A Comparative Study in Israel and Slovenia Regarding the Awareness, Knowledge, and Behavior Regarding Cyber Security

With the COVID-19 pandemic, many organizations and institutions moved to e-learning and to e-working from home. With the increase in internet usage, the rate of cyber-attacks have also increased, and this was followed by the request for more cyber security behaviors from employees and students. In the current study, the authors explore the connection between cyber security awareness, cyber knowledge, and cyber security behavior. The authors measured the behaviors among students in two similar countries: Israel and Slovenia. Results show that students felt they had adequate awareness on cyber threat but apply only a few protective measures to protect their devices, usually relatively common and simple ones. The study findings also show that awareness to cyber threats mediate the connection between knowledge and protection behaviors, but only in the case that the knowledge is specific with regard to IT protection courses. Results, implications, and recommendations for effective cyber security training programs for organizations and academic institutions are presented and discussed.

Download Full-text

Cyber Attacks on Critical Infrastructure

Civil and Environmental Engineering ◽

10.4018/978-1-4666-9619-8.ch018 ◽

2016 ◽

pp. 448-465

Author(s):

Ana Kovacevic ◽

Dragana Nikolic

Keyword(s):

Control Systems ◽

Cyber Security ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Cyber Attack ◽

Future Directions ◽

Infrastructure Systems ◽

Cyber Threats ◽

Scada Systems ◽

Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Download Full-text

Cybersecurity Policy and Its Implementation in Indonesia

Journal of ASEAN Studies ◽

10.21512/jas.v4i1.967 ◽

2016 ◽

Vol 4 (1) ◽

pp. 61 ◽

Cited By ~ 1

Author(s):

Muhamad Rizal ◽

Yanyan Yani

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

The State ◽

Nation State ◽

Counter Measures ◽

Cyber Threats ◽

Unitary State ◽

The Republic ◽

The Government ◽

State Defense

The purpose of state defense is to protect and to save the integrity of the Unitary State of the Republic of Indonesia, the sovereignty of the state, as well as its security from all kinds of threats, whether they are military or non-military ones. One of the non-military threats that potentially threatens the sovereignty and security of the nation-state is the misuse of technology and information in cyberspace. The threat of irresponsible cyber attacks can be initiated by both state and non-state actors. The actors may be an individual, a group of people, a faction, an organization, or even a country. Therefore, the government needs to anticipate cyber threats by formulating cyber security strategies and determining comprehensive steps to defend against cyber attacks; its types and the scale of counter-measures, as well as devising the rules of law.

Download Full-text

Cyber Attacks on Critical Infrastructure

Advances in Digital Crime, Forensics, and Cyber Terrorism - Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance ◽

10.4018/978-1-4666-6324-4.ch001 ◽

2015 ◽

pp. 1-18 ◽

Cited By ~ 1

Author(s):

Ana Kovacevic ◽

Dragana Nikolic

Keyword(s):

Control Systems ◽

Cyber Security ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Cyber Attack ◽

Future Directions ◽

Infrastructure Systems ◽

Cyber Threats ◽

Scada Systems ◽

Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Download Full-text

Cyber Security Assessment of NPP I&C Systems

Cyber Security and Safety of Nuclear Power Plant Instrumentation and Control Systems - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3277-5.ch009 ◽

2020 ◽

pp. 221-238

Author(s):

Oleksandr Klevtsov ◽

Artem Symonov ◽

Serhii Trubchaninov

Keyword(s):

Control Systems ◽

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Cyber Attacks ◽

Security Assessment ◽

Nuclear Facilities ◽

Security Risks ◽

Cyber Threats ◽

And Control

The chapter is devoted to the issues of cyber security assessment of instrumentation and control systems (I&C systems) of nuclear power plants (NPP). The authors examined the main types of potential cyber threats at the stages of development and operation of NPP I&C systems. Examples of real incidents at various nuclear facilities caused by intentional cyber-attacks or unintentional computer errors during the maintenance of the software of NPP I&C systems are given. The approaches to vulnerabilities assessment of NPP I&C systems are described. The scope and content of the assessment and periodic reassessment of cyber security of NPP I&C systems are considered. An approach of assessment to cyber security risks is described.

Download Full-text

Artificial Intelligence-Based Solutions for Cyber Security Problems

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Artificial Intelligence Paradigms for Smart Cyber-Physical Systems ◽

10.4018/978-1-7998-5101-1.ch004 ◽

2021 ◽

pp. 68-86

Author(s):

Merve Yildirim

Keyword(s):

Artificial Intelligence ◽

Cyber Security ◽

Cyber Attacks ◽

Network Systems ◽

Security Systems ◽

Artificial Intelligence Techniques ◽

Security Issues ◽

Security Applications ◽

Cyber Threats ◽

Legal Risks

Due to its nature, cyber security is one of the fields that can benefit most from the techniques of artificial intelligence (AI). Under normal circumstances, it is difficult to write software to defend against cyber-attacks that are constantly developing and strengthening in network systems. By applying artificial intelligence techniques, software that can detect attacks and take precautions can be developed. In cases where traditional security systems are inadequate and slow, security applications developed with artificial intelligence techniques can provide better security against many complex cyber threats. Apart from being a good solution for cyber security problems, it also brings usage problems, legal risks, and concerns. This study focuses on how AI can help solve cyber security issues while discussing artificial intelligence threats and risks. This study also aims to present several AI-based techniques and to explain what these techniques can provide to solve problems in the field of cyber security.

