A Survey of Cyber Security Practices in Small Businesses

The Good, The Bad and The Missing: A Narrative Review of Cyber-security Implications for Australian Small Businesses

Computers & Security ◽

10.1016/j.cose.2021.102385 ◽

2021 ◽

pp. 102385

Author(s):

Tracy Tam ◽

Asha Rao ◽

Joanne Hall

Keyword(s):

Cyber Security ◽

Small Businesses ◽

Narrative Review

Download Full-text

Cloud Computing and Cybersecurity Issues Facing Local Enterprises

Cyber Law, Privacy, and Security ◽

10.4018/978-1-5225-8897-9.ch087 ◽

2019 ◽

pp. 1777-1799

Author(s):

Emre Erturk

Keyword(s):

Cloud Computing ◽

Cyber Security ◽

Cloud Security ◽

Security Issues ◽

Contemporary Research ◽

Security Practices ◽

It Resources ◽

Security Incidents

This chapter sets out to explore new trends in cyber and cloud security, and their implications for businesses. First, the terminology and assumptions related to cloud computing are stated. Next, the chapter reports on contemporary research around the awareness of security issues, and the security processes within the cloud computing realm. Cyber security poses a different challenge to local small and medium sized organizations, which may seem to have less at stake financially. However, they are more vulnerable, due to fewer resources dedicated toward prevention. A series of serious security incidents may even keep them out of business. Furthermore, security needs to be understood and handled differently in a cloud based environment. Therefore, the chapter identifies unique security practices and recommendations for these businesses to run their IT resources safely in the cloud.

Download Full-text

An Exploratory Study of the Effects of Knowledge Sharing Methods on Cyber Security Practice

Australasian Journal of Information Systems ◽

10.3127/ajis.v25i0.2177 ◽

2021 ◽

Vol 25 ◽

Author(s):

Hiep Cong Pham ◽

Irfan Ulhaq ◽

Minh Nguyen ◽

Mathews Nkhoma

Keyword(s):

Social Media ◽

Knowledge Sharing ◽

Cyber Security ◽

Self Efficacy ◽

Global Economy ◽

Security Measures ◽

Security Practices ◽

Security Infrastructure ◽

Group Interviews ◽

Security Advice

In a networked global economy, cyber security threats have accelerated at an enormous rate. The security infrastructure at organisational and national levels are often ineffective against these threats. As a result, academics have focused their research on information security risks and technical perspectives to enhance human-related security measures. To further extend this trend of research, this study examines the effects of three knowledge sharing methods on user security practices: security training, social media communication, and local security experts (non-IT staff). The study adopts a phenomenological method employing in-depth focus group interviews with 30 participants from eight organisations located in Ho Chi Minh city, Vietnam. The study expands on understanding factors contributing to self-efficacy and security practice through various knowledge sharing channels. Current methods of periodical training and broadcast emails were found to be less effective in encouraging participants to develop security self-efficacy and were often ignored. Security knowledge sharing through social media and local experts were identified as supplementary methods in maintaining employees’ security awareness. In particular, social media is suggested as a preferred channel for disseminating urgent security alerts and seeking peer advice. Local security experts are praised for providing timely and contextualised security advice where member trust is needed. This study suggests that provisions of contemporary channels for security information and knowledge sharing between organisations and employees can gain regular attention from employees, hence leading to more effective security practices.

Download Full-text

Scalable Cyber Interventions Accelerating Productivity Practice for SMEs' programme (Cyber Well) explores whether the use of an online game can enhance the productivity of Dorset SMEs through encouraging the adoption of better data management and cyber security practices.

AEA Randomized Controlled Trials ◽

10.1257/rct.6595-1.1 ◽

2020 ◽

Author(s):

Matthew Robson

Keyword(s):

Data Management ◽

Cyber Security ◽

Online Game ◽

Security Practices

Download Full-text

Cloud Computing and Cybersecurity Issues Facing Local Enterprises

Cybersecurity Breaches and Issues Surrounding Online Threat Protection - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-1941-6.ch010 ◽

2017 ◽

pp. 219-247

Author(s):

Emre Erturk

Keyword(s):

Cloud Computing ◽

Cyber Security ◽

Cloud Security ◽

Security Issues ◽

Contemporary Research ◽

Security Practices ◽

It Resources ◽

Security Incidents

This chapter sets out to explore new trends in cyber and cloud security, and their implications for businesses. First, the terminology and assumptions related to cloud computing are stated. Next, the chapter reports on contemporary research around the awareness of security issues, and the security processes within the cloud computing realm. Cyber security poses a different challenge to local small and medium sized organizations, which may seem to have less at stake financially. However, they are more vulnerable, due to fewer resources dedicated toward prevention. A series of serious security incidents may even keep them out of business. Furthermore, security needs to be understood and handled differently in a cloud based environment. Therefore, the chapter identifies unique security practices and recommendations for these businesses to run their IT resources safely in the cloud.

