Creating and Implementing an Effective and Deterrent National Cyber Security Strategy

This paper presents a new national cyber security strategy (NCSS) covering the deterrence perspective from creation to implementation. With the aim of responding to and ensuring cyber security effectively, studies on which pathways should be followed and what methods should be used to develop, create, and implement a NCSS are being conducted in Turkey, as in all countries. In this context, by explaining the importance of cyber power, the need for cyber power to be considered as one of the elements of national power and the importance of providing security against cyber attacks with deterrence by cyber power are discussed, while a new and integrated approach for the creation and implementation of a NCSS and an authoritarian organizational structure responsible for this strategy is proposed. It can be concluded that the proposed effective and deterrent NCSS model and approaches might help to efficiently and effectively handle these issues for better management, control, and auditing for cyber security issues; provide new concepts for cyber security issues supported by cyber power and deterrence on this issue in the world; introduce integrated approach to cyber security strategies and policies on the stages of developing and implementing a NCSS; bring a number of issues to support cyber security and defence in different perspectives; and achieve a high degree of success, especially in terms of effectiveness and existing deterrence strategies and action plans of basic structure, with the proposed approach. Finally, it is expected that the proposed strategy, steps, and suggestions might help to improve cyber security issues and national strategies in near future to secure national assessment more than ever with a powerful concept of deterrence. In addition, this approach, which has been put forward for effective implementation of cyber security by ensuring better management, control, and supervision, can be easily used by all other countries.

Download Full-text

WannaCry Ransomware Attack from Romanian Police Perspective

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2019.01.09 ◽

2019 ◽

Vol 8 (1) ◽

pp. 65-72

Author(s):

Ion PARASCHIVA

Keyword(s):

Human Resources ◽

Cyber Security ◽

Security Policies ◽

Technical Knowledge ◽

Security Strategy ◽

High Degree ◽

General Success

The field of cyber security is evolving at an alert pace and requires constantly updated strategies, and from the IT specialists, extensive knowledge and experience. In addition to the technical knowledge regarding cyber security, IT specialists of the Romanian Police need to understand very well the nature of the activity carried out. It should be made aware that there is no valid general success recipe and that the development of security policies should start from analyzing the particularities of human resources. Once their activity is understood, a dedicated security strategy can be outlined, ensuring a high degree of security for the organization and the information held by it.

Download Full-text

Economics of Cyber Security and the Way Forward

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch008 ◽

2018 ◽

pp. 132-150

Author(s):

Taiseera Al Balushi ◽

Saqib Ali ◽

Osama Rehman

Keyword(s):

Communication Technology ◽

Cyber Security ◽

Cyber Attacks ◽

Remote Access ◽

Security Threats ◽

The Public ◽

Security Issues ◽

Information And Communication ◽

Financial Losses ◽

Government Perspective

Initiatives carried by companies, institutes and governments to flourish and embellish the Information and Communication Technology (ICT) among the public have led to its penetration into every walk of life. ICT enhances the efficiency of various systems, such as the organisation and transfer of data. However, with the digital and remote access features of ICT comes the motivation towards financial, political and military gains by rivals. Security threats and vulnerabilities in existing ICT systems have resulted in cyber-attacks that are usually followed by substantial financial losses. This study discusses the security in ICT from a business, economic and government perspective. The study makes an attempt to understand the seriousness of the security issues and highlights the consequences of security breech from an economic perspective. Based on the performed analysis, the factors behind these attacks are provided along with recommendations for better preparations against them.

Download Full-text

Efficient Cyber Security Framework for Smart Cities

Secure Cyber-Physical Systems for Smart Cities - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-7189-6.ch006 ◽

2019 ◽

pp. 130-157 ◽

Cited By ~ 2

Author(s):

Amtul Waheed ◽

Jana Shafi

Keyword(s):

Cyber Security ◽

Smart City ◽

Smart Cities ◽

Cost Effective ◽

Cyber Attacks ◽

Security And Privacy ◽

Sensitive Information ◽

Security Framework ◽

Smart Transportation ◽

Security Issues

Smart cities are established on some smart components such as smart governances, smart economy, science and technology, smart politics, smart transportation, and smart life. Each and every smart object is interconnected through the internet, challenging the security and privacy of citizen's sensitive information. A secure framework for smart cities is the only solution for better and smart living. This can be achieved through IoT infrastructure and cloud computing. The combination of IoT and Cloud also increases the storage capacity and computational power and make services pervasive, cost-effective, and accessed from anywhere and any device. This chapter will discuss security issues and challenges of smart city along with cyber security framework and architecture of smart cities for smart infrastructures and smart applications. It also presents a general study about security mechanism for smart city applications and security protection methodology using IOT service to stand against cyber-attacks.

