The development of a cyber security policy in developing regions and the impact on stakeholders

2014 ◽  
Author(s):  
Ian Ellefsen
Keyword(s):  
Cyber Security ◽  
Security Policy ◽  
Developing Regions ◽  
The Impact

scholarly journals The Impact of Cyber Governance in Reducing the Risk of Cloud Accounting in Jordanian Commercial Banks - from the Perspective of Jordanian Auditing Firms

2020 ◽  
Vol 14 (3) ◽  
pp. 75
Author(s):  
Osama Abdul Moniem Ali ◽  
Ala Jaber Matarneh ◽  
Ahmed Almalkawi ◽  
Hamzeh Mohamed Alhawamdeh
Keyword(s):  
Cyber Security ◽  
Commercial Banks ◽  
Security Policy ◽  
Pearson Correlation ◽  
Human Resources Management ◽  
Study Data ◽  
Simple Random Sample ◽  
Security Governance ◽  
Comprehensive Survey ◽  
The Impact

The objective of this study is identifying the impact of cyber governance on reducing the risk of cloud accounting in the Jordanian commercial banks. To achieve the objectives of this study, the descriptive and analytical approach was used; the study community is composed of external legal accountants who practices auditing in Jordan, (477) of them are practicing external auditing at the end of (2018) according to the statistics of the Jordanian association of certified public accountants (JACPA). Due to the difficulty and cost of the comprehensive survey, a simple random sample was taken. The sample included (213) auditors. The questionnaire was distributed to the sample of the study by the researchers personally and through e-mails, (182) questionnaires were recovered, after excluding (7) for the incompetence, of which (175) were valid for the statistical analysis. Thus, the percentage of retrieved and analyzed questionnaires was (82.2%), which is statistically acceptable. and In order to analyze the study data and test hypotheses, the statistical package for social sciences (SPSS) was used in the various statistical analyses, which are the descriptive statistics and coefficient of internal consistency (Cronbach's alpha). also, The multiple correlation test was used, using the Pearson correlation coefficient, Multiple linear regression and stepwise regression analysis. The study came to find several results , the most important was The presence of a statistically significant impact of cyber security governance (cybersecurity security governance requirements, cybersecurity program, cyber security policy, cyber information management, evaluating and managing cyber risks) in reducing cloud accounting risks in Jordanian commercial banks, The most important recommendations are the need for Jordanian commercial banks to adopt the cyber governance as a basic reference to their banking policy to address the risks associated with the use of cloud accounting, As well as the need to establish a special department for human resources management within the bank which would have a pioneering intellectual orientation to cope with modern trends in cyber governance.

Republic of Moldova in the Context of Regional Security Challenges in Eastern Europe

2018 ◽  
pp. 299-304
Author(s):  
Stefan Tibuleac
Keyword(s):  
Eastern Europe ◽  
Security Policy ◽  
Security System ◽  
Regional Security ◽  
Strategic Uncertainty ◽  
European Security ◽  
Republic Of Moldova ◽  
The Republic ◽  
The Impact

This article analyzes the most current security issues for the Republic of Moldova that are part of the regional security context of Eastern Europe –the region that can be considered the epicenter of international tensions through which the„geopolitical line of fracture”passes. The geographical position of the Republic of Moldova makes this state particularly sensitive to any negative trends in theregion. Growing of international tensions creates security threats and complicates economic development. From a historical point of view, Moldova has repeatedly fallen victim by the confrontation of the great powers. Therefore, the Republic of Moldova has a vital interest in preventing a new conflict in Eastern Europe. This article is based on a number of assumptions made by changes in the European security environment, such as the „shift of weight” to the East, strategic uncertainty, increasing the role of non-state actors, the situation in eastern Ukraine, etc. Based on these assumptions, this article makes an attempt to outline the potential role of the Republic of Moldova in the Eastern European security system, taking into account the desideratum for integration of the republic into the European Union. Other relevant factors will be taken into account for shaping the role of the Republic of Moldova in the European security system, namely: the security deficit; the impact of NATO and EU security policy; the rebirth of the project to create a regional defense alliance, etc. This article will largely take into account the military aspects of security. Keywords: Republic of Moldova, national security, Eastern Europe, NATO, Intermarium, defence, threats, risks, challenges

