scholarly journals CYBER RISKS IN THE MUNICIPAL ECONOMY DURING THE PANDEMIC: DAMAGES AND THE STRUGGLE FOR CYBER SECURITY

2020 ◽  
Vol 3 (156) ◽  
pp. 80-87
Author(s):  
M. Vasilenko ◽  
O. Kozin ◽  
M. Kozina ◽  
V. Rachuk
Keyword(s):  
Cyber Security ◽  
Integrated Approach ◽  
Cyber Attacks ◽  
Remote Work ◽  
Public Authorities ◽  
Systematic Analysis ◽  
Preservation Of Evidence ◽  
Cyber Risk ◽  
The Impact ◽  
Municipal Economy

As a result of remote control and automation, the urban infrastructure becomes extremely vulnerable to intrusions, attacks, human errors, accidents that are growing. Due to the concentration of local and global computer networks, systems and software, the “cyber risk” of the municipal economy is multiplicative, which makes it systemic and international. Its essence is manifested both at the national and global levels through the impact on business, municipal and state authorities. Today, the existing pandemic contributes to an increase in the number of cyberattacks, which indicates an even greater cyber vulnerability of municipal administrations and public authorities. Coronavirus COVID-19 has become a tool for hacker attacks on users and enterprises. The purpose of the article is to determine, based on a systematic analysis of the new cyber risks of the municipal economy that arose during the pandemic, to formulate our own views on the classification and methods of counteracting municipal organizations and enterprises. According to experts, since the beginning of this year, thousands of domains associated with coronavirus have been registered in the world. This number also includes sites of various hacker groups that offer information about coronavirus, masks, or quick treatment methods. In fact, these phishing sites are used by hackers to extort money or steal confidential, as well as commercial information. The main types of attacks that increase the threat and actually create a "cyber infection" are noted. Based on the material of this article and the experience of the authors, measures are proposed that ensure the safety of municipal enterprises, which should be carried out in the first place. Strict measures in IT management during a crisis are also recognized as undeniable and necessary. Such as help from cyber experts and help for cyber experts; preservation of evidence of intrusion, staff training, accumulation of experience to accelerate progress in work. Remote work during a pandemic can make it difficult for IT staff to monitor cyber risks, since many of these risks go beyond the financial or technical capabilities of municipalities. Therefore, based on these proposals for the safety of municipal enterprises, an integrated approach to cyber risks is proposed, including an emergency response plan. Based on international experience, the possibility of insuring municipal enterprises and organizations against potential losses associated with cyber attacks by hackers, as well as to eliminate the consequences of these attacks, is also noted. Keywords: cyber-security, cyber-risk, municipal economy, “phishing”, pandemic, Covid-19

scholarly journals Design of a dynamic and self-adapting system, supported with artificial intelligence, machine learning and real-time intelligence for predictive cyber risk analytics in extreme environments – cyber risk in the colonisation of Mars

2021 ◽  
Author(s):  
Petar Radanliev ◽  
David De Roure ◽  
Kevin Page ◽  
Max Van Kleek ◽  
Omar Santos ◽  
...  
Keyword(s):  
Artificial Intelligence ◽  
Machine Learning ◽  
Real Time ◽  
Cyber Security ◽  
Extreme Environments ◽  
Learning Technologies ◽  
Cyber Attacks ◽  
Edge Computing ◽  
Mathematical Formulas ◽  
Cyber Risk

AbstractMultiple governmental agencies and private organisations have made commitments for the colonisation of Mars. Such colonisation requires complex systems and infrastructure that could be very costly to repair or replace in cases of cyber-attacks. This paper surveys deep learning algorithms, IoT cyber security and risk models, and established mathematical formulas to identify the best approach for developing a dynamic and self-adapting system for predictive cyber risk analytics supported with Artificial Intelligence and Machine Learning and real-time intelligence in edge computing. The paper presents a new mathematical approach for integrating concepts for cognition engine design, edge computing and Artificial Intelligence and Machine Learning to automate anomaly detection. This engine instigates a step change by applying Artificial Intelligence and Machine Learning embedded at the edge of IoT networks, to deliver safe and functional real-time intelligence for predictive cyber risk analytics. This will enhance capacities for risk analytics and assists in the creation of a comprehensive and systematic understanding of the opportunities and threats that arise when edge computing nodes are deployed, and when Artificial Intelligence and Machine Learning technologies are migrated to the periphery of the internet and into local IoT networks.

