijital çağda akademik kütüphanelerin değişen rolü ve dijital dönüşümün getirdiği zorluklar ve fırsatlar litertaür bağlamında incelenmiştir. Çalışma, dijital koleksiyonlar, sanal referans ve işbirlikçi platformlar gibi akademik kütüphane hizmetlerinde BT ve telekomünikasyonun uzaktan erişim, disiplinler arası araştırma ve bilgi paylaşımına olanak sağlayan entegrasyonunu vurgulamaktadır. Teknolojik altyapıya yatırım yapmak, açık erişim girişimlerini teşvik etmek ve dijital okuryazarlık eğitimi sağlamak gibi araştırmaya katılımı artırmaya yönelik stratejiler tartışılmaktadır. Nijerya akademik kütüphanelerinden başarılı uygulama örnekleri sunularak bu teknolojilerin pratik uygulamaları gösterilmiştir. Ayrıca araştırmada, ortaya çıkan trendler ve teknolojiler incelenmiş ve akademik kütüphanelerin gelişen ortama uyum sağlamaları ve bu ortama uygun kalmaları için stratejiler önerilmiştir. Sonuçta, araştırma katılımı ve toplumsal ilerleme için BT ve telekomünikasyonun dönüştürücü potansiyelinden yararlanmak amacıyla politika yapıcılar, araştırmacılar ve kütüphane uzmanları arasındaki iş birliğinin önemi vurgulanmıştır.
... Firstly, our results affirm how internet activities impact the fear associated with cybercrime. The interconnectivity stemming from companies' internet activities exposes them to cybersecurity incidents arising from vulnerabilities in information technology usage, presenting security challenges (Arroyabe et al., 2024;Fernández de Arroyabe et al., 2023a,b;Benz and Chatterjee, 2020;Sule et al., 2021;Lezzi et al., 2018). Classic cyber threats such as spyware, malware, denial-of-service (DoS), ransomware, Fig. 2. Mean values of Experience and Impact by Cluster. ...
... Real-time safeguards against risks (Article 5, 9, 62, 65). Data security and protection [74,75] Data analytics [70,25,71], image recognition and generation [58] Potential for data leakage [76,77], visual deception, forensic unreliability [58] Robust protection against data breaches (Article 15, 70). Ensuring AI data quality and integrity (Article 10. ...
... The financial system has also been a frequent target of attacks for various reasons, such as the potential financial gains from a successful attack; obtaining resources to finance terrorist actions; or causing the collapse of national and global financial markets [57]. Data protection has sought to use reliable and user-friendly digital identification systems to provide protection mechanisms that are secure and robust enough to guarantee the resilience of various organizations, including banks [58]. Financial institutions are increasingly dependent on digital technologies and are exposed to cyber-attacks, technical failures, human error and natural disasters, so cyber resilience is becoming an urgent necessity [59]. ...
Article
Full-text available
Cyber resilience is a topic of extreme relevance to organizations in the most diverse segments of activity, where the concept of resilience presents nuance in its different dimensions, in addition to the need to recognize and distinguish the different stages that characterize the state of cyber resilience. Thus, the aim of this article is to understand the various concepts of cyber resilience in its different contexts and dimensions. To this end, bibliographic research was carried out through the process of indirect documentation in articles, books, and publications on the subject. The main stages of resilience were mapped, and an analysis was produced of how these stages have evolved over the years. Finally, an updated proposal for standing for the stages of cyber resilience was presented, based on the consolidation of proposals from the entire framework studied in this work. This review emphasizes the importance of cyber resilience and understanding the stages that characterize cyber resilience, highlighting the need for its further integration into the organizations in the most diverse segments of activity management.
... For example, strong passwords are essential for protecting accounts and sensitive information, making it much more difficult for attackers to gain access. Passwords should be at least eight characters long and include a mix of letters, numbers, and symbols [2]. Additionally, passphrases, a sequence of words, are often considered even more secure than traditional passwords. ...
