Factors Influencing Security Incidents on Personal Computing Devices

Organizations expect their employees to connect securely to the organization's computer systems. Often these employees use their personal computers to access the organization's networks. This research explores whether these same employees apply protective security measures to their personal computers. Perhaps these employees behave riskily based on their optimistic bias. Results indicate that while cyber optimistic bias and perceived vulnerability influence individuals to apply more protective security measures, the users still experienced security incidents. Thus, organization are vulnerable to cyber-attacks if they are allowing employees to use personal computers to access these databases.

Download Full-text

Cyber Threat Ransomware and Marketing to Networked Consumers

Handbook of Research on Innovations in Technology and Marketing for the Connected Consumer - Advances in Marketing, Customer Relationship Management, and E-Services ◽

10.4018/978-1-7998-0131-3.ch008 ◽

2020 ◽

pp. 155-185

Author(s):

Usman Javed Butt ◽

Maysam F. Abbod ◽

Arvind Kumar

Keyword(s):

Critical Infrastructure ◽

Computer Systems ◽

Cyber Attacks ◽

Competitive Market ◽

Cyber Attack ◽

Security Measures ◽

Global Competitiveness ◽

Modern Computer ◽

Water Cleaning ◽

Cyber Threat

Marketing is a process of creating, capturing, and exchanging ‘value' for the mutual benefits of marketers, customers, intermediaries, and other stakeholders. Such a transaction requires trust as it might be facing a range of online cyber risks. Modern cybercrimes have exponentially grown over the last decade. Ransomware is one of the types of malware which is the result of a sophisticated attempt to compromise the modern computer systems. The businesses, governments, and large corporations are investing heavily to combat this cyber threat against their critical infrastructure. New technological shifts help to improve marketing and business productivity and keep the company's global competitiveness in an overflowing competitive market. However, the businesses and the systems involved need security measures to protect integrity and availability which will help avoid any malfunctioning to their operations due to the cyber-attacks. There have been several cyber-attack incidents on several businesses such as healthcare, pharmaceutical, water cleaning, and energy sector.

Download Full-text

Usable and Useful: On the Origins of Transparent Design in Personal Computing

Science Technology & Human Values ◽

10.1177/0162243919865584 ◽

2019 ◽

Vol 45 (3) ◽

pp. 515-537

Author(s):

Michael L. Black

Keyword(s):

Computer Systems ◽

Technical Information ◽

Personal Computers ◽

Personal Computing ◽

Alternative Relationships

It is often taken for granted that personal computers today are designed to hide technical information in order to make software seem easier. While “transparency of interaction” has influenced popular understandings of computer systems, it also shapes our engagement with software as critics. This essay examines the origins of transparent design in different models of usability proposed by IBM and Apple in response to popular concerns over the inaccessibility of personal computers in the early 1980s. By tracing how and why transparency emerged from this period of crisis, we can better interrogate its justifications and imagine alternative relationships to computing.

Download Full-text

Building a Cybersecurity Culture in the Industrial Control System Environment

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2019.01.05 ◽

2019 ◽

Vol 8 (1) ◽

pp. 39-44

Author(s):

Claudia ARAUJO MACEDO ◽

Jos MENTING

Keyword(s):

Control System ◽

Control Systems ◽

Cyber Attacks ◽

Cyber Attack ◽

Industrial Control System ◽

Security Measures ◽

Industrial Control ◽

Industrial Control Systems ◽

System A ◽

Educational Processes

Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.

Download Full-text

Personal computing vs. personal computers

Information & Management ◽

10.1016/0378-7206(85)90049-7 ◽

1985 ◽

Vol 9 (5) ◽

pp. 253-259 ◽

Cited By ~ 14

Author(s):

John A. Lehman

Keyword(s):

Personal Computers ◽

Personal Computing

Download Full-text

UNIVERSITY CYBER SECURITY AS A METHOD FOR ANTI-FISHING FRAUD

ED/2019/1 - The economic discourse ◽

10.36742/2410-0919-2020-1-7 ◽

2020 ◽

pp. 59-67

Author(s):

Irina Tatomur

Keyword(s):