scholarly journals Cyber operational risk scenarios for insurance companies

2019 ◽  
Vol 24 ◽  
Author(s):  
R. Egan ◽  
S. Cartagena ◽  
R. Mohamed ◽  
V. Gosrani ◽  
J. Grewal ◽  
...  
Keyword(s):  
Cyber Security ◽  
Operational Risk ◽  
Social Engineering ◽  
Insurance Companies ◽  
List Type ◽  
Operational Risks ◽  
Life Insurer ◽  
Cyber Risk ◽  
The Impact ◽  
Over Time

AbstractCyber Operational Risk: Cyber risk is routinely cited as one of the most important sources of operational risks facing organisations today, in various publications and surveys. Further, in recent years, cyber risk has entered the public conscience through highly publicised events involving affected UK organisations such as TalkTalk, Morrisons and the NHS. Regulators and legislators are increasing their focus on this topic, with General Data Protection Regulation (“GDPR”) a notable example of this. Risk actuaries and other risk management professionals at insurance companies therefore need to have a robust assessment of the potential losses stemming from cyber risk that their organisations may face. They should be able to do this as part of an overall risk management framework and be able to demonstrate this to stakeholders such as regulators and shareholders. Given that cyber risks are still very much new territory for insurers and there is no commonly accepted practice, this paper describes a proposed framework in which to perform such an assessment. As part of this, we leverage two existing frameworks – the Chief Risk Officer (“CRO”) Forum cyber incident taxonomy, and the National Institute of Standards and Technology (“NIST”) framework – to describe the taxonomy of a cyber incident, and the relevant cyber security and risk mitigation items for the incident in question, respectively.Summary of Results: Three detailed scenarios have been investigated by the working party:∙Employee leaks data at a general (non-life) insurer: Internal attack through social engineering, causing large compensation costs and regulatory fines, driving a 1 in 200 loss of £210.5m (c. 2% of annual revenue).∙Cyber extortion at a life insurer: External attack through social engineering, causing large business interruption and reputational damage, driving a 1 in 200 loss of £179.5m (c. 6% of annual revenue).∙Motor insurer telematics device hack: External attack through software vulnerabilities, causing large remediation / device replacement costs, driving a 1 in 200 loss of £70.0m (c. 18% of annual revenue).Limitations: The following sets out key limitations of the work set out in this paper:∙While the presented scenarios are deemed material at this point in time, the threat landscape moves fast and could render specific narratives and calibrations obsolete within a short-time frame.∙There is a lack of historical data to base certain scenarios on and therefore a high level of subjectivity is used to calibrate them.∙No attempt has been made to make an allowance for seasonality of renewals (a cyber event coinciding with peak renewal season could exacerbate cost impacts)∙No consideration has been given to the impact of the event on the share price of the company.∙Correlation with other risk types has not been explicitly considered.Conclusions: Cyber risk is a very real threat and should not be ignored or treated lightly in operational risk frameworks, as it has the potential to threaten the ongoing viability of an organisation. Risk managers and capital actuaries should be aware of the various sources of cyber risk and the potential impacts to ensure that the business is sufficiently prepared for such an event. When it comes to quantifying the impact of cyber risk on the operations of an insurer there are significant challenges. Not least that the threat landscape is ever changing and there is a lack of historical experience to base assumptions off. Given this uncertainty, this paper sets out a framework upon which readers can bring consistency to the way scenarios are developed over time. It provides a common taxonomy to ensure that key aspects of cyber risk are considered and sets out examples of how to implement the framework. It is critical that insurers endeavour to understand cyber risk better and look to refine assumptions over time as new information is received. In addition to ensuring that sufficient capital is being held for key operational risks, the investment in understanding cyber risk now will help to educate senior management and could have benefits through influencing internal cyber security capabilities.

scholarly journals Fuzzy-Based Symmetrical Multi-Criteria Decision-Making Procedure for Evaluating the Impact of Harmful Factors of Healthcare Information Security

Symmetry ◽  
2020 ◽  
Vol 12 (4) ◽  
pp. 664 ◽  
Author(s):  
Rajeev Kumar ◽  
Abhishek Kumar Pandey ◽  
Abdullah Baz ◽  
Hosam Alhakami ◽  
Wajdi Alhakami ◽  
...  
Keyword(s):  
Decision Making ◽  
Information Security ◽  
Information Management ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Multi Criteria Decision Making ◽  
Local Hospital ◽  
Healthcare Information ◽  
Security Breaches ◽  
The Impact

