No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
An Exploratory Research Analysis of Four Cyber Security Trends in Mobile Technology Using the ISO 270K Framework
Abstract
This chapter conducts an exploratory analysis of four major cyber security trends within mobile technology, utilizing the ISO 27001 framework as a guiding principle. First, this research investigates mobile devices' growing prevalence and associated security implications, highlighting the necessity of implementing robust security protocols. The text scrutinizes the developing hazard environment and underscores the increasing complexity of cyber assaults aimed at mobile devices. Second, the study highlights the significance of user education and awareness in augmenting mobile security, acknowledging the role of human factors as significant contributors to security breaches. Finally, the research investigates the dynamic nature of regulatory frameworks and the imperative for enterprises to synchronize their security protocols with the stipulated compliance standards.
ResearchGate has not been able to resolve any citations for this publication.
Several critical infrastructures are integrating information technology into their operations, and as a result, the cyber attack surface extends over a broad range of these infrastructures. Cyber attacks have been a serious problem for industries since the early 2000s, causing significant interruptions to their ability to produce goods or offer services to their clients. The thriving cybercrime economy encompasses money laundering, black markets, and attacks on cyber-physical systems that result in service disruptions. Furthermore, extensive data breaches have compromised the personally identifiable information of millions of people. This paper aims to summarize some of the major cyber attacks that have occurred in the past 20 years against critical infrastructures. These data are gathered in order to analyze the types of cyber attacks, their consequences, vulnerabilities, as well as the victims and attackers. Cybersecurity standards and tools are tabulated in this paper in order to address this issue. This paper also provides an estimate of the number of major cyber attacks that will occur on critical infrastructure in the future. This estimate predicts a significant increase in such incidents worldwide over the next five years. Based on the study’s findings, it is estimated that over the next 5 years, 1100 major cyber attacks will occur on critical infrastructures worldwide, each causing more than USD 1 million in damages.
Cybersecurity, as a security management requirement, is essential to understanding data security in higher institutions. This study aims to explore the role of cybersecurity in the performance of Malaysian higher education institutions through semi-structured qualitative interviews with 10 cybersecurity risk management officers from 10 public universities. The data were analysed using thematic analysis to identify the themes and sub-themes that revealed the strengths and deficiencies of the current cybersecurity frameworks. Results showed that cybersecurity implementation is considered a successful innovation in Malaysian universities and has contributed to protecting the data of students and staff, which in turn allowed the universities to improve their reputation. This study contributed significantly to the understanding of the performance and applicability of cybersecurity in universities. It showed the efficient use of resources, identification and detection of risk exposures, and improved cybersecurity communication between the technical team and top management are essential for a good decision-making process.
Innovative projects are considered risky and challenging, and specific managerial traits (such as managerial overconfidence) are needed to gain momentum. Moreover, corporate innovations are also crucial for sustainable development through the creation of more efficient, ecofriendly, and socially responsible products, processes, and business models. Therefore, the present study adds to the existing literature by examining (a) how managerial overconfidence influences firm-level innovation, (b) whether the strength of the relationship between managerial overconfidence and corporate innovation is a moderator of institutional effectiveness, and (c) whether these relationships are evident, particularly in developing contexts. We employed firm-level data from the World Bank Enterprise Survey to test such contentions and developed unique proxies for managerial overconfidence and corporate innovation. The timeframe of the study ranged from 2014 to 2017. This study is unique, as we have used a large dataset and various novel proxy measures to quantify managerial overconfidence and corporate innovation. Utilizing probit and ordered probit regression with year-fixed effect models, our robust results reveal that a firm’s innovativeness is significantly associated with managerial overconfidence. As the mother of all psychological biases, overconfidence is the most ubiquitous, with many features influencing human judgment. The findings imply that hiring managers with confident personalities or encouraging existing managers to become bold in their decision-making may increase firm-level innovation in developing countries. Moreover, the strength of the relationship between managerial overconfidence and corporate innovation is moderated by institutional effectiveness. These findings suggest that institutions play a crucial role in escalating managerial confidence and innovation by connecting and understanding the flow of knowledge, risk taking, and investing activities. Corporations can be critical in addressing global challenges and promoting sustainable development by incorporating sustainable principles into their innovation strategies.
In order to handle their regulatory and legal responsibilities and to retain trustworthy strategic partnerships, enterprises need to be dedicated to guaranteeing the privacy, accessibility, and authenticity of the data at their disposal. Companies can become more resilient in the face of information security threats and cyberattacks by effectively integrating security strategies. The goal of this article is to describe a plan that a corporation has implemented in the information technology industry in order to ensure compliance with International Organization for Standardization (ISO) 27001. This research demonstrates an examination of the reasons that force enterprises to make a investment in ISO 27001 in addition to the incentives that might be acquired from having undergone this process. In addition, the research examines the reasons that push firms to make an investment in ISO 27001. More particularly, the research investigates an international IT consulting services institution that is responsible for the implementation of large-scale business assistance insertion and projects. It demonstrates the risk management framework and the administrative structure of the appropriate situations so that its procedures are adequate and also in line with the guidelines founded by ISO 27001. In conclusion, it discusses the problems and difficulties that were experienced.
Global warming has increased uncertainty regarding managing traditional water supply systems. Unfortunately, there is a need for the smart management of water supply systems. This work aims to design a solution for renewing and securing critical infrastructure that supplies water and provides water purification inside the range of applications of Industry 4.0 for Smart Cities. Therefore, we analyze the renewal requirements and the applicable use cases and propose a solution based on IoT networks for critical infrastructure in the urban environment. We describe the architecture of the IoT network and the specific hardware for securing a water supply and wastewater treatment chain. In addition, the water level control process for the supply chain and the system that ensures the optimal level of chemicals for wastewater treatment are detailed. Finally, we present the guidelines for infrastructure operators to carry out this operation within Industry 4.0, constituting a development framework for future research on the design of Smart Cities.