Download Full-text

Cyber Security Competency Model Based on Learning Theories and Learning Continuum Hierarchy

10.4018/978-1-6684-3554-0.ch007 ◽

2022 ◽

pp. 139-156

Author(s):

Winfred Yaokumah

Keyword(s):

Cyber Security ◽

Domain Knowledge ◽

Training Programs ◽

Cyber Attacks ◽

Competency Model ◽

Learning Theories ◽

Security Awareness ◽

Non Governmental Organizations ◽

Security Competency ◽

And Training

There is an urgent need for transformative changes in cyber security awareness and training programs to produce individuals and the workforce that can deal with business risks emanating from the prevailing and emerging cyber-attacks. This chapter proposes a cyber security competency model that integrates learning theories (cognitive, affective, and psychomotor), learning continuum hierarchy (awareness and training), and cyber security domain knowledge. Employing literature search of scholarly and practitioner works, together with cyber security standards from governmental and non-governmental organizations, the chapter integrates cyber security domain knowledge, learning theories, and learning continuum hierarchy to design a model of cyber security competencies suitable for use in educating individuals and the general workforce. This theoretical-based approach to designing cyber security awareness and training programs will produce skillful individuals and workforce that can mitigate cyber-attacks in the global business environment.

Download Full-text

Deterrence by Denial approach for the most known State Cyber Vulnerabilities

10.31124/advance.12480353.v1 ◽

2020 ◽

Author(s):

Nasser AlAzwani ◽

Tom Chen

Keyword(s):

Cyber Security ◽

Vital Role ◽

Cyber Attacks ◽

Nuclear Deterrence ◽

Space Model ◽

Security Technologies ◽

Cyber Threats ◽

Proposed Model ◽

Cyber Space ◽

Cyber Deterrence

Cyber deterrence by denial strategy can be practised by the state by making it hard for adversaries to succeed any attempt of attacking. It was practised during nuclear deterrence strategies as well as in many other conventional deterrence. This paper argues the functionality of cyber deterrence by denial in deterring cyber threats. In this paper, our attempt is to define cyber deterrence by denial, model it, explore operational roles of cyber security technologies in approaching deterrence by denial within cyber space. Model analysis shed lights over practicing deterrence by denial and its vital role in understanding how efficiently denial can work in maximize failure of any attack which will impact in maximizing cost of cyber attacks to the attacker. Due to limitations in cyber security technologies, unknown cyber threat might not be deterred with assumed approach. Proposed model confirmed that deterrence by denial strategy might works in deterring known cyber threats within instrumental model. As for the benefit of enhancing deterrence in cyber space there is a serious need to reduce the tendency to ignore exploring this strategy.

Download Full-text

National Security Policy and Strategy and Cyber Security Risks

Advances in Digital Crime, Forensics, and Cyber Terrorism - Handbook of Research on Civil Society and National Security in the Era of Cyber Warfare ◽

10.4018/978-1-4666-8793-6.ch002 ◽

2016 ◽

pp. 22-48 ◽

Cited By ~ 1

Author(s):

Olivera Injac ◽

Ramo Šendelj

Keyword(s):

National Security ◽

Cyber Security ◽

Security Policy ◽

National Policy ◽

Internet Security ◽

Cyber Attacks ◽

National Security Policy ◽

Security Risks ◽

Cyber Threats ◽

Policy And Strategy

This chapter gives explanation on theoretical framework of the national security policy and strategy. Moreover, it analyzes selected countries approaches to cyber security in national policy and how countries build their capacities to face with risks, and address objectives in some cyber security policies. Also, in this chapter are described different sorts and sources of cyber threats, techniques of cyber attacks and frequently used tools (software and hardware) by cyber attackers. In addition, according with Symantec's and Kaspersky's annual report about Internet security threats for 2014, were analyzed the most important cyber threats and attacks during 2013. Furthermore, the chapter shows organization structure of cyber security system of Montenegro, statistical analysis of users activities in cyber space and cyber incidents that happened in Montenegro during 2014.

Download Full-text

Identifying and Analyzing the Latent Cyber Threats in Developing Economies

Cybersecurity Breaches and Issues Surrounding Online Threat Protection - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-1941-6.ch004 ◽

2017 ◽

pp. 74-94

Author(s):

Atul Bamrara

Keyword(s):

Information Technology ◽

Cloud Computing ◽

Cyber Security ◽

Developing Economies ◽

Internet Usage ◽

Full Potential ◽

Cyber Threats ◽

Lost Productivity ◽

Technology Resources ◽

Smart Computing

Internet usage has increased significantly across developing economies in last decade and most of the enterprises are extensively reliable on computer networks for electronic mails to payment gateways. But, the scenario we live in today has become more and more connected, sophisticated and risk-prone to our network-delivered society. Nevertheless, it remains critical for enterprises to exploit the full potential of available technologies such as mobile computing, smart computing and cloud computing. A cyber security related gaffe in any of these rapidly emerging domains may lead to lost productivity and grave concerns to the enterprise. The chapter highlights the various concerns associated to cyber security, viz., how an attack may be operated and offered measures to secure the network and information technology resources within and outside the enterprise. In most of the developing economies no synchronized activities in this regard are taking place which opens the opportunity to cyber criminals intrude into the system and compromise the resources.

Download Full-text