Aligning Security Needs for Order in Cyberspace

2018 ◽  
Author(s):  
Myriam Dunn Cavelty
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Major Part ◽  
Coercive Power ◽  
Strategic Actions ◽  
Threat Perceptions ◽  
Distributed Security ◽  
Considerable Resistance ◽  
Traditional Norms ◽  
High Degree

Due to heightened threat perceptions, states are currently expanding their coercive power in cyberspace. They attempt to reduce the risk of escalation in (cybered-)conflict through traditional norms building. At the same time, their strategic actions remain the biggest threat to stability. Cyber-exploitations are a major part of the problem, hindering the removal of known insecurities, thus reducing the effectiveness of any future order. At the same time, the forceful role that states aspire to play in cyber-security has led to questions of legitimacy. The security arrangements that emerged in the 1990s, focused on protection and risk management, had a high degree of legitimacy because they built on a pragmatic solution of distributed security provision. Unless a future order in cyberspace takes into account the interests of companies and consumers who shape this domain in peacetime, it will be met with considerable resistance, with high costs for all sides.

scholarly journals Territories of state-led aquaculture risk management: Thailand’s Plang Yai program

2020 ◽  
pp. 239965442096524
Author(s):  
Mariska JM Bottema ◽  
Simon R Bush ◽  
Peter Oosterveer
Keyword(s):  
Risk Management ◽  
Policy Instruments ◽  
Spatially Explicit ◽  
Financial Risks ◽  
Shared Resources ◽  
Globalizing World ◽  
Farmer Behavior ◽  
Key Policy ◽  
The Individual ◽  
High Degree

The Thai aquaculture sector faces a range of production, market and financial risks that extend beyond the private space of farms to include public spaces and shared resources. The Thai state has attempted to manage these shared risks through its Plang Yai (or ‘Big Area’) agricultural extension program. Using the lens of territorialization, this paper investigates how, through the Plang Yai program, risk management is institutionalized through spatially explicit forms of collaboration amongst farmers and between farmers and (non-)state actors. We focus on how four key policy instruments brought together under Plang Yai delimited multiple territories of risk management over shrimp and tilapia production in Chantaburi and Chonburi provinces. Our findings demonstrate how these policy instruments address risks through dissimilar but overlapping territories that are selectively biased toward facilitating the individual management of production risks, whilst enabling both the individual and collective management of market and financial risks. This raises questions about the suitability of addressing aquaculture risks by controlling farmer behavior through state-led designation of singular, spatially explicit areas. The findings also indicate the multiple roles of the state in territorializing risk management, providing a high degree of flexibility, which is especially valuable in landscapes shared by many users, connected to (global) value chains and facing diverse risks. In doing so we demonstrate that understanding the territorialization of production landscapes in a globalizing world requires a dynamic approach recognizing the multiplicity of territories that emerge in risk management processes.

WannaCry Ransomware Attack from Romanian Police Perspective

2019 ◽  
Vol 8 (1) ◽  
pp. 65-72
Author(s):  
Ion PARASCHIVA
Keyword(s):  
Human Resources ◽  
Cyber Security ◽  
Security Policies ◽  
Technical Knowledge ◽  
Security Strategy ◽  
High Degree ◽  
General Success

The field of cyber security is evolving at an alert pace and requires constantly updated strategies, and from the IT specialists, extensive knowledge and experience. In addition to the technical knowledge regarding cyber security, IT specialists of the Romanian Police need to understand very well the nature of the activity carried out. It should be made aware that there is no valid general success recipe and that the development of security policies should start from analyzing the particularities of human resources. Once their activity is understood, a dedicated security strategy can be outlined, ensuring a high degree of security for the organization and the information held by it.

scholarly journals Cyber security and need to change the model of monitoring fraud and financial crime

2020 ◽  
Vol 8 (2) ◽  
pp. 86-94
Author(s):  
Nikola Radić
Keyword(s):  
Information Flow ◽  
Cyber Security ◽  
Financial Crime ◽  
Digital Revolution ◽  
Use Of Data ◽  
Illegal Behavior ◽  
Risk Functions ◽  
The World ◽  
High Degree ◽  
Trade Wars

The world is fundamentally changing , which leads to dramatic changes in opportunities and risks. In this regard, banks are facing three interrelated fundamental changes. First, the digital revolution has drastically increased the availability and use of data and the speed of decision-making. Second, technological innovation accelerates changes in the competitive and consumer environment in which banks operate. Finally, hyperconnection multiplies the speed of information flow and reshapes the way people think and act, influencing the nature of a bank's relationship with its customers and other stakeholders. The unprecedented speed of change and the high degree of uncertainty suggest the need to introduce different approaches to risk. For banks and other financial institutions, threats arise inside and out, ranging from inappropriate and illegal behavior by employees, to sophisticated cybercrime, trade wars and climate change. As a result, risk functions need to become more dynamic and flexible, they need to help guide institutions through a complex and changing environment of opportunities and risks, while meeting new expectations key actors - regulators, legislators, shareholders, customers (clients) and the community as a whole. The paper especially emphasizes the issue of fraud, various forms of financial crime in relation to cyber security.

