Organizational and end user data breaches are highly implicated by the role of information security conscious care behavior in respective incident responses.This research study draws upon the literature in the areas o...Organizational and end user data breaches are highly implicated by the role of information security conscious care behavior in respective incident responses.This research study draws upon the literature in the areas of information security,incident response,theory of planned behaviour,and protection motivation theory to expand and empirically validate a modified framework of information security conscious care behaviour formation.The applicability of the theoretical framework is shown through a case study labelled as a cyber-attack of unprecedented scale and sophistication in Singapore’s history to-date,the 2018 SingHealth data breach.The single in-depth case study observed information security awareness,policy,experience,attitude,subjective norms,perceived behavioral control,threat appraisal and self-efficacy as emerging prominently in the framework’s applicability in incident handling.The data analysis did not support threat severity relationship with conscious care behaviour.The findings from the above-mentioned observations are presented as possible key drivers in the shaping information security conscious care behaviour in real-world cyber incident management.展开更多
This research paper analyzes data breaches in the human service sector. The hypothesis for the solution to this problem is that there will be a significant reduction in data breaches in the human service sector due to...This research paper analyzes data breaches in the human service sector. The hypothesis for the solution to this problem is that there will be a significant reduction in data breaches in the human service sector due to an increase in information assurance. The hypothesis is tested using data from the United States Department of Health and Human Services data breach notification repository during January 2018-December 2020. Our result shows that without the increased mitigation of information assurance, data breaches in the human service sector will continue to increase.展开更多
Data breaches have massive consequences for companies, affecting them financially and undermining their reputation, which poses significant challenges to online security and the long-term viability of businesses. This...Data breaches have massive consequences for companies, affecting them financially and undermining their reputation, which poses significant challenges to online security and the long-term viability of businesses. This study analyzes trends in data breaches in the United States, examining the frequency, causes, and magnitude of breaches across various industries. We document that data breaches are increasing, with hacking emerging as the leading cause. Our descriptive analyses explore factors influencing breaches, including security vulnerabilities, human error, and malicious attacks. The findings provide policymakers and businesses with actionable insights to bolster data security through proactive audits, patching, encryption, and response planning. By better understanding breach patterns and risk factors, organizations can take targeted steps to enhance protections and mitigate the potential damage of future incidents.展开更多
Data breaches are widely reported in the media, attracting the attention of dedicated scientists and professionals working on solutions. Commercial organizations, businesses, and government agencies that acquire, hand...Data breaches are widely reported in the media, attracting the attention of dedicated scientists and professionals working on solutions. Commercial organizations, businesses, and government agencies that acquire, handle, and retain personal or business-related data face the risk of client personal information and organizational intellectual property being compromised, resulting in potential legal, reputational, and financial harm. Data breaches represent a critical cybersecurity challenge that has led to financial losses and infringements of privacy, including the compromise of social security numbers. This underscores the necessity for a more profound understanding of the risks associated with data breaches. Despite much focus, some fundamental issues persist unaddressed. This study concentrates on the modeling and prediction of data breaches through time series forecasting algorithms. The forecasting techniques for time series data represent an emerging area of research, driven by the increasing complexity of such data. This paper analyzes modern modeling methodologies, compares different approaches, and outlines potential options for time series forecasting.This study aims to leverage ARIMA and its variations, such as SARIMA, for building robust prediction models using historical data to forecast the likelihood and magnitude of future data breaches. A comprehensive dataset, sourced from the Privacy Rights Clearinghouse (PRC), encompassing all documented instances of data breaches in the United States, was utilized as input for the predictive models. The ARIMA and SARIMA models demonstrated strong predictive capabilities, with minimal deviation from actual occurrences, highlighting their potential in accurately forecasting data breach incidences. These findings provide valuable insights for organizations aiming to enhance their cybersecurity strategies through data-driven forecasting approaches.展开更多
