Mobile Devices

Mobile devices are becoming a method to provide an efficient and convenient way to access, find and share information; however, the availability of this information has caused an increase in cyber attacks. Currently, cyber threats range from Trojans and viruses to botnets and toolkits. Presently, 96% of mobile devices do not have pre-installed security software while approximately 65% of the vulnerabilities are found within the application layer. This lack in security and policy driven systems is an opportunity for malicious cyber attackers to hack into the various popular devices. Traditional security software found in desktop computing platforms, such as firewalls, antivirus, and encryption, is widely used by the general public in mobile devices. Moreover, mobile devices are even more vulnerable than personal desktop computers because more people are using mobile devices to do personal tasks. This review attempts to display the importance of developing a national security policy created for mobile devices in order to protect sensitive and confidential data.

Insider Threats

Malicious insiders are posing unique security challenges to organizations due to their knowledge, capabilities, and authorized access to information systems. Data theft and IT sabotage are two of the most recurring themes among crimes committed by malicious insiders. This paper aims to investigate the scale and scope of malicious insider risks and explore the impact of such threats on business operations. Organizations need to implement a multi layered defensive approaches to combat insider risks; safeguarding sensitive business information from malicious insiders require firstly, an effective security policy that communicates consequences of stealing or leaking confidential information in an unauthorized manner. Secondly, logging and monitoring employee activity is essential in detecting and controlling system vulnerabilities to malicious insiders. Thirdly, conducting periodic and consistent insider vulnerability assessments is critical to identifying any gaps in security controls and preventing insiders from exploiting them. And lastly, but certainly not least, taking extra caution with privileged users is important to proactively protecting information infrastructure from insider risks.

Legal Issues

Privacy and security are two items being woven into the fabric of American law concerning mobile devices. This chapter will review and analyze the associated laws and policies that are currently in place or have been proposed to ensure proper execution of security measures for mobile and other devices while still protecting individual privacy. This chapter will address the fact that as the American society significantly uses mobile devices, it is imperative to understand the legal actions surrounding these technologies to include their associated uses. This chapter will also address the fact that with 9/11 in the not so distant past, cyber security has become a forefront subject in the battle against global terrorism. Furthermore, this chapter will examine how mobile devices are not like the devices of the past as the computing power is on par with that of some desktops and the fact that these devices have the ability to execute malicious applications. In addition, this chapter will discuss the reality, significance, legal and practical affects of the fact that suspicious programs are being executed offensively and security based attacks can be performed as well with the use of programs such as Kali Linux running on Android.

The Human Factor in Mobile Phishing

Phishing is the use of electronic media, like emails and mobile text messages, to fraudulently elicit private information or obtain money under false pretence. Though there is considerable interest in phishing as a security problem, there is little previous research from the human factors perspective and in particular very little empirical support for what makes mobile phishing effective or successful and therefore how best to defend people from it. This chapter describes some of the research conducted from the field of traditional phishing that already embraces the effect of human factors on phishing vulnerability. The limited amount of research exploiting mobile phishing is discussed; including a review of our previous work involving evaluating mobile users' strategies for managing mobile phishing attacks. By reflecting on how these subjects investigate the threat of phishing, this chapter aims to show that empirical research on mobile phishing is scarce and falling behind in terms of identifying underlying psychological processes and inspire future research in this area.

A Brief Review of New Threats and Countermeasures in Digital Crime and Cyber Terrorism

Cyber security is becoming the cornerstone of national security policies in many countries around the world as it is an interest to many stakeholders, including utilities, regulators, energy markets, government entities, and even those that wish to exploit the cyber infrastructure. Cyber warfare is quickly becoming the method of warfare and the tool of military strategists. Additionally, it is has become a tool for governments to aid or exploit for their own personal benefits. For cyber terrorists there has been an overwhelmingly abundance of new tools and technologies available that have allowed criminal acts to occur virtually anywhere in the world. This chapter discusses emerging laws, policies, processes, and tools that are changing the landscape of cyber security. This chapter provides an overview of the research to follow which will provide an in depth review of mobile security, mobile networks, insider threats, and various special topics in cyber security.

