Policy Development and Frameworks for Cyber
                                                Security in Corporates and Law Firms

AbstractDespite an ongoing drive by organizations around the world to improve the sophistication of their risk mitigation measures, cyber-attacks are continually increasing. A study by Panda Labs shows in Q3 in 2016 alone, 18 million new malware samples were captured.2 Another study from Computer Crime and Intellectual Property Section (CCIPS) shows more than 4,000 ransomware attacks occurred daily in 2016. That's a 300% increase over 2015, where 1,000 ransomware attacks were seen per day.3 These studies reflect the double effect of technology—connecting the world and facilitating cyber-attacks simultaneously.

Download Full-text

National Cyber Governance Awareness Policy and Framework

International Journal of Legal Information ◽

10.1017/jli.2019.22 ◽

2019 ◽

Vol 47 (02) ◽

pp. 70-89

Author(s):

Hala Bou Alwan

Keyword(s):

United Arab Emirates ◽

Cyber Security ◽

Risk Mitigation ◽

The United States ◽

Cyber Attacks ◽

Mitigation Measures ◽

Governmental Agencies ◽

Academic Level ◽

The World ◽

Cyber Education

AbstractDespite an ongoing drive by governments and law enforcers around the world to improve the sophistication of their risk mitigation measures, cyber-attacks are continually increasing. A study from Computer Crime and Intellectual Property Section (CCIPS) shows more than 4,000 ransomware attacks occurred daily in 2016. That's a 300 percent increase over 2015, where 1,000 ransomware attacks were seen per day. Cyber criminals are successfully penetrating even the most high-profile companies and governmental agencies. The breach at the NSA was truly alarming and just one recent example of the dire situation the country, and world, face as cybercrime intensifies and the cyber security talent shortage becomes more serious.Accordingly, the purpose of this research is to focus on cyber education at the national, government, and law enforcement level examining the methodology to set the tone from the top ensuring alignment between governments, law enforcers, private sector, and academic level. It also examines the gaps in cyber laws and educational governance initiatives and their impact on efficient execution of cyber policies for various regions of the world with a focus on the United Arab Emirates and the United States of America.Finally, this article recommends policy guidelines and a compliance manual framework for governments and law enforcers to consider ensuring that cyber risks are properly addressed and mitigated in a structured and coherent way.

Download Full-text

ANALYSIS OF THE STATE OF CYBER SECURITY IN THE LEADING COUNTRIES OF THE WORLD

Cybersecurity Education Science Technique ◽

10.28925/2663-4023.2019.4.613 ◽

2019 ◽

pp. 6-13

Author(s):

Yurii I. Khlaponin ◽

Svitlana V. Kondakova ◽

Yevheniia Ye. Shabala ◽

Liliia P. Yurchuk ◽

Pavlo S. Demianchuk

Keyword(s):

Information Security ◽

Social Relations ◽

Cyber Security ◽

Developed Countries ◽

Legal Regulation ◽

Cyber Attacks ◽

The State ◽

Modern World ◽

Electronic Communications ◽

The World

The article is devoted to the study of trends in cybercrime, which is a threat to the country's information security. The place and role of cybersecurity in the system of national security are determined. The state of the system of protection against cyber attacks in the developed countries of the world, such as France, Japan, China, South Korea and the United Kingdom, was analyzed. The main shortcomings and perspectives of protection of cyberspace are revealed. The use of modern information technologies in state structures, as well as in society in general, proposes solving information security problems as one of the main ones. The economy, logistics and security of the country increasingly depend on the technical infrastructure and its security. To improve the effectiveness of the fight against cybercrime, developed countries have long started the appropriate work needed to create their own cyber security strategy. Incidents in the field of cybersecurity affect the lives of consumers information and many other services and cyber attacks aimed at various objects of infrastructure of electronic communications systems or technological processes management. Modern world trends in the development of cybercrime and the strengthening of cyber attacks indicate an increase in the value of combating it for the further development of society, which in turn predetermines the assignment of certain groups of social relations of the cybersphere to the competence of legal regulation. The current situation with cybercrime requires constant improvement of methods the fight against cybercrime, the development of information systems and methods aimed at ensuring the cyber security of the country. Necessary tasks are the development of a national strategy on cybersecurity, which will include tactical and strategic priorities and tasks in this area for state bodies. So, the issue of cyberspace security, the fight against cybercrime is relevant both at the international level and at the level of the individual country, and therefore needs further consideration.