Cyber Security ◽

Educational Institution ◽

Visual Presentation ◽

Academic Community ◽

Cyber Attacks ◽

Asia Pacific ◽

Economic Losses ◽

Educational Institutions ◽

Security Measures ◽

Phishing Attacks

Introduction. With the rapid adoption of computer and networking technologies, educational institutions pay insufficient attention to the implementation of security measures to ensure the confidentiality, integrity and accessibility of data, and thus fall prey to cyber-attacks. Methods. The following methods were used in the process of writing the article: methods of generalization, analogy and logical analysis to determine and structure the motives for phishing attacks, ways to detect and prevent them; statistical analysis of data – to build a chronological sample of the world's largest cyber incidents and determine the economic losses suffered by educational institutions; graphical method – for visual presentation of results; abstraction and generalization – to make recommendations that would help reduce the number of cyber scams. Results. The article shows what role cyber security plays in counteracting phishing scams in the educational field. The motives for the implementation of phishing attacks, as well as methods for detecting and preventing them, have been identified and regulated. The following notions as "phishing", "submarine" and "whaling" are evaluated as the most dangerous types of fraud, targeting both small and large players in the information chain of any educational institution. An analytical review of the educational services market was conducted and a chronological sampling of the largest cyber incidents that occurred in the period 2010-2019 was made. The economic losses incurred by colleges, research institutions and leading universities in the world were described. It has been proven that the US and UK educational institutions have been the most attacked by attackers, somewhat inferior to Canada and countries in the Asia-Pacific region. It is found that education has become the top industry in terms of the number of Trojans detected on devices belonging to educational institutions and the second most listed among the most affected by the ransomware. A number of measures have been proposed to help reduce the number of cyber incidents. Discussion. The obtained results should be taken into account when formulating a strategy for the development of educational institutions, as well as raising the level of awareness of the representatives of the academic community in cybersecurity. Keywords: phishing, cyber security, cyber stalkers, insider threat, rootkit, backdoor.

Download Full-text

Application of Cyber Security in Emerging C4ISR Systems

Crisis Management ◽

10.4018/978-1-4666-4707-7.ch086 ◽

2013 ◽

pp. 1705-1738

Author(s):

Ashfaq Ahmad Malik ◽

Athar Mahboob ◽

Adil Khan ◽

Junaid Zubairi

Keyword(s):

Cyber Security ◽

Oil And Gas ◽

Information Assurance ◽

System Of Systems ◽

Cyber Attacks ◽

Security Measures ◽

Oil And Gas Exploration ◽

Civil Sector ◽

C4isr System ◽

Network Of Networks

C4ISR stands for Command, Control, Communications, Computers, Intelligence, Surveillance & Reconnaissance. C4ISR systems are primarily used by organizations in the defense sector. However, they are also increasingly being used by civil sector organizations such as railways, airports, oil, and gas exploration departments. The C4ISR system is a system of systems and it can also be termed as network of networks and works on similar principles as the Internet. Hence it is vulnerable to similar attacks called cyber attacks and warrants appropriate security measures to save it from these attacks or to recover if the attack succeeds. All of the measures put in place to achieve this are called cyber security of C4ISR systems. This chapter gives an overview of C4ISR systems focusing on the perspective of cyber security warranting information assurance.

Download Full-text

Early Detection and Recovery Measures for Smart Grid Cyber-Resilience

Advances in Computational Intelligence and Robotics - Decision Support Systems and Industrial IoT in Smart Grid, Factories, and Cities ◽

10.4018/978-1-7998-7468-3.ch005 ◽

2021 ◽

pp. 91-110

Author(s):

Ismail Butun ◽

Alparslan Sari

Keyword(s):

Smart Grid ◽

Cyber Security ◽

Early Stage ◽

Security Measures ◽

Smart Meters ◽

Grid Systems ◽

Technological Advances ◽

Response And Recovery ◽

Operational Failures ◽

Security Incidents

The internet of things (IoT) has recently brought major technological advances in many domains, including the smart grid. Despite the simplicity and efficiency that IoT brings, there are also underlying risks that are slowing down its adoption. These risks are caused by the presence of legacy systems inside existing infrastructures that were built with no security in mind. In this chapter, the authors propose a method for early-stage detection of cyber-security incidents and protection against them through applicable security measures. This chapter introduces security techniques such as anomaly detection, threat investigation through a highly automated decision support system (DSS), as well as incident response and recovery for smart grid systems. The introduced framework can be applied to industrial environments such as cyber-threats targeting the production generator as well as the electricity smart meters, etc. The chapter also illustrates the framework's cyber-resilience against zero-day threats and its ability to distinguish between operational failures as well as cyber-security incidents.

Download Full-text

Russia will deny cyberattacks despite more US evidence

Emerald Expert Briefings ◽

10.1108/oxan-db229878 ◽

2018 ◽

Keyword(s):

Social Media ◽

Private Sector ◽

Computer Systems ◽

Cyber Attacks ◽

Internet Research ◽

Content Type ◽

The Us

Significance The US indictment accuses the St Petersburg-based Internet Research Agency, its backers and staff of interfering in the election by running false social media accounts. This account of Russian trolling comes soon after US and UK accusations of Kremlin responsibility for a June 2017 cyberattack that disrupted computer systems in Ukraine and elsewhere. Impacts Private sector firms will play a growing role in attributing state-sponsored cyber attacks. Governments will become increasingly reliant on private sector capabilities, whose distance can save them diplomatic embarrassment. 'Exploits' made public could be used in hostile cyber operations.

Download Full-text