scholarly journals Safety and Security Are Two Sides of the Same Coin

2020 ◽  
pp. 17-27
Author(s):  
Nancy Leveson
Keyword(s):  
System Theory ◽  
Information Security ◽  
Integrated Analysis ◽  
Analysis Methods ◽  
Two Sides ◽  
Practical Implications

Abstract Whether safety and security overlap depends on how one defines each of these qualities. Definitions are man-made and the definer can include or exclude anything they want. The question really is what the definitions imply for the solution of the problems being defined and which definitions lead to the most effective achievement of the property or properties being defined. This chapter starts by proposing an inclusive definition that combines safety and security and then discusses the practical implications of this definition for solving our safety and security problems. These implications include (1) recognizing that safety and security are not equivalent to reliability, (2) broadening the focus in security from information security and keeping intruders out, and (3) creating new integrated analysis methods based on system theory.

Explanation of terms of grey numbers and its operations

2016 ◽  
Vol 6 (3) ◽  
pp. 436-441 ◽  
Author(s):  
Sifeng Liu ◽  
Handan Rui ◽  
Zhigeng Fang ◽  
Yingjie Yang ◽  
Jeffrey Forrest
Keyword(s):  
System Theory ◽  
Design Methodology ◽  
Grey System Theory ◽  
Grey System ◽  
Content Type ◽  
Universal Principles ◽  
Key Terms ◽  
Practical Implications

Purpose The purpose of this paper is to present the terms of grey numbers and its operations. Design/methodology/approach The definitions of elementary terms about grey numbers and its operations are presented one by one. Findings The reader could know the basic explanation about the important terms about grey numbers and its operations from this paper. Practical implications Many of the colleagues thought that unified definitions of key terms would be beneficial for both the readers and the authors. Originality/value It is a fundamental work to standardise all the definitions of terms for a new discipline. It is also propitious to spread the universal principles of grey system theory.

Study on the second grey relational grade and its properties

Kybernetes ◽  
2010 ◽  
Vol 39 (8) ◽  
pp. 1330-1335 ◽  
Author(s):  
Yan Ma
Keyword(s):  
System Theory ◽  
Design Methodology ◽  
Grey System Theory ◽  
Forecasting Model ◽  
Grey System ◽  
Content Type ◽  
Grey Forecasting ◽  
Grey Relational Grade ◽  
Grey Relational ◽  
Practical Implications

PurposeThe purpose of this paper is to propose a second relational grade based on the general grey relational grade and analyze several of its properties.Design/methodology/approachGrey system theory. The paper proposes and studies second grey relational grade, establishes second grey relational formula, and studies several characteristics of second grey relational formula.FindingsProposing a second relational grade proved it could solve the problem of the parallelism partly and weaken relativity of space position.Research limitations/implicationsUntil now, the problem of the consistency could not be solved, nor could the problem of the effect which keeps the sequence the same.Practical implicationsThe precision of the grey forecasting model could be strengthened if used in the forecasting model.Originality/valueThe general relational grade only thinks over the relation between two sequences but does not involve the relation in one sequence. The second relational grade considers these two, so if the forecasting model is established with it, the model should be more exact.

scholarly journals Explanation of terms of grey clustering evaluation models

2017 ◽  
Vol 7 (1) ◽  
pp. 129-135 ◽  
Author(s):  
Sifeng Liu ◽  
Yingjie Yang
Keyword(s):  
System Theory ◽  
Design Methodology ◽  
Grey System Theory ◽  
Grey System ◽  
Content Type ◽  
Grey Clustering ◽  
Evaluation Models ◽  
Key Terms ◽  
Practical Implications

Purpose The purpose of this paper is to present the terms of grey clustering evaluation models. Design/methodology/approach The definitions of basic terms about grey clustering evaluation models are presented one by one. Findings The reader could know the basic explanation about the important terms about various grey clustering evaluation models from this paper. Practical implications Many of the authors’ colleagues thought that unified definitions of key terms would be beneficial for both the readers and the authors. Originality/value It is a fundamental work to standardise all the definitions of terms for a new discipline. It is also propitious to spread and universal of grey system theory.