Article
The metaverse, often referred to as the next stage of the Internet, is a virtual space that utilizes advanced technologies, such as augmented reality, virtual reality, and mixed reality, to enable real-time engagement and experiences beyond what can be achieved in reality. Cybersecurity behavior in the metaverse refers to the actions taken by individuals and organizations to protect themselves and their information from various cyber threats in virtual reality environments by implementing various cybersecurity measures. Research on cybersecurity behavior in the metaverse is still limited. This study offers an overview of cybersecurity behavior in the metaverse and identifies a range of potential opportunities. It also discusses the current and prospective challenges and suggests large-scale research agendas that can be examined in future research. The research agendas encompass extensive subject areas, such as security of the metaverse, influential factors, human behavior in the metaverse, virtual identity and access management, privacy, legal, and ethical issues, and cybersecurity education and awareness. This study offers a crucial and timely insight into cybersecurity practices in the metaverse, considering the advancement of metaverse technology.
... Understanding cybersecurity entails acknowledging that all individuals utilizing electronic or online platforms within cyberspace are susceptible to cyber-criminal attacks [8]. One of the most challenging aspects of dealing with this problem is to find a balance between security and individual behavior liberty [9]. ...
... The search result can be accessed at the URL found in the reference section of Figure 1. Figure 1 demonstrates that the terms "information security" and "computer security" were the most used terms of 2004 and 2010. In 2016, while the use of "cyber security" increased, the use of "information Understanding cyber security begins with the basic assumption that anyone can be a target for attacks by cybercriminals in cyberspace (Sule et al., 2021). While there are also targeted attacks, most attacks are un-targeted. ...
Article
Full-text available
The aim of this study is to discover the research trends in the field of cyber security with performance analysis and to reveal the intellectual structure of the field of cyber security with scientific mapping. For this purpose, articles published in the field of cyber security between 1998-2021 in the WoS database were examined. The research was carried out in accordance with the bibliometric analysis guide. In the data collection phase, 1,631 articles were included in the study by taking into account the criteria determined among 15,781 studies using the PRISMA procedure. R program was used in bibliometric analysis. According to the findings of the study, there has been a significant increase in article productivity in the field of cyber security after 2020. Although IEEE Access is the journal with the highest number of publications in the field, IEEE Transactions on Smart Grid ranks first according to h-index and g-index values. Considering the topics studied according to the years, it is seen that in the first years, issues related to the law such as cybercrime and cyber terrorism were examined, and recently, in addition to these, current technological issues have been included. It is observed that the most effective publication is 'The Internet of Things for Health Care: a Comprehensive Survey' by Islam et al. which examines the security of the Internet of Things in health care, which is also a current issue.
... One central aspect of digitalisation of public services is related to the protection of personal information when accessing digital services. Thus, the development of electronic identification (e-ID) technology is central in digitalisation projects, as it is a prerequisite for secure authentication to digital services [29][30][31]. In Nordic countries, the advanced digital identification infrastructure is regarded as one of the main contributors to their success in being the most advanced digital economies in Europe [7,32]. ...
Article
Full-text available
As digital technologies continue to transform health care and health systems, they will continue to have a lasting impact on health services. Many health and social care services have rapidly become ‘digital by default’. The electronic identification (e-ID) technology is needed for secure authentication to digital services. Recent studies have shown that the ‘digital divide’ is prominent between ethnic minorities and the majority populations and between older and younger adults. Inequalities related to not having an e-ID, which is in many countries required to access digital health services, remain under-researched. Moreover, there is a lack of knowledge of the use of digital services among older migrants. This study analyses general socio-demographic as well as migration specific factors that may be associated with not having an e-ID among older migrants. We used the Care, Health and Ageing of Russian-speaking Minority in Finland (CHARM) study, which is a nationally representative survey of community-dwelling Russian-speaking adults aged ≥ 50 years living in Finland (N = 1082, 57% men, mean age 63.2 years, standard deviation 8.4 years, response rate 36%). Our results showed that 21% of older Russian-speakers did not have an e-ID. Our regression analysis showed that older age and poorer economic situation were associated with a lower probability of having an e-ID. In addition, we found an association between not speaking local languages and not having an e-ID. This may relate to private banks regulating the requirements for obtaining the most common e-ID method, online banking ID. We argue that for individuals who are already in vulnerable positions, current e-ID practices might pose yet another obstacle to obtaining the health services they need and are entitled to.
... As reviewed in [12], different digital identity-based solutions have been proposed with promising results. However, to foster adoption and implementation on a large scale, additional solutions, experimental studies and regulations are needed [8]. ...
