Case study: Combatting cyber threats, disinformation, and Internet shutdowns

2022 ◽  
Author(s):  
Estelle Masse ◽  
Marwa Fatafta ◽  
Felicia Anthonio ◽  
Verónica Arroyo
Keyword(s):  
Cyber Threats

A new dimension of risks in sports: the cyber domain

2021 ◽  
Vol 29 (4s) ◽  
pp. 9-17
Author(s):  
Eyal Pinko
Keyword(s):  
Risk Assessment ◽  
Literature Review ◽  
Cyber Attack ◽  
Sports Organizations ◽  
Design And Implementation ◽  
Cyber Threats ◽  
Sports Events ◽  
Digital Era ◽  
Further Development

The digital era and the increasing technological reliance of sport are showing a new face of threat and present a new challenge to the sports organizations – assuring the cybersecurity of the organization, the event, the team. While cybersecurity is a central topic during the design and implementation of the security of major sports events for more than a decade, the sports organizations get newly introduced in the domain, and unfortunately, some happen to learn lessons painfully – by suffering a cyber-attack. The present article aims to examine different kinds of cyber threats to which sports organizations are exposed by studying the most common types of attackers, motivation, and the means used for an attack. The applied methodology includes a literature review and case study performed on cases from three types of categories: major sports events; sports administering bodies, clubs, and athletes. The results of the analysis provide systematic information about the most common attackers’ types, motivations, and approaches which can be used as a foundation for further development of cybersecurity risk assessment of sports organizations.

Why Is Cyber Risk an Issue?

2021 ◽  
pp. 1-15
Author(s):  
Gregory Falco ◽  
Eric Rosenbach
Keyword(s):  
Real World ◽  
Digital Systems ◽  
Mitigation Measures ◽  
Cyber Threats ◽  
Cyber Risk ◽  
The Impact

The question “Why is cyber risk an issue?” pinpoints the leadership challenge that cyber risk poses. The chapter begins with a WannaCry case study that demonstrates how cyberattacks can impact every aspect of organizations given the pervasive nature of digital systems. The chapter describes how leadership must address cyber risk by analyzing the organization’s unique threats, its vulnerabilities, and the impact an attack can have on the organization. It describes how mitigation measures minimize cyber vulnerabilities and maximize an organization’s ability to respond to cyberattacks. It emphasizes that leadership must strategically manage cyber risk through carefully selected mitigations. This chapter introduces how an Embedded Endurance cyber risk strategy offers a systems-level approach to mitigating cyber risk by addressing interdependent components of the organization’s risk and preparing for the inevitability of cyber threats over the long term, and details real-world Embedded Endurance cyber risk strategy experiences.

The Cyberethics, Cybersafety, and Cybersecurity at Schools

2016 ◽  
Vol 4 (1) ◽  
pp. 1-15
Author(s):  
Irene L. Chen ◽  
Libi Shen
Keyword(s):  
School Districts ◽  
Cyber Bullying ◽  
Teenage Girl ◽  
Case Study Approach ◽  
Study Approach ◽  
Cyber Threats ◽  
E Mail ◽  
National Infrastructure ◽  
Shed Light

The 2006 Megan Meier case, where a teenage girl who was bullied on the Internet through e-mail and Myspace which was said to ultimately lead to her suicide, shed light on the cyber bullying issue in schools. This article uses a case study approach to describe how a number of school institutes were grappling with the loss of confidential information and protecting students on the WWW, each through a unique set of circumstances. It will reveal potential reactions of the institutions and possible ways to deal with the cyber threats. With experiences, school districts take measures to offer value education by improving students' knowledge and awareness of Cyberethics, Cybersafety, and Cybersecurity (C3) concepts to provide them with the means to protect themselves, and to enhance the safety and security of national infrastructure.