Building an awareness-centered information security policy compliance model

2019 ◽  
Vol 120 (1) ◽  
pp. 231-247 ◽  
Author(s):  
Alex Koohang ◽  
Jonathan Anderson ◽  
Jeretta Horn Nord ◽  
Joanna Paliszkiewicz
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Path Modeling ◽  
Information Security Policy ◽  
Content Type ◽  
Security Issues ◽  
Compliance Model ◽  
Security Compliance ◽  
Trusting Beliefs ◽  
Practical Implications

Purpose The purpose of this paper is to build an awareness-centered information security policy (ISP) compliance model, asserting that awareness is the key to ISP compliance and that awareness depends upon several variables that influence successful ISP compliance. Design/methodology/approach The authors built a model with seven constructs, i.e., leadership, trusting beliefs, information security issues awareness (ISIA), ISP awareness, understanding resource vulnerability, self-efficacy (SE) and intention to comply. Seven hypotheses were stated. A sample of 285 non-management employees was used from various organizations in the USA. The authors used path modeling to analyze the data. Findings The findings indicated that IS awareness depends on effective organizational leadership and elevated employees’ trusting beliefs. The understanding of resource vulnerability (URV) and SE are influenced by IS awareness resulting from effective leadership and elevated employees’ trusting beliefs which guide employees to comply with ISP requirements. Practical implications Practical implications were aimed at organizations embracing an awareness-centered information security compliance program to secure organizations’ assets against threats by implementing various security education and training awareness programs. Originality/value This paper asserts that awareness is central to ISP compliance. Leadership and trusting beliefs variables play significant roles in the information security awareness which in turn positively affect employees’ URV and SE variables leading employees to comply with the ISP requirements.

scholarly journals Combination of Hiding and Encryption for Data Security

2020 ◽  
Vol 14 (09) ◽  
pp. 34
Author(s):  
Ibtisam A. Aljazaery ◽  
Haider Th. Salim Alrikabi ◽  
Mustafa Rabea Aziz
Keyword(s):  
Information Security ◽  
Exponential Function ◽  
Data Security ◽  
Two Dimensional ◽  
Encrypted Data ◽  
High Security ◽  
Encrypt Data ◽  
Mathematical Formulas ◽  
Two Sides

<pre>One of the techniques used in information security is the concealment technique, where the information to be hidden within another information medium to be saved in the process of messaging between two sides without detection. In this paper, an algorithm was proposed to conceal and encrypt data using several means.in order to ensure its preservation from detection and hackers. Wavelet transformer was used to change the shape of a wave of information (one and two-dimensional data) and its different mathematical formulas. Two sets of data were used, the first group used in a hidden process. The second group was considered as a means of both embedding and encryption.  The data in the second group is reduced to the extent of sufficient for the modulation process, by extracting its high-value properties and then removing them from the mother's information wave. The process of encrypting of the two sets of data comes together using an exponential function. The result is undetectable information signals. Algorithms were built to hide and encrypt one and two-dimensional data. High-security signals and images were obtained. Decryption algorithms were built to return encrypted data to their original forms, and getting the replica data.</pre><p> </p>

Explanation of terms of sequence operators and grey data mining

2016 ◽  
Vol 6 (3) ◽  
pp. 442-447 ◽  
Author(s):  
Sifeng Liu ◽  
Naiming Xie ◽  
Yingjie Yang ◽  
Jeffrey Forrest
Keyword(s):  
System Theory ◽  
Data Mining ◽  
Design Methodology ◽  
Grey System Theory ◽  
Grey System ◽  
Content Type ◽  
Universal Principles ◽  
Key Terms ◽  
Practical Implications

Purpose The purpose of this paper is to present the terms of sequence operators and grey data mining. Design/methodology/approach The definitions of basic terms about sequence operators and grey data mining are presented one by one. Findings The reader could know the basic explanation about the important terms about sequence operators and grey data mining from this paper. Practical implications Many of the colleagues thought that unified definitions of key terms would be beneficial for both the readers and the authors. Originality/value It is a fundamental work to standardize all the definitions of terms for a new discipline. It is also propitious to spread the universal principles of grey system theory.