Download Full-text

Cyber-Attack Scoring Model Based on the Offensive Cybersecurity Framework

Applied Sciences ◽

10.3390/app11167738 ◽

2021 ◽

Vol 11 (16) ◽

pp. 7738

Author(s):

Kyounggon Kim ◽

Faisal Abdulaziz Alfouzan ◽

Huykang Kim

Keyword(s):

Cyber Security ◽

Personal Information ◽

Cyber Attacks ◽

The Internet ◽

Critical Infrastructures ◽

Cyber Attack ◽

Security Framework ◽

Scoring Model ◽

Advanced Persistent Threats ◽

The World

Cyber-attacks have become commonplace in the world of the Internet. The nature of cyber-attacks is gradually changing. Early cyber-attacks were usually conducted by curious personal hackers who used simple techniques to hack homepages and steal personal information. Lately, cyber attackers have started using sophisticated cyber-attack techniques that enable them to retrieve national confidential information beyond the theft of personal information or defacing websites. These sophisticated and advanced cyber-attacks can disrupt the critical infrastructures of a nation. Much research regarding cyber-attacks has been conducted; however, there has been a lack of research related to measuring cyber-attacks from the perspective of offensive cybersecurity. This motivated us to propose a methodology for quantifying cyber-attacks such that they are measurable rather than abstract. For this purpose, we identified each element of offensive cybersecurity used in cyber-attacks. We also investigated the extent to which the detailed techniques identified in the offensive cyber-security framework were used, by analyzing cyber-attacks. Based on these investigations, the complexity and intensity of cyber-attacks can be measured and quantified. We evaluated advanced persistent threats (APT) and fileless cyber-attacks that occurred between 2010 and 2020 based on the methodology we developed. Based on our research methodology, we expect that researchers will be able to measure future cyber-attacks.

Download Full-text

Cyberspace and International Order

10.1093/oso/9780198779605.003.0010 ◽

2017 ◽

Cited By ~ 1

Author(s):

Madeline Carr

Keyword(s):

International Relations ◽

Technological Change ◽

International Law ◽

Cyber Security ◽

Armed Conflict ◽

Information Age ◽

International Order ◽

Cyber Attacks ◽

Industrial Age ◽

The World

When The Anarchical Society was published in 1977, the world was on the doorstep of seismic technological change. Forty years later, the information age has placed cyber security at the centre of many global political concerns including armed conflict and international law. The ongoing difficulties associated with accurately attributing cyber attacks introduce a new dimension of anarchy in international relations. This essay draws on Bull’s ideas about social interplay to explore the problem of attribution in cyberspace. It finds that the difficulties of identifying (even) state actors undermine some of the processes and institutions upon which Bull based his ideas. However, it also finds that Bull’s work is useful in unpicking exactly why attribution is so problematic for international relations. Ultimately, Bull’s expectation that actors will look for social solutions to maintain order appears to be holding up in the information age much as it did in the industrial age.

Download Full-text

RISK MANAGEMENT IN THE FINANCIAL SECTOR OF UKRAINE IN THE CONTEXT OF CYBER THREATS AND POST-PANDEMIC ECONOMIC RECOVERY

INNOVATIVE ECONOMY ◽

10.37332/2309-1533.2021.3-4.3 ◽

2021 ◽

pp. 19-27

Author(s):

Nazar Demchyshak ◽

Anastasiia Shkyria

Keyword(s):