scholarly journals Cyber operational risk scenarios for insurance companies

2019 ◽  
Vol 24 ◽  
Author(s):  
R. Egan ◽  
S. Cartagena ◽  
R. Mohamed ◽  
V. Gosrani ◽  
J. Grewal ◽  
...  
Keyword(s):  
Cyber Security ◽  
Operational Risk ◽  
Social Engineering ◽  
Insurance Companies ◽  
List Type ◽  
Operational Risks ◽  
Life Insurer ◽  
Cyber Risk ◽  
The Impact ◽  
Over Time

AbstractCyber Operational Risk: Cyber risk is routinely cited as one of the most important sources of operational risks facing organisations today, in various publications and surveys. Further, in recent years, cyber risk has entered the public conscience through highly publicised events involving affected UK organisations such as TalkTalk, Morrisons and the NHS. Regulators and legislators are increasing their focus on this topic, with General Data Protection Regulation (“GDPR”) a notable example of this. Risk actuaries and other risk management professionals at insurance companies therefore need to have a robust assessment of the potential losses stemming from cyber risk that their organisations may face. They should be able to do this as part of an overall risk management framework and be able to demonstrate this to stakeholders such as regulators and shareholders. Given that cyber risks are still very much new territory for insurers and there is no commonly accepted practice, this paper describes a proposed framework in which to perform such an assessment. As part of this, we leverage two existing frameworks – the Chief Risk Officer (“CRO”) Forum cyber incident taxonomy, and the National Institute of Standards and Technology (“NIST”) framework – to describe the taxonomy of a cyber incident, and the relevant cyber security and risk mitigation items for the incident in question, respectively.Summary of Results: Three detailed scenarios have been investigated by the working party:∙Employee leaks data at a general (non-life) insurer: Internal attack through social engineering, causing large compensation costs and regulatory fines, driving a 1 in 200 loss of £210.5m (c. 2% of annual revenue).∙Cyber extortion at a life insurer: External attack through social engineering, causing large business interruption and reputational damage, driving a 1 in 200 loss of £179.5m (c. 6% of annual revenue).∙Motor insurer telematics device hack: External attack through software vulnerabilities, causing large remediation / device replacement costs, driving a 1 in 200 loss of £70.0m (c. 18% of annual revenue).Limitations: The following sets out key limitations of the work set out in this paper:∙While the presented scenarios are deemed material at this point in time, the threat landscape moves fast and could render specific narratives and calibrations obsolete within a short-time frame.∙There is a lack of historical data to base certain scenarios on and therefore a high level of subjectivity is used to calibrate them.∙No attempt has been made to make an allowance for seasonality of renewals (a cyber event coinciding with peak renewal season could exacerbate cost impacts)∙No consideration has been given to the impact of the event on the share price of the company.∙Correlation with other risk types has not been explicitly considered.Conclusions: Cyber risk is a very real threat and should not be ignored or treated lightly in operational risk frameworks, as it has the potential to threaten the ongoing viability of an organisation. Risk managers and capital actuaries should be aware of the various sources of cyber risk and the potential impacts to ensure that the business is sufficiently prepared for such an event. When it comes to quantifying the impact of cyber risk on the operations of an insurer there are significant challenges. Not least that the threat landscape is ever changing and there is a lack of historical experience to base assumptions off. Given this uncertainty, this paper sets out a framework upon which readers can bring consistency to the way scenarios are developed over time. It provides a common taxonomy to ensure that key aspects of cyber risk are considered and sets out examples of how to implement the framework. It is critical that insurers endeavour to understand cyber risk better and look to refine assumptions over time as new information is received. In addition to ensuring that sufficient capital is being held for key operational risks, the investment in understanding cyber risk now will help to educate senior management and could have benefits through influencing internal cyber security capabilities.

