scholarly journals Current issues of cyber threat risk assessment: analysis of foreign experience

2021 ◽  
pp. 106-112
Author(s):  
O. РАNСНENKO
Keyword(s):  
Risk Assessment ◽  
Cyber Security ◽  
Threat Assessment ◽  
Security Strategy ◽  
Basic Principles ◽  
Assessment Systems ◽  
Cyber Threat ◽  
Multi Level ◽  
National Systems ◽  
Local Levels

The article considers topical issues of cyber threat risk assessment. It contains an analysis of the Law “On Basic Principles for providing of Cyber Security of Ukraine”, the Cyber Security Strategy of Ukraine and other legislative acts for providing on cyber security. The main approaches to determining the assessment of cyber threats are considered. The best examples of foreign practice of cyber threat risk assessment are analyzed, the most effective national systems of their assessment are revealed. It is concluded that multi-level risk and threat assessment systems are most effective when the relevant analysis is conducted at both the national and regional and/or local levels.

scholarly journals European experience of strengthening cyber security capacities in modern conditions

2021 ◽  
pp. 106-113
Author(s):  
O. KUZNIETSOV
Keyword(s):  
Cyber Security ◽  
Digital Transformation ◽  
Security Strategy ◽  
Basic Principles ◽  
European Legislation ◽  
European Experience ◽  
Legal Mechanism ◽  
The Eu

The novelties of the European legislation in the sphere of cybersecurity are reviewed. Prospects for digitalization in the EU are summarized. The provisions of the EU Cyber Security Strategy for 2021 – 2027 and the Digital Compass Roadmap are considered. Basic principles and priorities of a common European digital policy are defined. The strategy targets and avenues for a successful digital transformation of Europe by 2030 are detailed. The organizational and legal mechanism for introducing the cyber sanctions regime in the EU has been revealed. The directions of the cooperation between Ukraine and EU in the sphere of cybersecurity are identified.

scholarly journals Cyber Threat Actors for the Factory of the Future

2020 ◽  
Vol 10 (12) ◽  
pp. 4334
Author(s):  
Mirko Sailio ◽  
Outi-Marja Latvala ◽  
Alexander Szanto
Keyword(s):  
Risk Assessment ◽  
Cyber Security ◽  
Security Management ◽  
Research Gaps ◽  
Security Risks ◽  
Management Level ◽  
Industrial Espionage ◽  
The Future ◽  
Cyber Threat ◽  
Factory Of The Future

The increasing degree of connectivity in factory of the future (FoF) environments, with systems that were never designed for a networked environment in terms of their technical security nature, is accompanied by a number of security risks that must be considered. This leads to the necessity of relying on risk assessment-based approaches to reach a sufficiently mature cyber security management level. However, the lack of common definitions of cyber threat actors (CTA) poses challenges in untested environments such as the FoF. This paper analyses policy papers and reports from expert organizations to identify common definitions of CTAs. A significant consensus exists only on two common CTAs, while other CTAs are often either ignored or overestimated in their importance. The identified motivations of CTAs are contrasted with the specific characteristics of FoF environments to determine the most likely CTAs targeting FoF environments. Special emphasis is given to corporate competitors, as FoF environments probably provide better opportunities than ever for industrial espionage if they are not sufficiently secured. In this context, the study aims to draw attention to the research gaps in this area.

scholarly journals Contextualized Filtering for Shared Cyber Threat Information

Sensors ◽  
2021 ◽  
Vol 21 (14) ◽  
pp. 4890
Author(s):  
Athanasios Dimitriadis ◽  
Christos Prassas ◽  
Jose Luis Flores ◽  
Boonserm Kulvatunyou ◽  
Nenad Ivezic ◽  
...  
Keyword(s):  
Information Sharing ◽  
Business Processes ◽  
State Of The Art ◽  
Contextual Information ◽  
Coarse Grained ◽  
Business Information ◽  
Cyber Threat ◽  
Domain Expertise ◽  
Multi Level ◽  
Filtering Approach