Risk Management ◽

National Security ◽

Cyber Security ◽

Financial Sector ◽

Cyber Attacks ◽

Cyber Threats ◽

The World ◽

Cyber Threat ◽

Security Index ◽

Cyber Risk

Purpose. The aim of the article is substantiation of approaches of domestic and foreign scientists to risk management in the financial sector of Ukraine in the context of cyber threats and the need to ensure national security and post-pandemic economic recovery. Methodology of research. General scientific and special methods of scientific research are used in the article, in particular: induction, deduction, scientific abstraction - to reveal the essence of the concepts of "cyber threat", “cyber security" and "digitalization"; statistical and graphical methods - to assess the current situation in the field of cyber defence in the world and the national cyber security index; methods of analysis and synthesis - in substantiating the conclusions of the research. Finding. Definitions of cyber risk, approaches to its interpretation and classification were considered. The importance of cyber security in the digitalization of the national economy was argued. The Strategy of Ukrainian Financial Sector Development until 2025 is analysed. The world statistics of frequency and losses due to cyber-attacks are studied and the cyber threats that caused the greatest losses in Ukraine are identified. The analysis of Ukraine’s positions in the National Cyber Security Index 2020 is carried out. The directions of cyber threat prevention that can be useful for Ukrainian companies are substantiated. Originality. The author’s definition of the term "cyber risk" is proposed, in which special attention in focused on the effects of cyber threats. The importance of cyber risk management in the conditions of inevitability of digitalization in the financial sector of Ukraine is substantiated. Approaches to the prevention of cyber-attacks, the implementation of which is necessary for the successful digital transformation of Ukraine, are proposed. Practical value. The results of the research will contribute to the formation of an effective risk management system in the financial sector of Ukraine in terms of digitalization of the financial space and post-pandemic recovery of the national economy. Key words: national security, cyber risk, cyber threat, cyber defence, digitalization, post-pandemic recovery, fintech.

Download Full-text

Cyber hegemony and information warfare: A case of Russia

Liberal Arts and Social Sciences International Journal (LASSIJ) ◽

10.47264/idea.lassij/5.1.42 ◽

2021 ◽

Vol 5 (1) ◽

pp. 648-666

Author(s):

Asma Rashid ◽

Anum Yar Khan ◽

Syed Wasif Azim

Keyword(s):

Cyber Security ◽

Western Europe ◽

Recent Decade ◽

Cyber Attacks ◽

Arms Race ◽

Information Warfare ◽

The World ◽

International Issue ◽

Digital Landscape ◽

Cyber Criminals

The world has shifted to a digital landscape in the recent decade with both its perks and underlying threats. Russia, throughout history has experimented with its information along with cyber channels and have been able to generate fruitful results that are manifested in the contemporary era. Russian expertise towards merging cyber domain into its military capabilities is praiseworthy to the point that its Western adversaries, despite the fact being economically and technologically advanced compared to Russia, have not been able to effectively counter Russian aggression. This research examines the essentiality of cyber security as a mere software or cyber command can create instability and drastic consequences requiring millions for clean-up by examining Russian cyber-attacks on Estonia, Georgia, Ukraine, US and Western Europe and concludes that the first steps towards Cyber and Information Warfare have been made, it is now to be made sure this does not escalate into a Cyber Arms Race. The research recommends that cyber security should be treated as an international issue with rules established for cyber governance and databases identifying cyber criminals and the software used by them or can be used by them and requires cooperation rather than competition amongst states particularly global superpowers.

Download Full-text

2021-22 Innovative Technologies to Prevent IP Cyber Attacks

10.54216/jcim.080205 ◽

2021 ◽

pp. 84-94

Author(s):

Mohammed. I. Alghamdi ◽

Keyword(s):

Intellectual Property ◽

National Security ◽

Cyber Security ◽

Security Policy ◽

Secondary Data ◽

The United States ◽

Cyber Attacks ◽

Innovative Technologies ◽

Government Organizations ◽

Cyber Threats

The cyber security risks on Intellectual Property (IP) have unfortunately become the center of media attention quite recently. The cyber domain has risen to the front position of national security policy in the United States. This growth has created room for developing a lot of innovative technologies to prevent IP cyber-attacks. Usually, cyber-attacks target private data. But cyber-attacks have recently expanded their threat level to intellectual property. These threats affect companies, people, and even national security. Cyber threats to IP will be victimized by globalization. Hence, this article is aimed to explore existing innovative technologies used to prevent IP cyber-attacks and their future scope. To find out the existing technologies used in the prevention of cyber-attacks, secondary data will be used from recent reports by various public and government organizations, research papers, and news portals, and other relevant sources. Since cyber threats are increasing, a comprehensive, multinational strategy is needed for making better cyber security infrastructure. This strategy would improve international relations, protect international supply chains, innovation, and reduce financial losses.