Conference Paper
Full-text available
The growing use of online services advocated the emergence of digital identity as a mechanism of data security and personal information protection that can increase the trust among online users and applications. This paper introduces a new security system developed around the digital identity concept, implemented using a federative multifactor strong authentication framework and tested in an authentic online educational setting to accomplish the complete life cycle of business privacy. System performance evaluated on a sample of 108 students revealed an excellent acceptance and confidence among the users.
... With this knowledge, this article helps overcome cyber risks and assaults, developed a pre cautionary idea, and built a pre vision for lessening data theft among workers and monitoring hacker's actions before assaulting enterprises. Study [6] suggested SecNet, a new network architecture centred on safe data, uses AI and blockchain to tackle data misuse and allow AI to reliably handle data in an unsecure environment. Don't exchange data; store, share, and calculate. ...
Article
Full-text available
Businesses are using cyber security technologies more and more to upgrade their operations. These businesses are prone to hazards and cyber security breaches because to the very specialized characteristics of such settings, including their sensitive exchange of cyber security data and the weak design of connected devices. Our main goal is to develop a cyber security system that can take into account all potential forms of assaults while staying within the allocated budget. To achieve this, a financial strategy based on portfolio management is utilized by enabling the selection of a portfolio of security controls that maximizes security level control while minimizing direct expenses. To solve this problem we proposed Fussy Based Neural Genetic Algorithm for authenticity, reliability and confidentiality of cyber security data and it decreases the danger of cyber security data integrity. Using a complex key, the plaintext is first transformed into a complex cipher text. The key is created using logical operators and is randomly chosen from the cyber security data. By applying principles of proposed algorithm, the cipher text acquired in the first step is rendered even more unreadable in the second phase. Feature Extraction of cyber security data is done by Principle Component Analysis (PCA).The data is encrypted by using Data Encryption Standard (DES). The data is decrypted using the proposed Fussy Based Neural Genetic Algorithm with Particle Swarm Optimization (FNGA-PSO).The suggested model's metrics are examined and compared to various traditional algorithms. This model solves the lack of difference in the authenticity of cyber security information, as well as it will give real and effective information to the organizational companies.
Chapter
This chapter explores the impact of civic tech innovation on public service delivery within the framework of digital democracy. It does so by investigating how digital tools and platforms enable citizens to engage in civic participation, contribute to policy-making processes, and hold governments accountable. The research synthesises existing literature, empirical studies, and case examples to analyse civic tech initiatives’ potential benefits and challenges. It highlights the practical effects of digital democracy on transparency, efficiency, and inclusivity in public service delivery while also addressing concerns such as the digital divide and privacy implications. Additionally, the chapter explores the role of governments, civil society organisations, and technology companies in fostering an enabling environment for civic tech innovation. Critically examining the experiences and lessons learned from different countries and contexts, the chapter provides practical insights for policymakers, practitioners, and scholars interested in leveraging digital democracy for effective and responsive public service delivery in the digital age.
Technical Report
Full-text available
Malaysia's National Digital Identity Initiative (NDII) aims to revolutionise digital services and improve citizen engagement. This study investigates the awareness, perception and acceptance of National Digital Identity (NDI) among the Malaysian population. A quantitative research approach was used, employing cross-tabulation analysis, descriptive analysis and Rasch measurement analysis. The results show that targeted education campaigns are needed to ensure widespread understanding and acceptance of NDI. Demographic factors such as gender, age, marital status, ethnicity/race, education level and place of residence were associated with awareness of NDI. Privacy and security concerns emerged as significant barriers to uptake, highlighting the importance of robust security measures and transparent data processing practices. User-friendly design and the inclusion of biometric authentication methods were identified as key factors influencing adoption. Based on these findings, recommendations are made to promote awareness and acceptance of NDI. These include education and awareness campaigns, inclusive design, integration with existing services and targeted outreach based on demographic factors. It also identifies future research areas such as policy and regulatory frameworks, user-centred design, stakeholder engagement, implementation strategies and technological considerations to support the successful implementation of the NDII. This study provides valuable insights for policymakers, researchers and stakeholders involved in the development and deployment of digital identity systems.
