Certifications in Cybersecurity Workforce Development

The workforce demand for cybersecurity professionals has been substantial and fast growing. Qualified cybersecurity professionals with appropriate knowledge, skills, and abilities for various tasks and job roles are needed to perform the challenging work of defending the cyber space. The certified information systems security professional (CISSP) certification is a globally recognized premier cybersecurity credential and validation of qualifications. This case study analyzes the CISSP certification requirements, domains and objectives and attempts to map them to the cybersecurity industry competencies and the US national cybersecurity workforce framework (NCWF). This research is an extended study with full mapping of all CISSP domain areas to the knowledge, skills, and abilities in NCWF. The extended study aims to discover the in-depth value and role of reputable certifications such as CISSP in competency development for cybersecurity workforce. This article also discusses the value and implications of the CISSP certification on cybersecurity education and training.

The possibilities of blockchain technologies in the investigation of criminal offenses committed into the cyber space

The threatening trends in the digital economy have been reviewed. The role, place and significance of cryptocurrencies and blockchain technologies in the modern world are generalized. Emphasis is placed on the problematic issues of using cryptocurrencies as a means of payment on the Internet, which is used in illegal activities. The peculiarities of conducting transactions with cryptocurrencies carried out by criminals to finance illegal activities are considered. The directions of law enforcement activity aimed at prevention and technological blockade of illegal operations with cryptocurrencies are detailed. The achievements and accomplishments of the use of “Crystal” software are highlighted. The problematic issues of seizing and confiscating cryptocurrency funds used for criminal purposes are outlined. The principles of improving law enforcement activities in the field of investigation of criminal offenses committed in the cyber space are determined

Digitalization Capabilities for Sustainable Cyber Resilience: A Conceptual Framework

Digital transformation is currently an essential condition for companies to operate in most markets, since it provides a whole new set of competitive skills and strategic tools. On the other hand, the same digitalization puts companies in the face of a whole new series of threats coming from the cyber space. The foundation of business sustainability, which is the maintenance of competitiveness while securing business, is no longer a “plus” feature or a captivating sentence but a true and consistent need for all organizations. This article provides a literature analysis on approaches and models for cyber resilience, digitalization capabilities, and a conceptual framework showing how digitalization capabilities drive cyber resilience. Digitalization capabilities are involved in the plan/prepare phase and in the adaptation phase of the cyber resilience process. In particular, online informational capabilities can drive both these phases. Other capabilities such as the employment of heterogeneous resources and the promotion of continuous learning drive the plan/prepare phase, while the scanning of the evolution of the digital environment and a timely reconfiguration of resources drive the adaptation phase.

The realization of the right to freedom of speech on the Internet

The expression of opinions on the Internet has a number of features in comparison with traditional means of information dissemination. Firstly, imposition of classical measures of legal liability can be difficult due to the peculiarities of cyber space: anonymity and erasure of jurisdictional boundaries. In this regard, a new mechanism of restrictions has appeared, which consists in the withdrawal of information that violates the law or the rights of other citizens from the Internet at the direction of state bodies. The trends in this area are the predominance of the administrative procedure for making decisions on the withdrawal of information from public access, and the use of vague and evaluative terms as grounds for restrictions. Secondly, in most cases, in the process of realizing freedom of speech, intermediaries are involved — companies that provide a public forum for millions of users. The activities of these companies are also associated with new mechanisms for restricting freedom of speech: from blocking content to deleting users’ accounts. Such companies have a dual responsibility: to monitor the placement of content in order to prevent abuse of freedom of speech and to prevent violations of freedom of expression with their own corporate rules. The purpose of this article is to identify, through the method of analytical jurisprudence, the problems that arise when restricting freedom of speech, implemented in the digital environment, and to establish the reasons for their occurrence. To do this, the author has carried out a review of Russian legislation and the practice of its application, as well as the practice of restrictions, applied by corporations, and an analysis of foreign literature.

Cyber Security Strategies of the Visegrád Group States and Romania

Among security challenges that have emerged on nation-state level, attacks in cyber space are ‘products’ of the recent past. Their significance has been overvalued especially in 2007 owing to the cyber attack against Estonia. As a consequence, it were not only the European Union (EU) and the North-Atlantic Treaty Organization (NATO) to have created their own cyber security strategies but the majority of states have also made preparations for preventing and deterring threats from the cyber space. States of the Visegrád Four (V4) and Romania, though all full members of both the EU and the NATO, have prepared their own cyber security strategies. The objective of this study is to offer a comparative analysis of cyber security strategies of the Czech Republic, Poland, Hungary, Slovakia, and Romania, contrasting them to the relevant documents of the EU and the NATO, pointing out the identities and differences. A further essential element of the research is the description of the cooperation between V4 members in the implementation of cyber security strategies and of the chances of broader regional cooperation in the given field based on the jointly adopted documents or on other grounds. One important step in this area was the adoption of the Central European Cyber Security Platform in 2013. This common move, joined also by Austria, is directed mainly at technical exercises. However, the functioning of the Platform is not free from difficulties. Therefore, V4 members have undertaken to find common solutions, including education and professional training for the further development of regional cooperation and widening its spectrum.

