The Cyber Security Challenges: A Survey of Chief Information Security Officer in Indian Context

2020 ◽  
pp. 749-758
Author(s):  
Kumar Rahul ◽  
Rohitash Kumar Banyal ◽  
Nikhil Raghav Bhatt
Keyword(s):  
Information Security ◽  
Cyber Security ◽  
Security Officer ◽  
Indian Context ◽  
Security Challenges

Introducing Serious Games as a Master Course in Information Security Management Programs

2022 ◽  
pp. 483-506
Author(s):  
Grethe Østby ◽  
Stewart James Kowalski
Keyword(s):  
Information Security ◽  
Cyber Security ◽  
Serious Games ◽  
Learning Experiences ◽  
Incident Response ◽  
Information Security Management ◽  
Security Incident ◽  
Response Training ◽  
Security Challenges ◽  
Type Of Exercise

In this chapter, the authors outline their process for introducing serious games as a course in an Information Security Master Course Program at the Norwegian University of Science and Technology. The process is built on the author's experiences from both participating, coaching, judging, and even arranging serious games and cyber security challenges. With the lack of cultural recipes (or shared experiences) in information and cyber security from previous generations, these recipes must be learned in other environments. Given the efficiency of using exercises for incident response training, the authors suggest that information and cyber security incident response can be learned efficiently through serious games as one type of exercise. The authors suggest that serious games give relevant learning experiences from both developing them and participating in them, and they suggest these learning experiences as part of the course, in addition to necessary instructions.

Analyses of issues of information security in Indian context

2014 ◽  
Vol 8 (3) ◽  
pp. 374-397
Author(s):  
Manmohan Chaturvedi ◽  
Abhishek Narain Singh ◽  
Manmohan Prasad Gupta ◽  
Jaijit Bhattacharya
Keyword(s):  
Information Security ◽  
Cyber Security ◽  
Social Issues ◽  
National Level ◽  
Scale Up ◽  
Policy Formulation ◽  
Organizational Level ◽  
Content Type ◽  
Security Issues ◽  
Indian Context

Purpose – The purpose of this paper is to attempt to fill the need to identify critical information security issues at national level, both technical and social in the Indian context, and create a framework of these issues to provide interesting managerial insights about their hierarchy. Current literature advocates relevance of both technical and social issues in a potential framework to address national and organizational information security concerns. Such a framework can guide users in developing insight for strategy in the maize of important information security issues and their intricate interdependency. Design/methodology/approach – Delphi methodology is used to identify a set of topical issues with help from members of a cyber security group. These issues are further analyzed using Interpretive Structural Modeling (ISM) to impose order and direction to the complex relationships among them. Findings – The analysis using ISM creates a framework of these issues and provides interesting managerial insights about their hierarchy. These insights are used to recommend prioritized action for information security at national and organizational levels. Research limitations/implications – The highlight of this research is ingenious deployment of two idea engineering methods in developing interpretable structural model of 25 information security issues. This model provides valuable insights and can guide the policy formulation. This is the key contribution of this paper. It needs hardly any emphasis on the need for continuous search of all technical and social issues and formulating policies and programs using experts” judgment in a rigorous manner. Subsequent research may scale up to the global level for extension and validation by empanelling Delphi experts from nations belonging to different regions. Time-variant analysis can be attempted with the help of System Dynamics Modeling using causal-loop diagrams to account for the supportive and inhibiting influences of various issues. This approach has the potential to generate more realistic insights that can inform policy formulation. Practical implications – It brings about key information security issues connected with its various facets, viz. national/organizational level initiatives, supportive processes, capabilities and objectives. These issues, identified by Indian experts in the Indian context, offer a method that one could apply in other national contexts and see whether substantial differences occur, and how other experts prioritize these issues. The analysis of social issues along with technical issues using the ISM tool provides us insights that are considered applicable to a larger context than India. The policy and program formulations in other nations can benefit from the insights generated by this research. The fast-paced proliferation of technology and its resultant vulnerabilities have given birth to an underground economy of malware trading by criminals, terrorists and hostile nation states. Secure cyber space for legitimate use by the globalized world can only be achieved by international cooperation. Social implications – A “digital divide” in cyber defense cannot be afforded. As explained earlier, cyber security is a challenge for both developed and developing nations. Prioritization of resources in a sequence suggested by ISM analysis would help face the challenge of cyber security better. The methodology suggested in this paper would ensure adequate response to cyber threats and eliminate knee-jerk reaction. Originality/value – This research emphasizes identification of hierarchical relationship among the identified topical issues of information security rather than using them as a flat checklist. It helps us segregate the end objectives from root issues and highlights the necessity of addressing these root issues to achieve those objectives.