Article
Full-text available
As the use of digital services grows, protecting the privacy and integrity of sensitive data, especially in fields like healthcare, finance, and secure surveying, has become a critical concern. Homomorphic encryption (HE) offers a solution by allowing computations to be performed on encrypted data without revealing the original information. This paper examines the principles of homomorphic encryption and its applications in privacy-preserving tasks, focusing on its use in cloud computing, healthcare, and cybersecurity. Various types of HE schemes, including Fully Homomorphic Encryption (FHE), Partially Homomorphic Encryption (PHE), and Somewhat Homomorphic Encryption (SHE), are reviewed to assess their performance, efficiency, and real-world use. The paper also discusses the challenges of implementing HE, such as computational overhead and key management, and suggests directions for future research to improve the scalability and usability of HE in real-time applications. Addressing these challenges will make homomorphic encryption an essential tool for secure, privacy-preserving data processing and sharing in modern digital systems.
Article
Full-text available
This study investigated the integration readiness of four predominant cybersecurity Governance, Risk and Compliance (GRC) frameworks – NIST CSF 2.0, COBIT 2019, ISO 27001:2022, and the latest ISO 42001:2023 – for the opportunities, risks, and regulatory compliance when adopting Large Language Models (LLMs), using qualitative content analysis and expert validation. Our analysis, with both LLMs and human experts in the loop, uncovered potential for LLM integration together with inadequacies in LLM risk oversight of those frameworks. Comparative gap analysis has highlighted that the new ISO 42001:2023, specifically designed for Artificial Intelligence (AI) management systems, provided most comprehensive facilitation for LLM opportunities, whereas COBIT 2019 aligned most closely with the European Union AI Act. Nonetheless, our findings suggested that all evaluated frameworks would benefit from enhancements to more effectively and more comprehensively address the multifaceted risks associated with LLMs, indicating a critical and time-sensitive need for their continuous evolution. We propose integrating human-expert-in-the-loop validation processes as crucial for enhancing cybersecurity frameworks to support secure and compliant LLM integration, and discuss implications for the continuous evolution of cybersecurity GRC frameworks to support the secure integration of LLMs.
Chapter
This chapter delves into the intricate evolution of diplomacy and offers insights into the promising future of digital diplomacy. The article explores the roots of diplomacy, tracing its origins back to the eighteenth century. The chapter explores the practical aspects of diplomatic relations, highlighting various communication methods and the emergence of public diplomacy. The advent of digital diplomacy has revolutionized the landscape, bringing about profound changes in diplomatic practices. These changes are analyzed, encompassing the challenges and opportunities presented by the digital realm. Moreover, it investigates the concept of hybrid diplomacy, which combines physical and virtual engagements to amplify diplomatic efforts. By emphasizing the importance of striking a balance between traditional face-to-face communication and digital tools, the research underscores the need for thoughtful consideration of their respective strengths and limitations.
Article
Full-text available
In recent years, the blocking of internet sites with harmful content or those deemed to be (illegal content) has increased. The policy of blocking dangerous sites has pros and cons regarding freedom of expression. Blocking is considered to be carried out to control citizens' expression, which can impact all areas, especially freedom of opinion, which can be seen as a threat to certain parties. This research aims to compare criminalization policies for blocking dangerous content in electronic communications networks in the Netherlands, the United States, and Singapore and provide thoughts on law enforcement models for blocking dangerous content in more democratic electronic communication networks. This is normative legal research using a law and case approach and comparing several countries. The conceptual approach is directed at the concept of a democratic state and the protection of human rights to formulate relevant policy models. The results of blocking studies in the Netherlands, The USA, and Singapore already have regulations and policy directions for blocking dangerous content, or at least rules regarding law enforcement for cybercrime. The difference is in the level of sensitivity to the specifications of existing problems. The policy model for blocking dangerous content with special regulations outside the Criminal Code must be carried out in a non-repressive manner so that it does not violate the ultimum remedium principle and becomes over-criminalized. The formulation of policy model of all crime prevention plans using the criminal law system, which pays attention to the problem of formulating criminal acts (criminalization), criminal responsibility, and criminal regulations and punishment.