Download Full-text

Artificial Intelligence-Based Solutions for Cyber Security Problems

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Artificial Intelligence Paradigms for Smart Cyber-Physical Systems ◽

10.4018/978-1-7998-5101-1.ch004 ◽

2021 ◽

pp. 68-86

Author(s):

Merve Yildirim

Keyword(s):

Artificial Intelligence ◽

Cyber Security ◽

Cyber Attacks ◽

Network Systems ◽

Security Systems ◽

Artificial Intelligence Techniques ◽

Security Issues ◽

Security Applications ◽

Cyber Threats ◽

Legal Risks

Due to its nature, cyber security is one of the fields that can benefit most from the techniques of artificial intelligence (AI). Under normal circumstances, it is difficult to write software to defend against cyber-attacks that are constantly developing and strengthening in network systems. By applying artificial intelligence techniques, software that can detect attacks and take precautions can be developed. In cases where traditional security systems are inadequate and slow, security applications developed with artificial intelligence techniques can provide better security against many complex cyber threats. Apart from being a good solution for cyber security problems, it also brings usage problems, legal risks, and concerns. This study focuses on how AI can help solve cyber security issues while discussing artificial intelligence threats and risks. This study also aims to present several AI-based techniques and to explain what these techniques can provide to solve problems in the field of cyber security.

Download Full-text

Cyber Security Issues in Navigation Systems of Marine Vessels From a Control Perspective

Volume 7B: Ocean Engineering ◽

10.1115/omae2017-61771 ◽

2017 ◽

Cited By ~ 4

Author(s):

Vahid Hassani ◽

Naveena Crasta ◽

António M. Pascoal

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

Gps Data ◽

Positioning System ◽

Navigation Systems ◽

State Variables ◽

Security Measures ◽

Security Issues ◽

Linear Control Theory ◽

Marine Vessels

Autonomous marine vessels are the way forward to revolutionize maritime operations. However, the safety and success of autonomous missions depend critically on the availability of a reliable positioning system and time information generated using global positioning system (GPS) data. GPS data are further used for guidance, navigation, and control (GNC) of vehicles. At a mission planning level GPS data are commonly assumed to be reliable. From this perspective, this article aims to highlight the perils of maritime navigation attacks, showing the need for the enhancement of standards and security measures to intercept any serious threats to marine vessels emanating from cyber attacks and GPS spoofing. To this end, we consider a case where a cyber attacker blocks the real GPS signals and dupes the GPS antennas on board the marine vehicle with fake signals. Using the Nomoto model for the steering dynamics of a marine vessel and exploiting tools from linear control theory we show analytically, and verify using numerical simulations, that it is possible to influence the state variables of the marine vessel by manipulating the compromised GPS data.

Download Full-text

A Worldwide Analysis of Cyber Security and Cyber Crime using Twitter

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f1333.0986s319 ◽

2019 ◽

Vol 8 (6S3) ◽

pp. 1051-1056

Keyword(s):

Cyber Security ◽

Personal Data ◽

Developed Countries ◽

The United States ◽

Cyber Attacks ◽

Security Threats ◽

Sudden Increase ◽

Security Issues ◽

The United Kingdom ◽

Novel Approach

In the era of social media and the Internet, there has been an exponential increase in threats related to the privacy of user accounts and data. The confidentiality of personal data is compromised for various motives. This sudden increase in security threats has led to widespread problems. Our research is focused on analyzing the extent of cyber-attacks in various countries across the globe. We have proposed a novel approach for analyzing the tweets related to cyber-attacks and its surrounding fields. The analysis proves that Asian countries face more cyber security issues as compared to European countries. Further, it is also analyzed that developing countries like India are more prone to these issues as compare to developed countries like the United States or the United Kingdom.

Download Full-text

FORECASTING COSTS OF CYBER ATTACKS USING ESTIMATION THE GLOBAL COST OF CYBER RISK CALCULATOR V 1.2

Selected papers of the International Scientific Conference “Contemporary Issues in Business, Management and Economics Engineering 2021” ◽

10.3846/cibmee.2021.618 ◽

2021 ◽

Author(s):