The Next Generation of Scientific-Based Risk Metrics

2016 ◽  
Vol 6 (3) ◽  
pp. 43-52
Author(s):  
Lanier Watkins ◽  
John S. Hurley
Keyword(s):  
Analytic Hierarchy ◽  
Skill Sets ◽  
Server Side ◽  
Cyber Threats ◽  
Information Assets ◽  
Resource Levels ◽  
Client Side ◽  
The Impact ◽  
Hierarchy Process

One of the major challenges to an organization achieving a certain level of preparedness to “effectively” combat existing and future cyber threats and vulnerabilities is its ability to ensure the security and reliability of its networks. Most of the existing efforts are quantitative, by nature, and limited solely to the networks and systems of the organization. It would be unfair to not acknowledge that for sure some progress has been achieved in the way that organizations, as a whole, are now positioning themselves to address the threats (GAO 2012). Unfortunately, so have the skill sets and resource levels improved for attackers--they are increasingly getting better at achieving the unwanted access to organizations' information assets. In large part the authors believe that some of this is due to the failure by methods to assess the overall vulnerability of the networks. In addition, significant levels of threats and vulnerabilities beyond organizations' networks and systems are not being given the level of attention that is warranted. In this paper, the authors propose a more comprehensive approach that enables an organization to more realistically assess its “cyber maturity” level in hope of better positioning itself to address existing and new cyber threats. The authors also propose the need to better understand another missing critical piece to the puzzle--the reliability and security of networks in terms of scientific risk-based metrics (e.g., the severity of individual vulnerabilities and overall vulnerability of the network). Their risk-based metrics focus on the probability of compromise due to a given vulnerability; employee non-adherence to company cyber-based policies; insider threats. They are: (1) built on the CVSS Base Score which is modified by developing weights derived from the Analytic Hierarchy Process (AHP) to make the overall score more representative of the impact the vulnerability has on the global infrastructure, and (2) rooted in repeatable quantitative characteristics (i.e., vulnerabilities) such as the sum of the probabilities that devices will be compromised via client-side or server-side attacks stemming from software or hardware vulnerabilities. The authors will demonstrate the feasibility of their method by applying their approach to a case study and highlighting the benefits and impediments which result.

scholarly journals Hechos ciberfísicos: una propuesta de análisis para ciberamenazas en las Estrategias Nacionales de Ciberseguridad/ Cyber-physical Facts: A Proposed Analysis for Cyber Threats in the National Cybersecurity Strategies

2019 ◽  
pp. 24-40
Author(s):  
Juan-Manuel Aguilar-Antonio
Keyword(s):  
Latin America ◽  
Comparative Analysis ◽  
National Security ◽  
Cyber Attacks ◽  
Cyber Threats ◽  
America Latina ◽  
Hybrid Regime ◽  
Physical Fact ◽  
Estudio De Caso

El artículo presenta la categoría de hechos ciberfísicos, una propuesta para el análisis y la delimitación de amenazas en el régimen híbrido del ciberespacio. Se propone la hipótesis de que América Latina, y en particular México, no comprenden en sus Estrategias Nacionales de Ciberseguridad (ENCS) la naturaleza de las ciberagresiones ni la posibilidad de que una crisis surgida en el ciberespacio salte al espacio físico o material. Para probarla se presenta el contexto de la ciberseguridad en la región y se realiza una crítica de la ENCS de México. Después se hace un análisis comparativo de cinco casos de interés y referencia entre los estudios de ciberseguridad, para introducir el concepto de hecho ciberfísico. Por último, se aplica la propuesta a un estudio de caso y se muestra su utilidad para las ENCS, así como su grado de impacto en la esfera de la seguridad pública y nacional.  Abstract The article introduces the category of cyber-physical facts, a proposal for the analysis and delimitation of threats in the hybrid regime of cyberspace. The research objective is to test the hypothesis that Latin America, and Mexico in particular, do not understand in their National Cybersecurity Strategies (NCSS) the nature of cyber-attacks, nor the possibility that a crisis arising in cyberspace will jump into the physical or material ground. To prove this, the context of cybersecurity in the region is presented and also a critique of the NCSS of Mexico. Then, the article makes a comparative analysis of five cases of interest and reference in cybersecurity studies to introduce the concept of cyber-physical fact. Finally, this proposal is applied to a case study, and its usefulness to the NCSS is shown, as well as its degree of impact in the sphere of public and national security.