Chapter
This chapter focuses on the pandemic-inspired leading sustainable development of the concept of viable and effective e-government. With all its negative externalities and lost lives, the coronavirus pandemic provided a strong boost for the development for the online services and tools that constitute the basis of the strong and effective e-government. This chapter discusses the impact the COVID-19 crisis may have on the future of science, technology, and the innovation policy. We argue that COVID-19 crisis and its impacts on socioeconomic activities would inevitably lead to the long-lasting changes in science, technology, and the approach to digitalization and introducing artificial intelligence. Furthermore, this chapter also contributes to broader debates about open-source solution adoption, since open-source software could have an important role to play in public sectors and the development of digital public services. Furthermore, this chapter also evaluates the role played by electronic government services in shaping interactions between citizens and the public administration. Our results might be of a special interest for the policymakers and relevant stakeholders focused on digitalization of administration and creation of the efficient e-government.Keywordse-GovernmentSustainable developmentLeadershipCOVID-19JEL ClassificationG18H12Q01
Chapter
The United Nations (UN) and World Bank ID4D initiatives aim to provide everyone on the planet with a legal identity by 2030. They are centered around emerging technologies such as blockchain, artificial intelligence, biometrics, and cryptography, and how they can benefit the underprivileged. However, all stakeholders that can influence the creation of a global digital identity ecosystem will have to collaborate closely in order to be successful. Governments, not-for-profit institutions, lawmakers, policymakers, private sector, and academia should all play a vital role. While the fintech industry has been a leader in driving adoption of digital identity, the healthcare and life sciences industries are widely regarded as equally important, as they have a crucial impact on the global economy and global public health. For long term sustainability, meaningful impact and optimal value creation, we must focus on building global health ecosystems where traditional industry boundaries will become irrelevant, and we transition towards a human-centric personalized medicine model.
Article
Full-text available
Communication is the foundation for social interaction and therefore society itself is based on communication. This means that every huge change that humanity has experienced derives from a technological discovery related to communication. As a way of studying the impact of technology in society and its power to influence human and natural environments, we propose to analyze how communication technologies have helped transform society as a whole. “Communications are the basic elements of social systems”: Starting from this Luhmanian proposal and the theoretical approach of Social System's Theory, this paper offers an analysis based on the impact that communication technology has had on social development over time. Language and writing, as the first communication techniques, have been followed by a series of technologies, such as printing, telephone, radio, television, internet and cell phones, which are nowadays smarter than ever [37]. These new technologies have increased the amount of communications, making world society more complex than ever and accelerating social changes. This last observation introduces the possibility of proposing the arrival of a new era.
Article
Full-text available
With the development of Internet technology and human computing, the computing environment has changed dramatically over the last three decades. Cloud computing emerges as a paradigm of Internet computing in which dynamical, scalable and often virtualized resources are provided as services. With virtualization technology, cloud computing offers diverse services (such as virtual computing, virtual storage, virtual bandwidth, etc.) for the public by means of multi-tenancy mode. Although users are enjoying the capabilities of super-computing and mass storage supplied by cloud computing, cloud security still remains as a hot spot problem, which is in essence the trust management between data owners and storage service providers. In this paper, we propose a data coloring method based on cloud watermarking to recognize and ensure mutual reputations. The experimental results show that the robustness of reverse cloud generator can guarantee users’ embedded social reputation identifications. Hence, our work provides a reference solution to the critical problem of cloud security. KeywordsCloud computing–cloud security–trust management–cloud watermarking–data coloring
Article
The current study was based on data from a nationwide Annual Social Survey to investigate the correlation between types of Internet usage (seeking information, e-government use, e-mail, social media and peer-to-peer Internet telephony) and trust in political institutions in Israel's Jewish majority and Arab minority. Trust in government, parliament, and political parties was found to be significantly higher among Jews than Arabs. Our findings show that first level digital divide reflected in Internet use vs non-use does not correlate with political trust. Among Internet users we found different patterns of association between digital uses and trust in political institutions, which may presumably be explained by different group status. E-government use and social media use were positively correlated with political trust only among Jews. Seeking information and e-mail use were negatively associated with trust in political institutions only among Arabs. Peer-to-peer Internet telephony was negatively correlated with trust in government among both groups. Our important finding is that in spite of the processes of digitization, the effects of digital use on political trust are still relatively marginal. In both groups, the primary predictor of political trust is attitudes toward the functioning of different public institutions.
Article
Trust and security have prevented businesses from fully accepting cloud platforms. To protect clouds, providers must first secure virtualized data center resources, uphold user privacy, and preserve data integrity. The authors suggest using a trust-overlay network over multiple data centers to implement a reputation system for establishing trust between service providers and data owners. Data coloring and software watermarking techniques protect shared data objects and massively distributed software modules. These techniques safeguard multi-way authentications, enable single sign-on in the cloud, and tighten access control for sensitive data in both public and private clouds.