With a view to adopting to the globalized business landscape,organizations rely on third-party business relationships to enhance their operations,expand their capabilities,and drive innovation.While these collaboratio...With a view to adopting to the globalized business landscape,organizations rely on third-party business relationships to enhance their operations,expand their capabilities,and drive innovation.While these collaborations offer numerous benefits,they also introduce a range of risks that organizations must carefully mitigate.If the obligation to meet the regulatory requirements is added to the equation,mitigating the third-party risk related to data governance,becomes one of the biggest challenges.展开更多
In this in-depth exploration, I delve into the complex implications and costs of cybersecurity breaches. Venturing beyond just the immediate repercussions, the research unearths both the overt and concealed long-term ...In this in-depth exploration, I delve into the complex implications and costs of cybersecurity breaches. Venturing beyond just the immediate repercussions, the research unearths both the overt and concealed long-term consequences that businesses encounter. This study integrates findings from various research, including quantitative reports, drawing upon real-world incidents faced by both small and large enterprises. This investigation emphasizes the profound intangible costs, such as trade name devaluation and potential damage to brand reputation, which can persist long after the breach. By collating insights from industry experts and a myriad of research, the study provides a comprehensive perspective on the profound, multi-dimensional impacts of cybersecurity incidents. The overarching aim is to underscore the often-underestimated scope and depth of these breaches, emphasizing the entire timeline post-incident and the urgent need for fortified preventative and reactive measures in the digital domain.展开更多
The number of cybersecurity incidents is on the rise despite significant investment in security measures.The existing conventional security approaches have demonstrated limited success against some of the more complex...The number of cybersecurity incidents is on the rise despite significant investment in security measures.The existing conventional security approaches have demonstrated limited success against some of the more complex cyber-attacks.This is primarily due to the sophistication of the attacks and the availability of powerful tools.Interconnected devices such as the Internet of Things(IoT)are also increasing attack exposures due to the increase in vulnerabilities.Over the last few years,we have seen a trend moving towards embracing edge technologies to harness the power of IoT devices and 5G networks.Edge technology brings processing power closer to the network and brings many advantages,including reduced latency,while it can also introduce vulnerabilities that could be exploited.Smart cities are also dependent on technologies where everything is interconnected.This interconnectivity makes them highly vulnerable to cyber-attacks,especially by the Advanced Persistent Threat(APT),as these vulnerabilities are amplified by the need to integrate new technologies with legacy systems.Cybercriminals behind APT attacks have recently been targeting the IoT ecosystems,prevalent in many of these cities.In this paper,we used a publicly available dataset on Advanced Persistent Threats(APT)and developed a data-driven approach for detecting APT stages using the Cyber Kill Chain.APTs are highly sophisticated and targeted forms of attacks that can evade intrusion detection systems,resulting in one of the greatest current challenges facing security professionals.In this experiment,we used multiple machine learning classifiers,such as Naïve Bayes,Bayes Net,KNN,Random Forest and Support Vector Machine(SVM).We used Weka performance metrics to show the numeric results.The best performance result of 91.1%was obtained with the Naïve Bayes classifier.We hope our proposed solution will help security professionals to deal with APTs in a timely and effective manner.展开更多
基金Taif University Researchers Supporting Project number(TURSP-2020/98).
文摘Organizational and end user data breaches are highly implicated by the role of information security conscious care behavior in respective incident responses.This research study draws upon the literature in the areas of information security,incident response,theory of planned behaviour,and protection motivation theory to expand and empirically validate a modified framework of information security conscious care behaviour formation.The applicability of the theoretical framework is shown through a case study labelled as a cyber-attack of unprecedented scale and sophistication in Singapore’s history to-date,the 2018 SingHealth data breach.The single in-depth case study observed information security awareness,policy,experience,attitude,subjective norms,perceived behavioral control,threat appraisal and self-efficacy as emerging prominently in the framework’s applicability in incident handling.The data analysis did not support threat severity relationship with conscious care behaviour.The findings from the above-mentioned observations are presented as possible key drivers in the shaping information security conscious care behaviour in real-world cyber incident management.
文摘This research paper analyzes data breaches in the human service sector. The hypothesis for the solution to this problem is that there will be a significant reduction in data breaches in the human service sector due to an increase in information assurance. The hypothesis is tested using data from the United States Department of Health and Human Services data breach notification repository during January 2018-December 2020. Our result shows that without the increased mitigation of information assurance, data breaches in the human service sector will continue to increase.
