The Threat of Cyber Warfare in the SADC Region

This chapter is based on a study that sought to understand the threats of cyber warfare in Zimbabwe. The effects of cyber warfare, cyber intelligence mechanisms in place, and the status of the harmonization of laws and collaboration of SADC countries in efforts to address cyber threats were also covered. Qualitative research methodology was used to conduct the study. A total of 15 key respondents drawn from information technology experts, academia, top military personnel, and lawyers participated in the study. The study revealed that Zimbabwe was vulnerable to cyber warfare due to increased use of technology and failure to keep up with technological advancements. The study noted that the current legislation does not explicitly address cyber warfare threats but focuses more on cybercrime. The study recommended that Zimbabwe enact effective legislation to curtail cyber warfare in order to enhance cyber security. Investment in cyber security in terms of research and human capital development should also be prioritized.

Cybercrime as a Threat to Zimbabwe's Peace and Security

The purpose of this study was to understand the effects of cybercrime to Zimbabwe's peace and security. In the 21st century, cybercrime has become an international threat. This has necessitated many states to enact legislation and other measures to curb cybercrime. Primary data was gathered through key informant interviews, while documentary search was used to review scholarly literature on the subject. Key informants for the study were drawn from institutions that deal in combating cybercrime. Zimbabwe does not have adequate and effective legislative instruments to combat cybercrime. Cybercrime is a threat to peace and security as it can be used to bring down critical infrastructure and disrupt communication networks of the country. Some of the measures identified to curbing cybercrime include prevention and awareness, training and development, development of new technology and introduction of new laws, and updating of current and introduction of new legislations.

Multidimensional Mappings of Political Accounts for Malicious Political Socialbot Identification

Malicious political socialbots used to sway public opinion regarding the U.S. government and its functions have been identified as part of a larger information warfare effort by the Russian government. This work asks what is knowable from a web-based sleuthing approach regarding the following four factors: 1) the ability to identify malicious political socialbot accounts based on their ego neighborhoods at 1, 1.5, and 2 degrees; 2) the ability to identify malicious political socialbot accounts based on the claimed and linked geographical locations of their accounts, their ego neighborhoods, and their #hashtag networks; 3) the ability to identify malicious political socialbot accounts based on their strategic messaging (content, sentiment, and language structures) on respective social media platforms; and 4) the ability to identify and describe “maliciousness” in malicious political socialbot accounts based on observable behaviors on that account on three social media platform types: (a) microblogging, (b) social networking, and (c) crowd-sourced encyclopedia content sharing.

The Electronic Hive Mind and Cybersecurity

If people are the “weakest link” in cybersecurity because of their psychological make-up and hardwiring—their socialized desire to trust and cooperate with others, their cognitive biases and misperceptions, their preferences for convenience, their general going with System 1 inattention instead of System 2 attention and thinking—this begs the question of whether the same micro-scale cognitive limits found in individual users are also present on a mass scale. After all, there have been discovered problematic unthinking leanings in group decision making: obedience to authority, bystander effects, groupthink, and the Abilene paradox, among others. Using a range of often mass-scale data sources and data analytics tools, research questions were asked around three areas: (1) the level of sophistication of the cybersecurity electronic hive mind towards cybersecurity issues, (2) the gap between the non-expert members and the expert members in the hive mind, and (3) whether the extant hive mind was more reflective of mob unthinkingness or deliberation and wisdom.

Information Security Threats in Public and Private Organizations

Along with the incontestable benefits for the modern society, the information and communication technology developments induce new vulnerabilities. Mobile computing devices, cloud computing, and privacy issues are just a few elements that should be taken into account when shaping the modern information security that is essential to our modern way of life. Since information security risks are rapidly evolving and taking new forms, the real benefits of information and communication technologies may be exploited only if trust is built on every layer of responsibility. This study explores of the present main information security threats faced by Romanian organizations, as well as of the attitude of Romanian organizations towards information security, as resulted from a research and detailed survey questionnaire performed by the authors. Following the results of this research, the authors propose a way to improve the security posture of Romanian organizations, as well as knowledge, capabilities, and decision making of business managers.

Global Wannacrypt Ransomware Attack

Cyber-attacks have become a global phenomenon that organizations, government agencies, and business entities have to contend with as cyber criminals frequently target their operations. One such cyber-attack is the Wannacrypt ransomware that was unleashed on the global community in early May 2017 with a resultant devastating effect. The attack, described as the largest in the history of the internet, disrupted major organizations and affected over 200,000 computers in 150 countries. It is against this backdrop that this chapter examines the issues and trends in the Wannacrypt ransomware attack and recommends ways to avert future occurrences.

Online Calling Cards and Professional Profiles in Cybersecurity From Social Media

Demand is very high for people to work in various cybersecurity professions and ceteris paribus that demand may well continue into the near term. While there are more formal trails for employment, such as higher-educational pathways, performance in cybersecurity competitions, participation in professional conferences, and social media presentations may all offer less conventional paths into cybersecurity hiring. Through a convenience sample across a number of social media platforms and bottom-up coding, this work explores some aspects of cybersecurity professional profiles (“calling cards”) available on the open Social Web and what may be learned about respective skills and capabilities from these glimmers of the person(s) behind the profiles. These profiles are assessed based on a 2x2 axis with focuses on (1) target skills and (2) personhood attributes. From these analyses, some tentative insights are shared about the cybersecurity calling cards and how informative they may be for recruitment and retention of cybersecurity workers.

Cyber Security Competency Model Based on Learning Theories and Learning Continuum Hierarchy

There is an urgent need for transformative changes in cyber security awareness and training programs to produce individuals and the workforce that can deal with business risks emanating from the prevailing and emerging cyber-attacks. This chapter proposes a cyber security competency model that integrates learning theories (cognitive, affective, and psychomotor), learning continuum hierarchy (awareness and training), and cyber security domain knowledge. Employing literature search of scholarly and practitioner works, together with cyber security standards from governmental and non-governmental organizations, the chapter integrates cyber security domain knowledge, learning theories, and learning continuum hierarchy to design a model of cyber security competencies suitable for use in educating individuals and the general workforce. This theoretical-based approach to designing cyber security awareness and training programs will produce skillful individuals and workforce that can mitigate cyber-attacks in the global business environment.

The Business Transformation Framework and Enterprise Architecture Framework for Managers in Business Innovation

The business transformation project (BTP) of a modern business environment needs a well-designed information and cyber technology security automation concept (ITSAC) that, in turn, depends on measurable success factors. These factors are used for the evolution of the transformation process. During the last decade, due to the global insecurity and financial crisis, the security strategies are not efficient. That is mainly due to the fact that businesses depend on security standards, cyber and information technology evolution, enterprise architecture, business engineering, and multilevel interoperability. They are restricted to blindfolded infrastructure security operations. Major BTPs are brutally wrecked by various security violations that may cause a no-go decision.

Developing the Social, Political, Economic, and Criminological Awareness of Cybersecurity Experts

The global shortage in skilled labor for cybersecurity and the risk it presents to international business can only be solved by a significant increase in the number of skilled personnel. However, as the nature of risks proliferate and bifurcate the training of such, personnel must incorporate a broader understanding of contemporary and future risks. That is, while technical training is highly important, it is contended that future cybersecurity experts need to be aware of social, political, economic, and criminological issues. Towards this end, this chapter considers a number of exemplary issues that are considered worthy of inclusion in the development of future cybersecurity workers. Accordingly, an overview is given of the issues of the “dark side of the net” that cause problems for global cybersecurity and international business risk. The issues are discussed so that from these a skill set can be articulated which will attend to (and mitigate against) potential threats.