Cyber threat information sharing is an imperative process towards achieving collaborative security, but it poses several challenges. One crucial challenge is the plethora of shared threat information. Therefore, there is a need to advance filtering of such information. While the state-of-the-art in filtering relies primarily on keyword- and domain-based searching, these approaches require sizable human involvement and rarely available domain expertise. Recent research revealed the need for harvesting of business information to fill the gap in filtering, albeit it resulted in providing coarse-grained filtering based on the utilization of such information. This paper presents a novel contextualized filtering approach that exploits standardized and multi-level contextual information of business processes. The contextual information describes the conditions under which a given threat information is actionable from an organization perspective. Therefore, it can automate filtering by measuring the equivalence between the context of the shared threat information and the context of the consuming organization. The paper directly contributes to filtering challenge and indirectly to automated customized threat information sharing. Moreover, the paper proposes the architecture of a cyber threat information sharing ecosystem that operates according to the proposed filtering approach and defines the characteristics that are advantageous to filtering approaches. Implementation of the proposed approach can support compliance with the Special Publication 800-150 of the National Institute of Standards and Technology.

Hacking humanitarians: Defining the cyber perimeter and developing a cyber security strategy for international humanitarian organizations in digital transformation

2020 ◽  
Vol 102 (913) ◽  
pp. 367-387
Author(s):  
Massimo Marelli
Keyword(s):  
Cyber Security ◽  
Armed Conflict ◽  
New Technologies ◽  
International Committee ◽  
Digital Transformation ◽  
Red Cross ◽  
Digital Environment ◽  
Security Strategy ◽  
Humanitarian Action ◽  
Humanitarian Organizations

AbstractDigitalization and new technologies have an increasingly important role in today's humanitarian activities. As humanitarian organizations become more active in and reliant on new and digital technologies, they evolve from being simple bystanders to being fully fledged stakeholders in cyberspace, vulnerable to adverse cyber operations that could impact on their capacity to protect and assist people affected by armed conflict or other situations of violence.This shift makes it essential for humanitarian organizations to understand and properly map their resulting cyber perimeter. Humanitarian organizations can protect themselves and their activities by devising appropriate cyber strategies for the digital environment. Clearly defining the digital boundaries within which they carry out operations lays the groundwork for humanitarian organizations to develop a strategy to support and protect humanitarian action in the digital environment, channel available resources to where they are most needed, and understand the areas in which their operational dialogue and working modalities need to be adapted for cyberspace.The purpose of this article is to identify the unique problems facing international humanitarian organizations operating in cyberspace and to suggest ways to address them. More specifically, the article identifies the key elements that an international humanitarian organization should consider in developing a cyber security strategy. Throughout, the International Committee of the Red Cross and its specificities are used as an example to illustrate the problems identified and the possible ways to address them.

Wargaming in Cyber Security Education and Awareness Training

2019 ◽  
Vol 8 (1) ◽  
pp. 35-38
Author(s):  
Andreas HAGGMAN
Keyword(s):  
Cyber Security ◽  
Learning Opportunities ◽  
Learning Tools ◽  
Security Strategy ◽  
Powerful Learning ◽  
Security Training ◽  
Core Concepts ◽  
Education And Awareness ◽  
The Uk ◽  
High Engagement

This paper introduces readers to core concepts around cyber wargaming. Wargames can be powerful learning tools, but few wargames exist to teach players about cyber security. By way of highlighting possibilities in this space, the author has developed an original educational tabletop wargame based on the UK National Cyber Security Strategy and deployed the game to a variety of organisations to determine its pedagogic efficacy. Overall, it is found that the game was effective in generating high-engagement participation and clear learning opportunities. Furthermore, there are design lessons to be learned from existing games for those seeking to use wargames for cyber security training and education.

Sign in / Sign up

Export Citation Format

Share Document