REGIONAL SECURITY DYNAMICS IN NORTHERN EUROPE (ON THE EXAMPLE OF NORWAY) IN THE LIGHT OF RECENT CHANGES

2020 ◽  
Vol 73 (1) ◽  
pp. 103-111
Author(s):  
D. Kalibekuly ◽  
◽  
Y.S. Chukubayev ◽  
Keyword(s):  
North Atlantic ◽  
Member Country ◽  
Security Policy ◽  
Security System ◽  
Regional Security ◽  
Northern Europe ◽  
The North ◽  
The North Atlantic ◽  
The Impact

The paper examines the dynamics of regional security in Norway as a part of Northern Europe. Being a political and geographical part of the Euro-Atlantic security system. Northern Europe, in its turn, is experiencing the impact of the confrontation between Russia and NATO. Norway's security policy analyzed from the perspective of a regional leader, as a NATO member country participating in the operations of the North Atlantic Alliance and as NATO's northern wing.

scholarly journals Fuzzy-Based Symmetrical Multi-Criteria Decision-Making Procedure for Evaluating the Impact of Harmful Factors of Healthcare Information Security

Symmetry ◽  
2020 ◽  
Vol 12 (4) ◽  
pp. 664 ◽  
Author(s):  
Rajeev Kumar ◽  
Abhishek Kumar Pandey ◽  
Abdullah Baz ◽  
Hosam Alhakami ◽  
Wajdi Alhakami ◽  
...  
Keyword(s):  
Decision Making ◽  
Information Security ◽  
Information Management ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Multi Criteria Decision Making ◽  
Local Hospital ◽  
Healthcare Information ◽  
Security Breaches ◽  
The Impact

Growing concern about healthcare information security in the wake of alarmingly rising cyber-attacks is being given symmetrical priority by current researchers and cyber security experts. Intruders are penetrating symmetrical mechanisms of healthcare information security continuously. In the same league, the paper presents an overview on the current situation of healthcare information and presents a layered model of healthcare information management in organizations. The paper also evaluates the various factors that have a key contribution in healthcare information security breaches through a hybrid fuzzy-based symmetrical methodology of AHP-TOPSIS. Furthermore, for assessing the effect of the calculated results, the authors have tested the results on local hospital software of Varanasi. Tested results of the factors are validated through the comparison and sensitivity analysis in this study. Tabulated results of the proposed study propose a symmetrical mechanism as the most conversant technique which can be employed by the experts and researchers for preparing security guidelines and strategies.

scholarly journals Cybersecurity: Toward a Meaningful Policy Framework

2018 ◽  
Author(s):  
Peter M. Shane
Keyword(s):  
Cyber Security ◽  
Security Policy ◽  
Legal Framework ◽  
Public Understanding ◽  
Policy Framework ◽  
Military Effectiveness ◽  
The Public ◽  
Trade Offs ◽  
National Debate ◽  
Sharing Responsibility

This critique of Karson K. Thompson’s note, "Not Like an Egyptian: Cybersecurity and the Internet Kill Switch Debate," argues that the U.S. lacks a framework of laws and regulations, "smart" or otherwise, that adequately incentivizes the parties with the greatest capacity to improve our cyber security to do so. It attributes the poor state of U.S. cyber policy to the "bewildering array of overlapping responsibilities" scattered among government offices and departments; the difficult imperative of sharing responsibility among military and civilian authorities; the fact that most of the networks (and the dependent critical infrastructures) that need protecting are in private hands; and the lack of public understanding of the kinds of regulation that are necessary or appropriate. The essay argues that meaningful progress towards an adequate legal framework depends on a broad national debate aimed at defining the public good with regard to cyber-security, and the inevitable trade-offs among security, privacy, productivity, economic growth, organizational flexibility, military effectiveness, government transparency, and accountability that must be confronted in making sensible cyber-security policy.

Sign in / Sign up

Export Citation Format

Share Document