This paper deals with problems of the development and security of distributed information systems. It explores the challenges of risk modeling in such systems and suggests a risk-modeling approach that is responsive to the requirements of complex, distributed, and large-scale systems. This article provides aggregate information on various risk assessment methodologies; such as quantitative, qualitative, and hybrid methods; a comparison of their advantages and disadvantages; as well as an analysis of the possibility of application in distributed information systems. It also presents research on a comprehensive, dynamic, and multilevel approach to cyber risk assessment and modeling in distributed information systems based on security metrics and techniques for their calculation, which provides sufficient accuracy and reliability of risk assessment and demonstrates an ability to solve problems of intelligent classification and risk assessment modeling for large arrays of distributed data. The paper considers the main issues and recommendations for using risk assessment techniques based on the suggested approach.
The Internet revolution in 1990, followed by the data-driven and information revolution, has transformed the world as we know it. Nowadays, what seam to be 10 to 20 years ago, a science fiction idea (i.e., machines dominating the world) is seen as possible. This revolution also brought a need for new regulatory practices where user trust and artificial Intelligence (AI) discourse has a central role. This work aims to clarify some misconceptions about user trust in AI discourse and fight the tendency to design vulnerable interactions that lead to further breaches of trust, both real and perceived. Findings illustrate the lack of clarity in understanding user trust and its effects on computer science, especially in measuring user trust characteristics. It argues for clarifying those notions to avoid possible trust gaps and misinterpretations in AI adoption and appropriation.
Industry 5.0 is projected to be an exemplary improvement in digital transformation allowing for mass customization and production efficiencies using emerging technologies such as universal machines, autonomous and self-driving robots, self-healing networks, cloud data analytics, etc., to supersede the limitations of Industry 4.0. To successfully pave the way for acceptance of these technologies, we must be bound and adhere to ethical and regulatory standards. Presently, with ethical standards still under development, and each region following a different set of standards and policies, the complexity of being compliant increases. Having vague and inconsistent ethical guidelines leaves potential gray areas leading to privacy, ethical, and data breaches that must be resolved. This paper examines the ethical dimensions and dilemmas associated with emerging technologies and provides potential methods to mitigate their legal/regulatory issues.
Incorporating technologies across all sectors has meant that cybersecurity risk assessment is now a critical step in cybersecurity risk management. However, risk assessment can be a complicated process for organizations. Therefore, many authors have attempted to automate this step using qualitative and quantitative tools. The problems with the tools and the risk assessment stage in general are (1) not considering all the sub-steps of risk assessment and (2) not identifying the variables necessary for an accurate risk calculation. To address these issues, this article presents a systematic mapping review (SMR) of tools that automate the cybersecurity risk assessment stage based on studies published in the last decade. As a result, we identify and describe 35 tools from 40 primary studies. Most of the primary studies were published between 2012 and 2020, indicating an upward trend of cyber risk assessment tool publication in recent years. The main objectives of this paper are to: (I) identify the differences (reference models and applications) and coverage of the main qualitative and quantitative models, (II) identify relevant risk assessment variables, (III) propose a risk assessment model (qualitative and quantitative) that considers the main variables and sub-stages of risk assessment stage, and (IV) obtain an assessment of the proposed model by experts in the field of cybersecurity. The proposal was sent to a group of 28 cybersecurity experts who approved the proposed variables and their relevance in the cybersecurity risk assessment stage, identifying a majority use of qualitative tools but a preference of experts for quantitative tools.
ISO 27001 and Information Security Management.
- S.Aliyev
Securing Mobile Devices Against Malware: An Analysis of Existing Approaches
- Z Khan
- R Nawaz
- N Ahmad
- I Ahmad
Number of ransomware attacks per year 2017-2022
- A Petrosyan
The Global Cost of Cybercrime: $6 Trillion
- J.Boskamp
Cyber threats on mobile devices: An analysis of current trends and future directions.
- Kaurh
- B Guptab
- H.Kaur
An investigation into security threats and mitigation measures for smartphone applications: A survey.
- Alawairdhih Sahandir
- Taylors
- H.Alawairdhi
Business Cost of Cybercrime
- J Fox
Mobile Device Security: An Overview of Threats and Solutions
- F Kamoun
Risk Impacts of SaaS Cloud Computing: Certified Public Accountant.
- J.Lanz
The Global Cost of Cybercrime
- Morgans
- S.Morgan
Emerging mobile threats and countermeasures.
- Satpathym
- M Khilarp
- M.Satpathy
Mobile device threats and mitigation: A systematic review.
- Smithb
- Ganq
- B.Smith
Cyber security trends: A review and future research Directions.
- X.Wen
Analysis of security threats and its prevention on Android and iOS platforms.
- Bhartip
- Kumara
- P.Bharti
Cybercrime to Cost the World $10.5 Trillion Annually by 2025
- S Morgan
Assessing the Critical Success Factors of the ISO/IEC 27001 Implementation.
- Kitsiosf
- Chatzidimitriouk
- Kamariotoum
- F.Kitsios
Distribution of malware detections Q1 2020
- A Petrosyan
Mobile device security: A survey of threats and state-of-the-art countermeasures.
- Wressneggerc
- Rathgebc
- C.Wressnegger