Cyber risk management in SMEs: insights from industry surveys

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Felicitas Hoppe ◽  
Nadine Gatzert ◽  
Petra Gruner
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Future Research ◽  
Management Process ◽  
Content Type ◽  
Security Culture ◽  
Current State ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Cyber Risk

PurposeThis article aims to gain insights on the current state of small- and medium-sized enterprises’ (SMEs’) cyber risk management process and to derive future research directions.Design/methodology/approachThis is done by collecting market insights from 37 recent industry surveys and structuring them based on the steps of the risk management process. From this analysis, major challenges are derived and future fields of research identified.FindingsThe results indicate that deficiencies in risk culture as well as the strained market for IT experts are the major obstacles with respect to the implementation of cyber risk management in SMEs, and that these challenges are similar across countries. The findings suggest that especially the relationship between cyber security culture and cyber risk management should be investigated further, and that a stronger link between the research streams on enterprise risk management and cyber risk management would be desirable.Originality/valueThis paper contributes to the literature by providing a systematic overview on the current state of SMEs' cyber risk management from a market perspective. The findings provide support for the existing academic literature by emphasizing the central role of cyber security culture (perception, knowledge, attitude) for a successful cyber risk management, which however should be addressed in more depth in future (empirical) research.

Maturity and Process Capability Models and Their Use in Measuring Resilience in Critical Infrastructure Protection Sectors

2015 ◽  
pp. 506-526
Author(s):  
Clemith J. Houston Jr. ◽  
Douglas C. Sicker
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Process Capability ◽  
Critical Infrastructure Protection ◽  
Maturity Models ◽  
Infrastructure Protection ◽  
Management Capabilities ◽  
Use Of Models ◽  
Measurement Capabilities

This paper provides a literature review and survey of maturity and process capability models, Critical Infrastructure Protection (CIP) tools and frameworks to identify strategies for assessing and measuring resilience and risk management capabilities, with a specific focus on the electricity generating sector. The focus is on the use of models such as CERT-RMM, and others, as a means of addressing challenges associated with cyber security and risk management. Foundational concepts, terminology and definitions are provided; examples of maturity and process capability models are presented and discussed, tools that enable process capability and resilience are identified, including those specific to the electricity generating sector. The evolution of models and how they have addressed challenges is presented, in addition to the characteristics and differences of models and the growth in domains where they can be used. The benefits of the application of process capability and maturity models in maintaining and enhancing resilience and cyber security protection is supported in this paper and recommendations for research opportunities that may yield further insight and measurement capabilities are offered.

The Rigorous Security Risk Management Model

2018 ◽  
pp. 1299-1317
Author(s):  
Neila Rjaibi ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Linear Models ◽  
Management Model ◽  
Security Risk ◽  
Security Threat ◽  
Risk Management Process ◽  
Failure Cost ◽  
The Mean ◽  
Security Risk Management

This chapter presents the security concepts terminologies (threat, risk, security risk management, security risk management process, security threat model) and present the state of the art of security risk management models, compare and discuss strengths and weaknesses of such models. Then it presents the Mean Failure Cost (MFC) model for quantifying security threats as a rigorous measure of cyber security, and as a cascade of linear models in order to estimate the system security using the loss of a given stakeholders as a result of security breakdown. Finally it presents an overview of the applicability of the MFC measure to e-systems. In the conclusion, the chapter criticizes the MFC Cyber Security Measure and presents an overview of different perspectives.

Scientific Intelligence, Decision Making, and Cyber-Security

2021 ◽  
pp. 1467-1489
Author(s):  
Luisa dall'Acqua
Keyword(s):  
Decision Making ◽  
Risk Management ◽  
Cognitive Science ◽  
Cyber Security ◽  
Scientific Intelligence ◽  
The Other ◽  
Intelligence Analysis ◽  
Computer Engineering ◽  
Strategic Choices ◽  
Technological Tools

Because of the huge amount of data and information in the decision-making and strategic choices processes, basing decisions on information directly collected from the sources is not conceivable. A decision-making analyst becomes a fundamental pillar in both the corporate field and the institutional world. This role is becoming increasingly complex and specialized, critical within the cycle of the intelligence analysis, for the relationships that bind it to the other stakeholders, and for the methodological and technological tools that support it. The purpose of this chapter is to explore the milestones of the intelligence analysis deriving from a close collaboration between social sciences, cognitive science, computer engineering, and ICT in order to respond to the different needs in the field of risk management, safety, investigations, and applied intelligence.

Sign in / Sign up

Export Citation Format

Share Document