Learning Management Systems

Learning management systems (LMSs) are significant in offering highly collaborative, widely accessible, and manageable learning solutions. It is feasible that learning solutions stakeholders pursue an in-depth understanding of the LMS and the vulnerabilities surrounding technology-enabled learning and teaching. The over 300 types of active LMSs, proprietary or open source, are not off limits to hackers. Past research shows that hackers compromise technology systems to ascertain personal identifiable information and interfere with the integrities of post-secondary institutions. Stakeholders must understand how to safeguard the LMS. To address LMS cybercrime concerns, this text reviews vulnerability information on over 12 LMS features. After reading this text, stakeholders will gain increased insight into their works to thwart security related LMS incidents. This text can support stakeholders' knowledge in actions to take prior to the LMS reaching unacceptable vulnerability levels. Researchers and practitioners will benefit from this text's perspective on the LMS and mitigating risk.

The Critical Need for Empowering Leadership Approaches in Managing Health Care Information Security Millennial Employees in Health Care Business and Community Organizations

According to the Ponemon (2012) Third Annual Benchmark Study on Patient Privacy & Data Security, 94 percent of healthcare organizations surveyed suffered at least one data breach; 45 percent experienced more than five in the past two years. Data breaches cost the U.S. healthcare industry an average of $7 billion annually (Ponemon, 2012). Electronic health records are becoming more pervasive at hospitals and clinics in the United States. Meanwhile, healthcare organizations are taking small steps toward meaningful exchange and secure data security of patient information. This has created a need for new expertise in health data security from a newly degreed and young in information security professionals from the “Millennial Generation”. This chapter explores the attraction, recruitment, and retention of younger-generation professionals with critical and emerging health information security skills.

Security Issues in Mobile Wireless Ad Hoc Networks

The purpose of this chapter is to investigate and expose methods and techniques developed to provide security in wireless ad hoc networks. Researchers have proposed variety of solutions for security problems of Wireless Mobile Ad-Hoc Networks (MANET) against Distributed Denial of Service (DDoS) attacks. Due to the wireless nature of the channels and specific characteristics of MANETs, the attacks cannot be defeated through conventional security mechanisms. An adversary can easily override its medium access control protocol (MAC) and continually transfer packages on the network channel and the access point node(s) cannot assign authorization access to shared medium. These attacks cause a significant decrease on overall network throughput, packet transmission rates and delay in the MAC layer since other nodes back-off from the communication. In this chapter the proposed methods are applied for preventing and mitigating different wireless ad hoc network attacks are investigated and effectiveness and efficiency of these mechanisms are exposed.

Native Language Identification (NLID) for Forensic Authorship Analysis of Weblogs

This chapter introduces Native Language Identification (NLID) and considers the casework applications with regard to authorship analysis of online material. It presents findings from research identifying which linguistic features were the best indicators of native (L1) Persian speakers blogging in English, and analyses how these features cope at distinguishing between native influences from languages that are linguistically and culturally related. The first chapter section outlines the area of Native Language Identification, and demonstrates its potential for application through a discussion of relevant case history. The next section discusses a development of methodology for identifying influence from L1 Persian in an anonymous blog author, and presents findings. The third part discusses the application of these features to casework situations as well as how the features identified can form an easily applicable model and demonstrates the application of this to casework. The research presented in this chapter can be considered a case study for the wider potential application of NLID.

The Need for a Dualist Application of Public and Private Law in Great Britain Following the Use of “Flame Trolling” During the 2011 UK Riots

Since time immemorial, the legal systems of Great Britain have often been spoken of highly as pinnacles of democracy. However, the split between criminal law and tort law have often caused problems where the police has often focused on the prosecution of people in poverty and where only the wealthy can afford to use the system. This chapter discusses the extent and limitations of existing measures to tackle computer-related crime, particularly with regards to the abusive kind of Internet Trolling, namely “flame trolling.” The chapter recommends further research to establish whether it should be the case that in a society based on dualism that criminal and civil cases should be held at the same time, and that in both instances those being accused of an offence or tort should be allowed to bring a counter-claim. It is discussed that in such a system the cases that would be brought are where there is a clear victim who had no part in the offence against them, such as murder, rape, theft and burglary, which are usually carefully planned and orchestrated acts.