Download Full-text

China and the Technology Gap

10.1093/oso/9780190618094.003.0006 ◽

2018 ◽

Author(s):

Brandon Valeriano

Keyword(s):

Cyber Security ◽

International System ◽

Great Power ◽

Actual Behavior ◽

Technology Gap ◽

Security Practices ◽

Cyber Espionage

The discourse on Chinese cyber security practices often fails to match the reality of actual behavior. This chapter examines how Beijing uses the digital domain in rival interactions. First, it unpacks the literature on how China uses cyber capabilities to shape the international system and enable its rise as a great power, highlighting how threat inflation crowds out empirical perspectives that demonstrate stability and predictability. Second, it situates Beijing’s approach to the digital domain in Chinese strategic theory, illustrating China’s early focus on innovation and preemption and its evolution toward using digital power to control the domestic population and seek information advantages. Third, it uses these insights to analyze empirically all publicly attributed Chinese cyber incidents. This portrait highlights the unique leverage, and limitations, of cyber espionage as a form of coercive bargaining between rival states.

Download Full-text

Comparison between Saudi Arabia and USA: Prevention and Dealing with Cyber Security

10.54216/jisiot.050203 ◽

2021 ◽

pp. 77-87

Author(s):

Sonia Ibrahim ◽

◽

...

Keyword(s):

Saudi Arabia ◽

Deep Learning ◽

Cyber Security ◽

Denial Of Service ◽

Cyber Attacks ◽

Sensitive Data ◽

External Threats ◽

The Us ◽

Security Practices ◽

Training And Support

Cyber security practices mainly involve the prevention of external threats to software, hardware, server data, and other assets which are connected to the internet. Organizations follow a lot of cyber security practices to protect their systems and databases from malicious cyber actors. Cybercriminals use different techniques like spear-phishing, phishing, password attack, denial of service, ransomware, etc. to cause harm to people, organizations, and governments and steal important information from them. We analyzed the use of deep learning algorithms to deal with cyber-attacks. Deep neural networks or deep learning consist of machine learning procedures to support the network to fix complex issues and learn from unmanaged data. In addition, we also analyzed some of the cyber security laws and practices implemented in the US and Saudi Arabia to work collaboratively against cyber threats. It is observed that both countries are doing well against cyberthreats, but they need to work even more to provide training and support to professionals in the public sector who handle sensitive data about cyber security.

Download Full-text

Synchrophasor Technology for Cyber Security in Smart Grid

International Journal of Students Research in Technology & Management ◽

10.18510/ijsrtm.2015.378 ◽

2015 ◽

Vol 3 (7) ◽

pp. 436 ◽

Cited By ~ 1

Author(s):

P Thangarathinam ◽

N Suganya ◽

T Praddeep ◽

S Vignesh

Keyword(s):

Smart Grid ◽

Cyber Security ◽

Synchronous Generator ◽

The Internet ◽

Security Level ◽

Circuit Breakers ◽

Electrical Grid ◽

Root Cause ◽

Security Practices ◽

Opening And Closing

Smart grid is controlled by an authority personnel who uses LAN or the internet to control it. By knowing this information any one from outside can control the smart grid using LAN or the internet. This process of hacking the smart grid control is known as aurora attack. The Aurora attack may pose a risk to rotating machinery operating under certain conditions on the electrical grid. The Aurora attack involves opening and closing one or more circuit breakers, resulting in an out-of-synchronism condition that may damage rotating equipment connected to the power grid.This paper focuses on the Aurora attack on a synchronous generator and the existing technology available to mitigate the attack. The root cause of the vulnerability is breakdown in security. The first level prevents the attack with sound security practices. The second level protects the equipment in the event that the security level is compromised. The equipment can be protected using wide-area synchronized phasor measurement and protection system and security considerations.

Download Full-text

Security-Focused Prototyping: A Natural Precursor to Secure Development

10.20944/preprints202103.0406.v1 ◽

2021 ◽

Author(s):

Sam Attwood ◽

Nana Onumah ◽

Katie Paxton-Fear ◽

Rupak Kharel

Keyword(s):

Case Studies ◽

Cyber Security ◽

Development Process ◽

Security Requirements ◽

Application Layer ◽

Domain Specific ◽

Proactive Approach ◽

Security Practices ◽

Future Work ◽

Natural Precursor

Secure development is a proactive approach to cyber security. Rather than building a technological solution and then securing it in retrospect, secure development strives to embed good security practices throughout the development process and thereby reduces risk. Unfortunately, evidence suggests secure development is complex, costly, and limited in practice. This article therefore introduces security-focused prototyping as a natural precursor to secure development that embeds security at the beginning of the development process, can be used to discover domain specific security requirements, and can help organisations navigate the complexity of secure development such that the resources and commitment it requires are better understood. Two case studies–one considering the creation of a bespoke web platform and the other considering the application layer of an Internet of Things system–verify the potential of the approach and its ability to discover domain specific security requirements in particular. Future work could build on this work by conducting case studies to further verify the potential of security-focused prototyping and even investigate its capacity to be used as a tool capable of reducing a broader, socio-technical, kind of risk.

Download Full-text

Reflections on the Influence of the 9/11 Attacks on Domestic Security Practices and Future Cyber Security Needs

SSRN Electronic Journal ◽

10.2139/ssrn.3177272 ◽

2018 ◽

Author(s):

Jason Thomas

Keyword(s):

Cyber Security ◽

Domestic Security ◽

Security Practices

Download Full-text