Cyber Security Risks And Challenges In Remote Work Under The Covid-19 Pandemic

Developing security systems to protect the storage systems are needed. The main objective of this paper is to study the security of file storage server of an organization. Different kinds of security threats and a number of security techniques used to protect information will be examined. Thus, in this paper, an assessment plan for evaluating cyber security of local storage systems in organizations is proposed. The assessment model is based on the idea of cyber security domains and risk matrix. The proposed assessment model has been implemented on two prestigious and important organizations in the Kingdom of Bahrain. Storage systems of the assessed organizations found to have cyber security risks of different scales. This conclusion gives certainty to the fact that organizations are not capable of following the cyber security evolution and secure their storage systems from cyber security vulnerabilities and breaches. Organizations with local storage systems can improve the cyber security of their storage systems by applying certain techniques.

Download Full-text

Security Awareness in the Internet of Everything

Harnessing the Internet of Everything (IoE) for Accelerated Innovation Opportunities - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-7332-6.ch012 ◽

2019 ◽

pp. 272-301 ◽

Cited By ~ 1

Author(s):

Viacheslav Izosimov ◽

Martin Törngren

Keyword(s):

Cyber Security ◽

Physical System ◽

System Of Systems ◽

The Internet ◽

Security Awareness ◽

Security Risks ◽

Interconnected System ◽

Security Education ◽

Practical Evaluation ◽

Explicit Consideration

Our societal infrastructure is transforming into a connected cyber-physical system of systems, providing numerous opportunities and new capabilities, yet also posing new and reinforced risks that require explicit consideration. This chapter addresses risks specifically related to cyber-security. One contributing factor, often neglected, is the level of security education of the users. Another factor, often overlooked, concerns security-awareness of the engineers developing cyber-physical systems. Authors present results of interviews with developers and surveys showing that increase in security-awareness and understanding of security risks, evaluated as low, are the first steps to mitigate the risks. Authors also conducted practical evaluation investigating system connectivity and vulnerabilities in complex multi-step attack scenarios. This chapter advocates that security awareness of users and developers is the foundation to deployment of interconnected system of systems, and provides recommendations for steps forward highlighting the roles of people, organizations and authorities.

Download Full-text

Cyber Security Assessment of NPP I&C Systems

Cyber Security and Safety of Nuclear Power Plant Instrumentation and Control Systems - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3277-5.ch009 ◽

2020 ◽

pp. 221-238

Author(s):

Oleksandr Klevtsov ◽

Artem Symonov ◽

Serhii Trubchaninov

Keyword(s):

Control Systems ◽

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Cyber Attacks ◽

Security Assessment ◽

Nuclear Facilities ◽

Security Risks ◽

Cyber Threats ◽

And Control

The chapter is devoted to the issues of cyber security assessment of instrumentation and control systems (I&C systems) of nuclear power plants (NPP). The authors examined the main types of potential cyber threats at the stages of development and operation of NPP I&C systems. Examples of real incidents at various nuclear facilities caused by intentional cyber-attacks or unintentional computer errors during the maintenance of the software of NPP I&C systems are given. The approaches to vulnerabilities assessment of NPP I&C systems are described. The scope and content of the assessment and periodic reassessment of cyber security of NPP I&C systems are considered. An approach of assessment to cyber security risks is described.

Download Full-text

A Risk-Oriented Systems Engineering Approach to appraise Cyber Security Risks of CNS/ATM and Avionics Systems

2019 Integrated Communications, Navigation and Surveillance Conference (ICNS) ◽

10.1109/icnsurv.2019.8735392 ◽

2019 ◽

Keyword(s):

Systems Engineering ◽

Cyber Security ◽

Security Risks ◽

Engineering Approach

Download Full-text

Does the NIS implementation strategy effectively address cyber security risks in the UK?