Julija Gavėnaitė-Sirvydienė ◽

Algita Miečinskienė

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

Future Research ◽

Risk Calculator ◽

Estimation Model ◽

The Public ◽

Security Issues ◽

Baltic Countries ◽

Global Cost ◽

Cyber Risk

Purpose – due to the constant increase of cyber-attacks not only the measures of identifying and controlling cyber risks are created, but also the methods of estimating possible cyber-attacks financial costs should be developed to increase business preparedness. The purpose of this research is to forecast potential costs of cyber-attacks in Baltic countries. Research methodology – to achieve the aim of the article and prepare a prognosis of possible cyber-attacks costs the Estimation the Global Costs of Cyber Risk Calculator V 1.2 tool was used. Findings – estimated costs of cyber-attacks in Lithuania, Latvia and Estonia are highest in the public business and ser-vices sector and also in the defense sector. According to conducted calculations the costs of cyber-attacks in Lithuania will reach 1% of GDP of Lithuania by 2026. Research limitations – in this research the costs of cyber-attacks are estimated regarding industries of business but not excluding specific cyber threats. Therefore, for the future research possibilities could be the analyses of specific cyber risks and their impact to various business sectors. Practical implications – the results of the research may be useful in practical approach for preparing the risk manage-ment tools, evaluating possible damage and effect of cyber-attacks to business, also increasing preparedness level and business resilience. Originality/Value – this estimation model has been not used to evaluate and discuss cyber-risks costs in Lithuania among previous researches, therefore the topic and conducted results are original and significantly relevant for further analyses of cyber security issues in Lithuania.

Download Full-text

Cyber Diplomacy

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2021.02.05 ◽

2021 ◽

Vol 10 (2) ◽

pp. 37-50

Author(s):

Andreea DRAGOMIR

Keyword(s):

European Union ◽

Cyber Security ◽

Main Idea ◽

Cyber Attacks ◽

The European Union ◽

Security Strategy ◽

Cyber Defense ◽

Member States ◽

Cross Border ◽

The Cross

The article aims to highlight issues related to the risks to both the European Union and the Member States, but at the same time seeks to highlight current legislative and political approaches applicable in cyberspace. This set of tools used in cyber diplomacy includes the concepts of cooperation and diplomatic dialogue (common cyber network of EU states, common cyber defense unit) but also measures to prevent cyber-attacks (European Union Cyber Security Strategy), as well as sanctions. Throughout this presentation, the main idea is supported by the cross-border nature of cyberspace.

Download Full-text

The Impact of Human Behavior on Cyber Security

Advances in Digital Crime, Forensics, and Cyber Terrorism - Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare ◽

10.4018/978-1-4666-8793-6.ch018 ◽

2016 ◽

pp. 403-422

Author(s):

Nancy Houston

Keyword(s):

Decision Making ◽

Human Behavior ◽

Cyber Security ◽

Cyber Attacks ◽

The Internet ◽

Behavioral Traits ◽

Security Issues ◽

Policy And Strategy ◽

Behavioral Aspects ◽

The Impact

Perhaps the greatest challenge to cyber security is that people are inherently behind each cyber problem as well as its solution. The reality is that people have been stealing secrets and information and attacking others for thousands of years; the technology of the Internet just allows it to happen at a faster pace and on a larger scale. This chapter describes aspects of human behavior that impact cyber security efforts. Cognitive overload, bias, incentives and behavioral traits all affect the decision making of both those who develop policy and strategy, those who fall victim to cyber attacks, and those who initiate cyber attacks. Although limited research has been completed on the behavioral aspects of cyber security, many behavioral principles and models are applicable to cyber security issues.

Download Full-text

Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix

Software & Systems Modeling ◽

10.1007/s10270-021-00898-7 ◽

2021 ◽

Author(s):

Wenjun Xiong ◽

Emeline Legrand ◽

Oscar Åberg ◽

Robert Lagerström

Keyword(s):

Cyber Security ◽

Enterprise Systems ◽

Cyber Attacks ◽

Security Threat ◽

Threat Modeling ◽

Security Issues ◽

It Systems ◽

Relationship Model ◽

Attack Surface ◽

Entity Relationship

AbstractEnterprise systems are growing in complexity, and the adoption of cloud and mobile services has greatly increased the attack surface. To proactively address these security issues in enterprise systems, this paper proposes a threat modeling language for enterprise security based on the MITRE Enterprise ATT&CK Matrix. It is designed using the Meta Attack Language framework and focuses on describing system assets, attack steps, defenses, and asset associations. The attack steps in the language represent adversary techniques as listed and described by MITRE. This entity-relationship model describes enterprise IT systems as a whole; by using available tools, the proposed language enables attack simulations on its system model instances. These simulations can be used to investigate security settings and architectural changes that might be implemented to secure the system more effectively. Our proposed language is tested with a number of unit and integration tests. This is visualized in the paper with two real cyber attacks modeled and simulated.

Download Full-text