Growing concern about healthcare information security in the wake of alarmingly rising cyber-attacks is being given symmetrical priority by current researchers and cyber security experts. Intruders are penetrating symmetrical mechanisms of healthcare information security continuously. In the same league, the paper presents an overview on the current situation of healthcare information and presents a layered model of healthcare information management in organizations. The paper also evaluates the various factors that have a key contribution in healthcare information security breaches through a hybrid fuzzy-based symmetrical methodology of AHP-TOPSIS. Furthermore, for assessing the effect of the calculated results, the authors have tested the results on local hospital software of Varanasi. Tested results of the factors are validated through the comparison and sensitivity analysis in this study. Tabulated results of the proposed study propose a symmetrical mechanism as the most conversant technique which can be employed by the experts and researchers for preparing security guidelines and strategies.

scholarly journals Legal procuring of international information/cyber security of the digital economy: economic and legal aspects

E-Management ◽  
2019 ◽  
pp. 61-66
Author(s):  
L. O. Gontar’
Keyword(s):  
European Union ◽  
Cyber Security ◽  
Law And Economics ◽  
Integrated Approach ◽  
Legal Regulation ◽  
Legal Aspects ◽  
Digital Economy ◽  
Substantial Part ◽  
The European Union ◽  
The Impact

The article considers a problem of the definition of the digital economy, as well as presents a new theme on the legal procuring of international cyber security. The above mentioned new direction serves as an indicator of possible interdisciplinary research in the field of law and economics in the sphere of digital processes. As a justification the acts of the European Union have been adduced and their characteristic features, which consist in consideration of a substantial part of digital economy (economic party) have been allocated. This integration association has a unique structure and history, but the process of regulating the digital economy in the European Union began not so long ago. The European Union is one of the few integration associations that has started to work on improving the mechanisms of legal regulation of the digital market. This circumstance certainly affects the development of an integrated approach to the understanding of the digital economy, as well as further actualizes the issue of considering the legal procuring of international cyber security of this phenomenon. Legal procuring of security is a new direction in the international legal field, which will allow to consider the legal aspects in demand in the digital economy. The challenges in relation to international cyber security and the impact of the conceptual apparatus on the issues of the legal procuring of the security of the digital economy have been considered. It is important to note that the article suggests possible solutions to the problem posed. At the end of the article three proposals for improving approaches to the security of the digital economy have been elaborated. In terms of their qualitative characteristics, the proposals, undoubtedly, relate to legal and technical aspects, but also solutions regarding the conceptual component of the legal procuring of the security have been presented.

scholarly journals Creating and Implementing an Effective and Deterrent National Cyber Security Strategy

2020 ◽  
Vol 2020 ◽  
pp. 1-19
Author(s):  
Mustafa Senol ◽  
Ertugrul Karacuha
Keyword(s):  
Cyber Security ◽  
Integrated Approach ◽  
Basic Structure ◽  
Management Control ◽  
Cyber Attacks ◽  
Security Strategy ◽  
Security Issues ◽  
New Concepts ◽  
National Power ◽  
High Degree

This paper presents a new national cyber security strategy (NCSS) covering the deterrence perspective from creation to implementation. With the aim of responding to and ensuring cyber security effectively, studies on which pathways should be followed and what methods should be used to develop, create, and implement a NCSS are being conducted in Turkey, as in all countries. In this context, by explaining the importance of cyber power, the need for cyber power to be considered as one of the elements of national power and the importance of providing security against cyber attacks with deterrence by cyber power are discussed, while a new and integrated approach for the creation and implementation of a NCSS and an authoritarian organizational structure responsible for this strategy is proposed. It can be concluded that the proposed effective and deterrent NCSS model and approaches might help to efficiently and effectively handle these issues for better management, control, and auditing for cyber security issues; provide new concepts for cyber security issues supported by cyber power and deterrence on this issue in the world; introduce integrated approach to cyber security strategies and policies on the stages of developing and implementing a NCSS; bring a number of issues to support cyber security and defence in different perspectives; and achieve a high degree of success, especially in terms of effectiveness and existing deterrence strategies and action plans of basic structure, with the proposed approach. Finally, it is expected that the proposed strategy, steps, and suggestions might help to improve cyber security issues and national strategies in near future to secure national assessment more than ever with a powerful concept of deterrence. In addition, this approach, which has been put forward for effective implementation of cyber security by ensuring better management, control, and supervision, can be easily used by all other countries.

scholarly journals BIM-enabled facilities management (FM): a scrutiny of risks resulting from cyber attacks