2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security) ◽

10.1109/cybersecpods.2019.8884963 ◽

2019 ◽

Cited By ~ 3

Author(s):

Meha Shukla ◽

Shane D. Johnson ◽

Peter Jones

Keyword(s):

Cyber Security ◽

Implementation Strategy ◽

Security Risks ◽

The Uk

Download Full-text

Dynamic framework for assessing cyber security risks in a changing environment

2016 International Conference on Information Science and Communications Technologies (ICISCT) ◽

10.1109/icisct.2016.7777406 ◽

2016 ◽

Cited By ~ 4

Author(s):

Sergey Naumov ◽

Ilya Kabanov

Keyword(s):

Cyber Security ◽

Security Risks ◽

Changing Environment ◽

Dynamic Framework

Download Full-text

Cyber security and the disaster resilience framework

International Journal of Disaster Resilience in the Built Environment ◽

10.1108/ijdrbe-07-2019-0046 ◽

2020 ◽

Vol 11 (4) ◽

pp. 507-518

Author(s):

Abhilash Panda ◽

Andrew Bower

Keyword(s):

Cyber Security ◽

Local Level ◽

Evidence Base ◽

Disaster Resilience ◽

Security Risk ◽

Security Risks ◽

Content Type ◽

Cascading Effects ◽

Resilience Framework ◽

First Time

Purpose The purpose of this paper is to concentrate on the place of cyber security risk in the framework of global commitments adopted in 2015 to reduce disaster risks in an all-hazards approach. It explores the correlations between traditional risks associated with critical infrastructures – as understood by the Sendai framework – cyber security risks and the cascading effects characteristic of today’s complex and interrelated shocks and stresses. It takes a step further, expanding the focus of traditionally understood technological risks to explore cyber security risks, at the heart of our societies’ digital transformations,and showcase opportunities from the European context. Design/methodology/approach By reviewing existing literature on cyber security, disaster resilience and cascading disasters, this paper highlights current challenges and good practices undertaken by various governments. Findings Understanding disaster risks is a precondition to improving the mitigation of impacts of existing risks and preventing new risks. Effective risk reduction relies on a solid understanding of losses resulting from events to inform future actions, and on the assessment of risks relying on a robust evidence base and state-of-the-art scientific capacity to model and simulate potential hazards. In this context, embedding cyber security risks, and the complexity of cascading impacts in improving the understanding of disaster risks, calls for appropriate methods and tools allowing for a multi-risk and holistic focus to the assessment of risks and the planning of risk management capacities that follow. Research limitations/implications Globally and in Europe, focus on interconnected risk and their impacts is steadily increasing. Risk assessments are still conservative; incorporation of cyber resilience into national and local level DRR plans is yet not visible. Originality/value Existing research is restricted to cyber security and disaster resilience, as separated subjects. This paper, for the first time, brings together the interconnection between the two topic options to address them.

Download Full-text

Cyber Security Challenges through the Lens of Financial Industry

International Journal of Applied Research in Management and Economics ◽

10.33422/ijarme.v2i4.275 ◽

1970 ◽

Vol 2 (4) ◽

pp. 33-38

Author(s):

Iustina Alina Boitan

Keyword(s):

Internal Control ◽

Cyber Security ◽

Large Scale ◽

Internal Audit ◽

Internet Banking ◽

Security Risk ◽

Financial Industry ◽

Security Risks ◽

Banking Activity ◽

Security Challenge

The paper aims at drawing attention on cyber security risks the financial industry is exposed to, which recently started to raise increased concern among European and international authorities, in terms of proper prevention, identification, assessment and management. It is an issue of utmost importance the more so that the financial landscape is continuously changing, to keep pace with the technological innovations applied to banking activity, digitization, large-scale use of internet banking/mobile banking. Cyber security risks are included in the broader framework of IT fraud; neglecting their careful monitoring would trigger serious financial and reputational implications for the financial industry. The paper synthesizes the guidelines and reports recently published by the International Monetary Fund, World Bank, Bank of International Settlements, European Central Bank, European Commission, big-four audit companies as well as research centres, to illustrate which is their response to the digital environment trend and cyber security challenge. Then, it reviews the main typologies of threats included in the cyber security risk, graphically depicts the perceived exposure to cyber risks in comparison with other categories of risks, delineates between key risks and emerging risks, and discusses the risk management responsibilities to be assigned to bank’s board, operational management, risk/internal control/compliance oversight function and internal audit function (known also as the three lines of defence).

Download Full-text