Big Data Analytics Adoption Factors in Improving Information Systems Security

This research measured determinants that influence the willingness of IT/IA professionals to recommend Big Data analytics to improve information systems security in an organization. A review of the literature as well as the works of prior researchers provided the basis for formulation of research questions. Results of this study found that security effectiveness, organizational need, and reliability play a role in the decision to recommend big data analytics to improve information security. This research has implications for both consumers and providers of big data analytics services through the identification of factors that influence IT/IA professionals. These factors aim to improve information systems security, and therefore, which service offerings are likely to meet the needs of these professionals and their organizations.

Conceptualizing the Domain and an Empirical Analysis of Operations Security Management

Operations security management integrates the activities of all the information systems security controls. It ensures that the entire computing environment is adequately secured. This chapter conducts an in-depth review of scholarly and practitioner works to conceptualize the domain of operations security management. Drawing upon the existing information systems security literature, the chapter classifies operations security management into 10 domains. Following, the chapter performs an empirical analysis to investigate the state-of-practice of operations security management in organizations. The findings show that the maturity level of operations security management is at the Level 3 (well-defined). The maturity levels range from Level 0 (not performed) to Level 5 (continuously improving). The results indicate that operations security processes are documented, approved, and implemented organization-wide. Backup and malware management are the most applied operations security controls, while logging, auditing, monitoring, and reviewing are the least implemented controls.

The Role of Human Resource Management in Enhancing Organizational Information Systems Security

Emerging human resource management (HRM) practices are focusing on background checks, training and development, employer-employee relations, responsibility and accountability, and monitoring of information systems security resources. Information systems security ensures that appropriate resources and adequate skills exist in the organization to effectively manage information security projects. This chapter examined the role of HRM in enhancing organizational information systems security. Using importance-performance map analysis, the study found training, background checks, and monitoring as crucial HRM practices that could enhance organizational information systems security. Moreover, four indicators, consisting of training on mobile devices security; malware management; background checks; and monitoring of potential, current, and former employees recorded high importance but with rather low performance. Consequently, these indicators should be improved. On the contrary, the organizations placed excessive focus on responsibility, accountability, and employee relations.

Survey of Automotive Cyber-Physical System Security

This chapter will provide a survey on cyber-physical systems security related to automobiles. In modern vehicles, there has been discussion on how automobiles fit into the world of cyber-physical systems, considering their interaction with both the cyber and physical worlds and interconnected systems. With many modern vehicles being connected to the outside world, there are many vulnerabilities introduced. Modern cars contain many electronic control units and millions of lines of code, which, if compromised, could have fatal consequences. Interfaces to the outside world (e.g., in-vehicle infotainment) may be used as a vector to attack these critical components.

DNA-Based Cryptographic Method for the Internet of Things

Internet of Things (IoT) is a set of connected smart devices providing and sharing rich data in real-time without involving a human being. However, IoT is a security nightmare because like in the early computer systems, security issues are not considered in the design step. Thereby, each IoT system could be susceptible to malicious users and uses. To avoid these types of situations, many approaches and techniques are proposed by both academic and industrial researches.DNA computing is an emerging and relatively new field dealing with data encryption using a DNA computing concepts. This technique allows rapid and secure data transfer between connected objects with low power consumption. In this paper, authors propose a symmetric cryptography method based on DNA. This method consists in cutting the message to encrypt/decrypt in blocks of characters and use a symmetric key extracted from a chromosome for encryption and decryption. Implemented on the embedded platform of a Raspberry Pi, the proposed method shows good performances in terms of robustness, complexity and attack resistance.

The Role of Human Resource Management in Enhancing Organizational Information Systems Security

Emerging human resource management (HRM) practices are focusing on background checks, training and development, employer-employee relations, responsibility and accountability, and monitoring of information systems security resources. Information systems security ensures that appropriate resources and adequate skills exist in the organization to effectively manage information security projects. This chapter examined the role of HRM in enhancing organizational information systems security. Using importance-performance map analysis, the study found training, background checks, and monitoring as crucial HRM practices that could enhance organizational information systems security. Moreover, four indicators, consisting of training on mobile devices security; malware management; background checks; and monitoring of potential, current, and former employees recorded high importance but with rather low performance. Consequently, these indicators should be improved. On the contrary, the organizations placed excessive focus on responsibility, accountability, and employee relations.

Certifications in Cybersecurity Workforce Development

The workforce demand for cybersecurity professionals has been substantial and fast growing. Qualified cybersecurity professionals with appropriate knowledge, skills, and abilities for various tasks and job roles are needed to perform the challenging work of defending the cyber space. The certified information systems security professional (CISSP) certification is a globally recognized premier cybersecurity credential and validation of qualifications. This case study analyzes the CISSP certification requirements, domains and objectives and attempts to map them to the cybersecurity industry competencies and the US national cybersecurity workforce framework (NCWF). This research is an extended study with full mapping of all CISSP domain areas to the knowledge, skills, and abilities in NCWF. The extended study aims to discover the in-depth value and role of reputable certifications such as CISSP in competency development for cybersecurity workforce. This article also discusses the value and implications of the CISSP certification on cybersecurity education and training.

Software Systems Security Vulnerabilities Management by Exploring the Capabilities of Language Models Using NLP

Security of the software system is a prime focus area for software development teams. This paper explores some data science methods to build a knowledge management system that can assist the software development team to ensure a secure software system is being developed. Various approaches in this context are explored using data of insurance domain-based software development. These approaches will facilitate an easy understanding of the practical challenges associated with actual-world implementation. This paper also discusses the capabilities of language modeling and its role in the knowledge system. The source code is modeled to build a deep software security analysis model. The proposed model can help software engineers build secure software by assessing the software security during software development time. Extensive experiments show that the proposed models can efficiently explore the software language modeling capabilities to classify software systems’ security vulnerabilities.