The Next Generation of Scientific-Based Risk Metrics

2020 ◽  
pp. 1687-1697
Author(s):  
Lanier Watkins ◽  
John S. Hurley
Keyword(s):  
Analytic Hierarchy ◽  
Skill Sets ◽  
Server Side ◽  
Cyber Threats ◽  
Security And Reliability ◽  
Resource Levels ◽  
Client Side ◽  
The Impact ◽  
Hierarchy Process

One of the major challenges to an organization achieving a certain level of preparedness to “effectively” combat existing and future cyber threats and vulnerabilities is its ability to ensure the security and reliability of its networks. Most of the existing efforts are quantitative, by nature, and limited solely to the networks and systems of the organization. It would be unfair to not acknowledge that for sure some progress has been achieved in the way that organizations, as a whole, are now positioning themselves to address the threats (GAO 2012). Unfortunately, so have the skill sets and resource levels improved for attackers--they are increasingly getting better at achieving the unwanted access to organizations' information assets. In large part the authors believe that some of this is due to the failure by methods to assess the overall vulnerability of the networks. In addition, significant levels of threats and vulnerabilities beyond organizations' networks and systems are not being given the level of attention that is warranted. In this paper, the authors propose a more comprehensive approach that enables an organization to more realistically assess its “cyber maturity” level in hope of better positioning itself to address existing and new cyber threats. The authors also propose the need to better understand another missing critical piece to the puzzle--the reliability and security of networks in terms of scientific risk-based metrics (e.g., the severity of individual vulnerabilities and overall vulnerability of the network). Their risk-based metrics focus on the probability of compromise due to a given vulnerability; employee non-adherence to company cyber-based policies; insider threats. They are: (1) built on the CVSS Base Score which is modified by developing weights derived from the Analytic Hierarchy Process (AHP) to make the overall score more representative of the impact the vulnerability has on the global infrastructure, and (2) rooted in repeatable quantitative characteristics (i.e., vulnerabilities) such as the sum of the probabilities that devices will be compromised via client-side or server-side attacks stemming from software or hardware vulnerabilities. The authors will demonstrate the feasibility of their method by applying their approach to a case study and highlighting the benefits and impediments which result.

The Cyberethics, Cybersafety, and Cybersecurity at Schools

2020 ◽  
pp. 1395-1412
Author(s):  
Irene L. Chen ◽  
Libi Shen
Keyword(s):  
School Districts ◽  
The Internet ◽  
Teenage Girl ◽  
Confidential Information ◽  
Study Approach ◽  
Cyber Threats ◽  
E Mail ◽  
National Infrastructure ◽  
Shed Light

The 2006 Megan Meier case, where a teenage girl who was bullied on the Internet through e-mail and Myspace which was said to ultimately lead to her suicide, shed light on the cyber bullying issue in schools. This article uses a case study approach to describe how a number of school institutes were grappling with the loss of confidential information and protecting students on the WWW, each through a unique set of circumstances. It will reveal potential reactions of the institutions and possible ways to deal with the cyber threats. With experiences, school districts take measures to offer value education by improving students' knowledge and awareness of Cyberethics, Cybersafety, and Cybersecurity (C3) concepts to provide them with the means to protect themselves, and to enhance the safety and security of national infrastructure.

scholarly journals Analýza bezpečnostní politiky během Mistrovství světa ve fotbale 2014 v Brazílii

2015 ◽  
Vol 9 (2) ◽  
pp. 29-45
Author(s):  
Jakub Šiman ◽  
Josef Smolík
Keyword(s):  
Security Policy ◽  
Health Hazards ◽  
Actual Process ◽  
Security Risks ◽  
World Cup ◽  
Cyber Threats ◽  
Social Protests ◽  
Spectator Violence

The case study analyzes the security policy of FIFA 2014 World Cup in Brazil. This study aims to present the greatest risks associated with organizing events of such magnitude and analyze strategic Brazils approach to ensure security during the championship. Among the biggest security risks of the championship were classified areas as terrorism, crime, social protests, spectator violence and hooliganism, cyber threats and health hazards. The paper also focuses on the actual process of championships and the consequences which brought about.

Sign in / Sign up

Export Citation Format

Share Document