Prospects and current status of defence information security in Ukraine

Relevance of the article - security has always been one of the priority issues of state policy, and considering the fact that the defense forces are an inseparable part of state security, the study of their information security is essential. The feasibility of this study is confirmed by the fact that in the current conditions of development of the information society, the information technology of the Ukrainian defence forces must adapt to the current challenges and threats, to ensure proper protection of information of strategic importance to the state and collected, consolidated and stored by the defence forces. The purpose of this article is to identify problems of information security of defence forces in Ukraine, to find ways of their elimination. Formal logical, systemic structural, comparative and legal methods were used to conduct the research. It is stated that by dividing the information space and cyber space, the legislator has laid down legal regulation of protection of the information space of the state. It is understood that the Lithuanian and Latvian forces for combating threats to the information space were consolidated within the structure of the Ministry of Defence.

About building virtual worlds. Experience in teaching an interfacultural course at Lomonosov Moscow State University

Subject of the article is actual as never given the speed and volatility of data transfer and it’s processing. Authors have attended the topic of “digital transformation” multiple times, researching both negative and positive outcomes of this process. To define some of the potentially negative - alienation from other elements of life due to division of labor, personal and professional diviations. Some of the standing out positives - RnD and creative potential provided by virtual space, ability to effectively model technical and social processes, gamification as an additional tool of education development. This article is focused around the methodology of the elective education course “Constructing virtual worlds: game, science fiction and futurology” that was held in 2020/2021. Authors provide detailed description of how this course has been formed and method of its delivery to the audience. Being done as the dialogue between speakers and students, through the means of constant discussion, the course allowed not just to constantly receive and apply feedback to real-time, but also to form a thought process, reasonable for subjects in discussion. The course has provoked a lot of interest both in academic and industrial circles and has been discussed at multiple professional media platforms. Major results are ability to develop disciplines for new masters programs and programs of additional specialization. Authors are also confident that the course can be the beginning of new research and practical transdisciplinary fields aimed to explore vision and ideas of virtual space, cyber space and metaverse.

Security and Privacy Aware Communication in Body Area Networks Using Blockchain Technology

With the adoption of assorted gadgets and technology loaded devices, there is need to work on security and privacy while using such platforms. Now, the focus of concern has turned to the overwhelming secrecy, the high performance security, and integrity of the transactions in the cyber space. In relation to a chain of records which is interlinked and highly encrypted due to the involving hashing and encryption each process, it is known as a blockchain. The blockchain removes the possibility of a fraudulent or accidental tampering with the framework. Blockchain has the ability to store sensor data, as well as the capacity to thwart data falsification. IoT deployment plans are usually complex, and the distributed ledger is particularly well-suited for Internet of Things (IoT) discovery, authentication, and recording of information. Wireless body networks are set to be published here on the use trends of Blockchain deployment using advanced scripting and embedded technology the included incorporation of effectual effects gives the final results as well as opposed to the conventional cryptography approach to security.

PERLINDUNGAN HUKUM BAGI KORBAN SERANGAN RANSOMWARE

<p><em>Data is an important part of the need in today's Information Technology era. The data of every human individual in the world has a high level of sensitivity for anyone. Data that is currently developing both offline and online data, requires a certain level of security in its access. Good data security techniques are needed in ensuring the confidentiality of a data including from attacks of several types of malware viruses and ransomware.</em></p><p><em>Types of malware viruses and ransomware work with the concept of damaging, stealing and locking data with various purposes, one of which is to make a profit. Ransomware works by locking certain files that are targeted and encrypted so that the data is inaccessible. In the end, if you want to access the stored data, users are required to contact the contact of the creator of the ransoware by paying a certain amount of money in decrypting the locked data. Ransomware can be categorized as cyber extortion.</em> <em>Article 27 paragraph 4 of the ITE Law provides arrangements on the dissemination of information that has extortion content whose provisions are regulated in the Criminal Code. Ransomware meets the elements of the criminal act of extortion as stipulated in the provisions of Article 368 paragraph (1) of the Criminal Code. The perpetrator commits extortion coupled with acidification by closing the victim's access to his data. The government has made legal protection efforts for victims of ransomware among others through the arrangements contained in Article 27 Paragraph (4) of the ITE Law.</em> <em>As well as the application of criminal sanctions of confinement and fines for perpetrators of ransomware crimes. Protection of cyber space users can also be done by individuals (individuals) by building regulations in cyberspace and being vigilant in using the internet. In an effort to provide legal protection for ransomware victims, cooperation is needed between the government as a lawmaker and users (victims of ransomware) cyber space. More advanced and unconventional regulations are critical in dealing with cybercrime. Because all forms of cybercrime cannot be touched by the rule of law.</em></p><p><em> </em></p><p><strong><em>Keywords</em></strong><em>: Legal Protection, Victims, Ransomware</em></p>