Download Full-text

Proposals to Win the Battle Against Cyber Crime

Handbook of Research on Threat Detection and Countermeasures in Network Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-6583-5.ch008 ◽

2015 ◽

pp. 139-153

Author(s):

Alaa Hussein Al-Hamami

Keyword(s):

Cyber Security ◽

World Economy ◽

Cyber Attacks ◽

The Internet ◽

Future Trends ◽

Cyber Crime ◽

Personal Safety ◽

The World ◽

Commercial Networks ◽

Data Files

Through commercial networks and across the Internet, there are data files, millions of images and videos, and trillions of messages flow each day to drive the world economy. This vast electronic infrastructure is what our nation depends on. To commit crime by using a computer and communication to forge a person's identity, illegal imports or malicious programs, the computer here is used as an object or subject for the cybercrime. Most of the online activities are vulnerable to intrusion and can compromise personal safety just as effectively as common everyday crimes. This chapter concentrates on explaining and discussing the terms of cyber security, cybercrimes, and cyber-attacks. A history for each term has been given and the problems of cyber security have been discussed. Finally, a proposed solution has been suggested and future trends have been forecasted, and at the end of the chapter a conclusion will be given.

Download Full-text

Cyber Attacks and Cyber Security in Underwater Communication

Energy-Efficient Underwater Wireless Communications and Networking - Advances in Environmental Engineering and Green Technologies ◽

10.4018/978-1-7998-3640-7.ch012 ◽

2021 ◽

pp. 187-193

Author(s):

Sachin Umrao

Keyword(s):

Risk Analysis ◽

Cyber Security ◽

Data Transfer ◽

Cyber Attacks ◽

Underwater Communication ◽

Cyber Attack ◽

Recent Past ◽

The World ◽

The Cost

This chapter is structured around the concepts of risk analysis due to underwater deployment of the cables for data transfer. Most of the organizations have deployed their networks below the water for shortening the distances between peers and also to reduce the physical destruction cost of cables. Furthermore, some organizations like Google kept their servers below the water because it reduced the cost of getting it cool, which in turn increases the efficiency. However, security consultants around the world in recent past expressed their considerations that a cyber-attack on these servers or cables might result in miserable economic collision. This might be overstated but there are infrequent situations in which cable breakage could be riotous. Although organizations cannot rule the threat of attacks on these apparatuses, there are fewer check measures that could reduce the possible attack chances in underwater communication.

Download Full-text

ANALYSIS OF THE RISK MANAGEMENT SYSTEM OF AIRLINE

PROBLEMS OF SYSTEMIC APPROACH IN THE ECONOMY ◽

10.32782/2520-2200/2021-2-14 ◽

2021 ◽

Author(s):

Tamara Oleshko ◽

Nataliia Popyk ◽

Yana Osypova

Keyword(s):

Risk Management ◽

Management System ◽

Risk Mitigation ◽

Mitigation Measures ◽

Civil Aviation ◽

Aviation Industry ◽

Term Survival ◽

Risk Management System ◽

The World ◽

The Impact

Risks are an integral part of any company. Not all types of risk can be identified, not all risk mitigation measures are cost-effective. Risk and the cost of avoiding it in aviation require rational decision-making mechanisms. There are many different risks in any airline as an aircraft operator, carrier and business entity. One of the main tasks of airlines is to minimize them. The article examines the risks that arise in the process of airlines and analyzes the risk management system in airlines. The impact of the pandemic on the aviation industry of Ukraine has been studied. The aviation industry both in Ukraine and in the world plays an important role, its importance in the world economy is constantly growing. This is facilitated by both technological development and the latest developments in the aviation industry, as well as globalization. However, at the same time, the number of risks is increasing, they are becoming more complex and diverse. Therefore, the task of risk management is relevant. Today, the risk management system of any airline is an urgent need, because the competitiveness and success of the airline is inextricably linked to risks. The activities of modern commercial enterprises, including civil aviation enterprises, are aimed at the formation of sustainable competitiveness and long-term survival. There are hundreds of airlines in the world, including 55 in Ukraine. Today, civil aviation in the world is in crisis. Ukrainian aviation is no exception. The closure of state borders and other measures taken in many countries to combat the spread of the coronavirus have led to a catastrophic reduction in air traffic. As a result, airlines were forced to reduce the frequency or cancel the vast majority of flights. All participants in the aviation market suffer from this situation. The development of a risk management system in the airline should be an integral part of its targeted management. The structure of risks faced by the airline is very complex and diverse. Risk is the residual probability of an event with significant consequences after considering mitigation measures.

Download Full-text