Cyberattacks against the health-care sectors during the COVID-19 pandemic

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Ruti Gafni ◽  
Tal Pavel
Keyword(s):  
Health Care ◽  
Information Security ◽  
Design Methodology ◽  
Health Care Industry ◽  
Health Care Sector ◽  
Content Type ◽  
Working Model ◽  
Wide Range ◽  
Practical Implications

Purpose This paper aims to analyze the changes in cyberattacks against the health-care sector during the COVID-19 pandemic. Design/methodology/approach The changes in cyberattacks of the health-care sector are analyzed by examination of the number and essence of published news concerning cybersecurity attacks on the health-care sector during 2019 and compared them to those published during 2020, based on two main websites, which review such incidents. Findings This study found that there was a significant growth in reports of cyberattacks on the health-care sector. Moreover, the number of cyberattacks fit interestingly to the pattern of waves of the disease, which expanded worldwide. During the first wave the number of reports was doubled or even tripled, compared to the same period in 2019, a tendency that was slightly waned afterwards. Practical implications This study helps to deepen the awareness of information security implications of a potential global devastating crisis, even in the cybersecurity domain, and on the health-care sector, among various other affected sectors and domains. Social implications COVID-19 pandemic created long-term wide-range changes that affect every individual and sector, mainly owing to the shift to remote working model, which impose long-term new cybersecurity changes, among them to the health-care industry. Originality/value This paper extends the existing information on implication of remote working model on information security and of the COVID-19 pandemic on the cybersecurity of health-care institutions around the world.

I shall, we shall, and all others will: paradoxical information security behaviour

2018 ◽  
Vol 26 (3) ◽  
pp. 290-305 ◽  
Author(s):  
Dirk P. Snyman ◽  
Hennie Kruger ◽  
Wayne D. Kearney
Keyword(s):  
Information Security ◽  
Design Methodology ◽  
Threshold Analysis ◽  
Content Type ◽  
Security Education ◽  
Privacy Paradox ◽  
Possible Cause ◽  
Practical Implications ◽  
The Way

PurposeThe purpose of this paper is to investigate the lemming effect as a possible cause for the privacy paradox in information security.Design/methodology/approachBehavioural threshold analysis is used to test for the presence of the lemming effect in information security behaviour. Paradoxical behaviour may be caused by the influential nature of the lemming effect. The lemming effect is presented as a possible cause of the privacy paradox.FindingsThe behavioural threshold analysis indicates that the lemming effect is indeed present in information security behaviour and may lead to paradoxical information security behaviour.Practical implicationsThe analysis of the lemming effect can be used to assist companies in understanding the way employees influence each other in their behaviour in terms of security. By identifying possible problem areas, this approach can also assist in directing their information security education endeavours towards the most relevant topics.Originality/valueThis research describes the first investigation of the lemming effect in information security by means of behavioural threshold analysis in practice.

The International Experience in Security Risk Analysis Methods

2019 ◽  
pp. 157-169
Author(s):  
Anca Gabriela Petrescu ◽  
Mirela Anca Postole ◽  
Marilena Ciobanasu
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Risk Analysis ◽  
International Experience ◽  
Lessons Learned ◽  
Security Risk ◽  
Security Risks ◽  
Simplified Approach ◽  
Analysis Methods ◽  
Over Time

The goal of information security is to be able not just to put in place measures to detect and mitigate attacks but also to predict attacks, deter attackers from attacking, and thus defend the systems from attack in the first place. Data protection should be based on the lessons learned over time, both within the organization and in other organizations. Over the time, a large number of methodologies for identifying information security risks were proposed and adopted and simplified approach to different methodologies has led to their classification in quantitative and qualitative, especially in terms of metrics used to quantify risk. This chapter proposes an international overview regarding the quantitative and qualitative analysis methods for information risk analysis. In practice almost always use a combination of these methods, depending on the characteristics of the organization investigated the degree of uncertainty associated with the method of analysis and risk management.

Sign in / Sign up

Export Citation Format

Share Document