THE NEW SECURITY CHALLENGES OF INFORMATION WAR

2018 ◽  
Vol 28 (6) ◽  
pp. 1855-1864
Author(s):  
Olga Zoric ◽  
Katarina Jonev ◽  
Ivan Rancic
Keyword(s):  
Information Security ◽  
United States Of America ◽  
The United States ◽  
Practical Aspect ◽  
Information Warfare ◽  
Operational Environment ◽  
Security Challenges ◽  
Information Operations ◽  
The Russian Federation ◽  
The Republic

The author starts from the informational dimension of the operational environment in a strategic reality and deal with the problem of defining informational power from the theoretical and practical aspect of information warfare.The deliberations in the work are aimed to initiate a procedure for auditing of the security documents in order to create a legal basis for the operationalization of the content of information security, as one of the aspects of integral security of the Republic of Serbia. The paper deals with the conceptual determinations and importance of information, information warfare and information operations, as well as the content of information warfare, pointing out the strategic and doctrinal definitions of the information warfare of the United States of America, the Russian Federation and the Republic of Serbia. It is necessary to accurately and objectively observe world achievements in the field of national security and the relation of the most powerful world powers to the problem of information warfare. Based on a comparative analysis of world trends and the state of the theoretical and practical aspects of information security of the Republic of Serbia, the focus is on work, where measures are proposed to improve the security function in the fourth unit of work.

An examination on data integrity auditing patterns in cloud computing

2018 ◽  
Vol 7 (1.9) ◽  
pp. 200
Author(s):  
T A.Mohanaprakash ◽  
J Andrews
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Data Integrity ◽  
Cloud Service ◽  
New Approach ◽  
Computing Services ◽  
Security Challenges ◽  
Cloud Server ◽  
State Of Affairs ◽  
Dynamic Updates

Cloud computing is associate inclusive new approach on however computing services square measure made and utilized. Cloud computing is associate accomplishment of assorted styles of services that has attracted several users in today’s state of affairs. The foremost enticing service of cloud computing is information outsourcing, because of this the information homeowners will host any size of information on the cloud server and users will access the information from cloud server once needed. A dynamic outsourced auditing theme that cannot solely defend against any dishonest entity and collision, however conjointly support verifiable dynamic updates to outsourced information. The new epitome of information outsourcing conjointly faces the new security challenges. However, users might not totally trust the cloud service suppliers (CSPs) as a result of typically they may be dishonest. It's tough to work out whether or not the CSPs meet the customer’s expectations for information security. Therefore, to with success maintain the integrity of cloud information, several auditing schemes are projected. Some existing integrity ways will solely serve for statically archived information and a few auditing techniques is used for the dynamically updated information. The analyzed numerous existing information integrity auditing schemes together with their consequences.

Analysis of Csirt Services in Facing Cyber Security Challenges in Indonesia

2021 ◽  
Author(s):  
Muhammad Haidar ◽  
Yudho Giri Sucahyo ◽  
Teddy Sukardi ◽  
Arfive Gandhi
Keyword(s):  
Cyber Security ◽  
Security Challenges

scholarly journals Validity of information security policy models

2004 ◽  
Vol 16 (3) ◽  
pp. 263-274 ◽  
Author(s):  
Joshua Onome Imoniana
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Security Policy ◽  
Chief Executive ◽  
Theoretical Models ◽  
Information Security Policy ◽  
Security Officer ◽  
Continuity Planning ◽  
Policy Models ◽  
Inclusive Business

Validity is concerned with establishing evidence for the use of a method to be used with a particular set of population. Thus, when we address the issue of application of security policy models, we are concerned with the implementation of a certain policy, taking into consideration the standards required, through attribution of scores to every item in the research instrument. En today's globalized economic scenarios, the implementation of information security policy, in an information technology environment, is a condition sine qua non for the strategic management process of any organization. Regarding this topic, various studies present evidences that, the responsibility for maintaining a policy rests primarily with the Chief Security Officer. The Chief Security Officer, in doing so, strives to enhance the updating of technologies, in order to meet all-inclusive business continuity planning policies. Therefore, for such policy to be effective, it has to be entirely embraced by the Chief Executive Officer. This study was developed with the purpose of validating specific theoretical models, whose designs were based on literature review, by sampling 10 of the Automobile Industries located in the ABC region of Metropolitan São Paulo City. This sampling was based on the representativeness of such industries, particularly with regards to each one's implementation of information technology in the region. The current study concludes, presenting evidence of the discriminating validity of four key dimensions of the security policy, being such: the Physical Security, the Logical Access Security, the Administrative Security, and the Legal & Environmental Security. On analyzing the Alpha of Crombach structure of these security items, results not only attest that the capacity of those industries to implement security policies is indisputable, but also, the items involved, homogeneously correlate to each other.

Sign in / Sign up

Export Citation Format

Share Document