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Nikdokht Ghadiminia ◽  
Mohammad Mayouf ◽  
Sharon Cox ◽  
Jan Krasniewicz
Keyword(s):  
Cyber Attacks ◽  
Future Research ◽  
Facilities Management ◽  
Cyber Attack ◽  
Risk Matrix ◽  
Content Type ◽  
Golden Thread ◽  
Building Information ◽  
Cyber Risk ◽  
The Impact

Purpose Building information modelling (BIM) creates a golden thread of information of the facility, which proves useful to those with the malicious intent of breaching the security of the facility. A cyber-attack incurs adverse implications for the facility and its managing organisation. Hence, this paper aims to unravel the impact of a cybersecurity breach, by developing a BIM-facilities management (FM) cybersecurity-risk-matrix to portray what a cybersecurity attack means for various working areas of FM. Design/methodology/approach This study commenced with exploring cybersecurity within various stages of a BIM project. This showcased a heightened risk of cybersecurity at the post-occupancy phase. Hence, thematic analysis of two main domains of BIM-FM and cybersecurity in the built environment led to the development of a matrix that illustrated the impact of a cybersecurity attack on a BIM-FM organisation. Findings Findings show that the existing approaches to the management of cybersecurity in BIM-FM are technology-dependent, resulting in an over-reliance on technology and a lack of cybersecurity awareness of aspects related to people and processes. This study sheds light on the criticality of cyber-risk at the post-occupancy phase, highlighting the FM areas which will be compromised as a result of a cyber-attack. Originality/value This study seeks to shift focus to the people and process aspects of cybersecurity in BIM-FM. Through discussing the interconnections between the physical and digital assets of a built facility, this study develops a cyber-risk matrix, which acts as a foundation for empirical investigations of the matter in future research.

Mini Special Issue on Cyber Security

2017 ◽  
Vol 12 (5) ◽  
pp. 1039-1039
Author(s):  
Kenji Watanabe
Keyword(s):  
Cyber Security ◽  
Urban Areas ◽  
National Level ◽  
Cyber Attacks ◽  
Organizational Response ◽  
Special Issue ◽  
Valuable Contribution ◽  
Daily Lives ◽  
Professional Advice ◽  
The Impact

As our daily lives and socioeconomic activities have increasingly come to depend on information systems and networks, the impact of disruptions to these systems and networks have also become more complex and diversified. In urban areas, where people, goods, money, and information are highly concentrated, the possibility of chain failures and confusion beyond our expectations and experience is especially high. The vulnerabilities in our systems and networks on have become the targets of cyber attacks, which have come to cause socioeconomic problems with increasing likelihood. To counter these attacks, technological countermeasures alone are insufficient, and countermeasures such as the development of professional skills and organizational response capabilities as well as the implementation of cyber security schemes based on public-private partnerships (PPP) at the national level must be carried out as soon as possible. In this JDR mini special issue on Cyber Security, I have tried to expand the scope of traditional cyber security discussions with mainly technological aspects. I have also succeeded in including non-technological aspects to provide feasible measures that will help us to prepare for, respond to, and recover from socioeconomic damage caused by advancing cyber attacks. Finally, I am truly grateful for the authors’ insightful contributions and the referees’ acute professional advice, which together make this JDR mini special issue a valuable contribution to making our society more resilient to incoming cyber attacks.

scholarly journals RISK MANAGEMENT IN THE FINANCIAL SECTOR OF UKRAINE IN THE CONTEXT OF CYBER THREATS AND POST-PANDEMIC ECONOMIC RECOVERY

2021 ◽  
pp. 19-27
Author(s):  
Nazar Demchyshak ◽  
Anastasiia Shkyria
Keyword(s):  
Risk Management ◽  
National Security ◽  
Cyber Security ◽  
Financial Sector ◽  
Cyber Attacks ◽  
Cyber Threats ◽  
The World ◽  
Cyber Threat ◽  
Security Index ◽  
Cyber Risk

Purpose. The aim of the article is substantiation of approaches of domestic and foreign scientists to risk management in the financial sector of Ukraine in the context of cyber threats and the need to ensure national security and post-pandemic economic recovery. Methodology of research. General scientific and special methods of scientific research are used in the article, in particular: induction, deduction, scientific abstraction - to reveal the essence of the concepts of "cyber threat", “cyber security" and "digitalization"; statistical and graphical methods - to assess the current situation in the field of cyber defence in the world and the national cyber security index; methods of analysis and synthesis - in substantiating the conclusions of the research. Finding. Definitions of cyber risk, approaches to its interpretation and classification were considered. The importance of cyber security in the digitalization of the national economy was argued. The Strategy of Ukrainian Financial Sector Development until 2025 is analysed. The world statistics of frequency and losses due to cyber-attacks are studied and the cyber threats that caused the greatest losses in Ukraine are identified. The analysis of Ukraine’s positions in the National Cyber Security Index 2020 is carried out. The directions of cyber threat prevention that can be useful for Ukrainian companies are substantiated. Originality. The author’s definition of the term "cyber risk" is proposed, in which special attention in focused on the effects of cyber threats. The importance of cyber risk management in the conditions of inevitability of digitalization in the financial sector of Ukraine is substantiated. Approaches to the prevention of cyber-attacks, the implementation of which is necessary for the successful digital transformation of Ukraine, are proposed. Practical value. The results of the research will contribute to the formation of an effective risk management system in the financial sector of Ukraine in terms of digitalization of the financial space and post-pandemic recovery of the national economy. Key words: national security, cyber risk, cyber threat, cyber defence, digitalization, post-pandemic recovery, fintech.

scholarly journals Statistical Indicators of Cybersecurity Development in the Context of Digital Transformation of Economy and Society

2021 ◽  
Vol 17 (3) ◽  
pp. 3-13
Author(s):  
Antonina Yerina ◽  
Ihor Honchar ◽  
Svitlana Zaiets
Keyword(s):  
Cyber Security ◽  
Communication Systems ◽  
Large Scale ◽  
Digital Transformation ◽  
Cyber Attacks ◽  
Cyber Threats ◽  
Level Of Economic Development ◽  
Information And Communication ◽  
High Level ◽  
Cyber Risk

Introduction. The scale and destructive consequences of the unlawful impact on cyberspace is a key problem of modern geopolitics, and cyber reliability is recognized as one of the most important security priorities by the subjects of international relations.Problem Statement. Monitoring of cyber incidents and anomalies in information and communication systems and prompt response to risks determined by cyber threats require the development of a system of indicators and criteria for cybersecurity assessment.Purpose. Summarize the international experience of assessing the cybersecurity, to position countries by their level of development in the global space, to identify strengths and weaknesses in cybersecurity management, and to ensure effective protection of cyberspace at the national level.Materials and Methods. Used the component indices of the international rankings characterizing the potential of the digital economy (ICT IDI, NRI, EGDI) and the participation of countries in the field of cybersecurity(GCI and NCSI).Results. It has been argued that cybersecurity ratings play the role of a kind of identifier of the relative advantages and vulnerabilities of the national cyber strategies, and indicate the need for their review in order tostrengthen protection against cyber-attacks and improve the cyber risk management system. In countries with a high level of economic development, which is largely based on the contribution of IT technologies to the national production, the cybersecurity potential is significantly higher, regardless of geolocation. The discovered correlation between GCI, information society development indices (IDI, NRI, EGDI) and GDPper capita confirms that the digital transformation of the economy and society acts as a key driver of economicdevelopment if the information- and cyber-security are assured only. The best practices are highlighted, andcritically weak segments of the national cybersecurity are identified.Conclusions. Using the NCSI indicators, the preparedness of Georgia and Ukraine to prevent the implementation of fundamental cyber threats and to manage cyber incidents and large-scale cyber crises is assessed.

scholarly journals Cybersecurity post-COVID-19: Lessons learned and policy recommendations

European View ◽  
2021 ◽  
pp. 178168582110592
Author(s):  
Iva Tasheva
Keyword(s):  
Critical Infrastructure ◽  
Service Providers ◽  
Innovation Policy ◽  
Cyber Attacks ◽  
Lessons Learned ◽  
Remote Work ◽  
Research And Innovation ◽  
Novel Coronavirus ◽  
The Impact ◽  
The Eu

This article looks at the impact of the novel coronavirus crisis and increased remote work on cybersecurity and the priorities for EU action. Actions should include improving the cybersecurity of businesses, critical infrastructure and users, and creating an EU cybersecurity industry. As more and more aspects of our lives happen online, we are becoming more vulnerable to malicious attacks. This was demonstrated in 2020 when cyber-attacks increasingly disrupted the work of hospitals, service providers, government services and businesses across the globe. The frequency and scale of the attacks created a sense of urgency to improve our cybersecurity resilience. This article argues that the EU should reap the benefits of cybersecurity by pursuing a more ambitious cybersecurity agenda and putting EU values at the core of its approach. It also calls for cybersecurity to be included in all EU pillars, including the EU industrial research and innovation policy, as well as in EU investment plans and diplomatic strategy.

Sign in / Sign up

Export Citation Format

Share Document