文摘Data breaches have massive consequences for companies, affecting them financially and undermining their reputation, which poses significant challenges to online security and the long-term viability of businesses. This study analyzes trends in data breaches in the United States, examining the frequency, causes, and magnitude of breaches across various industries. We document that data breaches are increasing, with hacking emerging as the leading cause. Our descriptive analyses explore factors influencing breaches, including security vulnerabilities, human error, and malicious attacks. The findings provide policymakers and businesses with actionable insights to bolster data security through proactive audits, patching, encryption, and response planning. By better understanding breach patterns and risk factors, organizations can take targeted steps to enhance protections and mitigate the potential damage of future incidents.
文摘Data breaches are widely reported in the media, attracting the attention of dedicated scientists and professionals working on solutions. Commercial organizations, businesses, and government agencies that acquire, handle, and retain personal or business-related data face the risk of client personal information and organizational intellectual property being compromised, resulting in potential legal, reputational, and financial harm. Data breaches represent a critical cybersecurity challenge that has led to financial losses and infringements of privacy, including the compromise of social security numbers. This underscores the necessity for a more profound understanding of the risks associated with data breaches. Despite much focus, some fundamental issues persist unaddressed. This study concentrates on the modeling and prediction of data breaches through time series forecasting algorithms. The forecasting techniques for time series data represent an emerging area of research, driven by the increasing complexity of such data. This paper analyzes modern modeling methodologies, compares different approaches, and outlines potential options for time series forecasting.This study aims to leverage ARIMA and its variations, such as SARIMA, for building robust prediction models using historical data to forecast the likelihood and magnitude of future data breaches. A comprehensive dataset, sourced from the Privacy Rights Clearinghouse (PRC), encompassing all documented instances of data breaches in the United States, was utilized as input for the predictive models. The ARIMA and SARIMA models demonstrated strong predictive capabilities, with minimal deviation from actual occurrences, highlighting their potential in accurately forecasting data breach incidences. These findings provide valuable insights for organizations aiming to enhance their cybersecurity strategies through data-driven forecasting approaches.
文摘With a view to adopting to the globalized business landscape,organizations rely on third-party business relationships to enhance their operations,expand their capabilities,and drive innovation.While these collaborations offer numerous benefits,they also introduce a range of risks that organizations must carefully mitigate.If the obligation to meet the regulatory requirements is added to the equation,mitigating the third-party risk related to data governance,becomes one of the biggest challenges.
文摘In this in-depth exploration, I delve into the complex implications and costs of cybersecurity breaches. Venturing beyond just the immediate repercussions, the research unearths both the overt and concealed long-term consequences that businesses encounter. This study integrates findings from various research, including quantitative reports, drawing upon real-world incidents faced by both small and large enterprises. This investigation emphasizes the profound intangible costs, such as trade name devaluation and potential damage to brand reputation, which can persist long after the breach. By collating insights from industry experts and a myriad of research, the study provides a comprehensive perspective on the profound, multi-dimensional impacts of cybersecurity incidents. The overarching aim is to underscore the often-underestimated scope and depth of these breaches, emphasizing the entire timeline post-incident and the urgent need for fortified preventative and reactive measures in the digital domain.
基金supported in part by the School of Computing and Digital Technology at Birmingham City UniversityThe work of M.A.Rahman was supported in part by the Flagship Grant RDU190374.
文摘The number of cybersecurity incidents is on the rise despite significant investment in security measures.The existing conventional security approaches have demonstrated limited success against some of the more complex cyber-attacks.This is primarily due to the sophistication of the attacks and the availability of powerful tools.Interconnected devices such as the Internet of Things(IoT)are also increasing attack exposures due to the increase in vulnerabilities.Over the last few years,we have seen a trend moving towards embracing edge technologies to harness the power of IoT devices and 5G networks.Edge technology brings processing power closer to the network and brings many advantages,including reduced latency,while it can also introduce vulnerabilities that could be exploited.Smart cities are also dependent on technologies where everything is interconnected.This interconnectivity makes them highly vulnerable to cyber-attacks,especially by the Advanced Persistent Threat(APT),as these vulnerabilities are amplified by the need to integrate new technologies with legacy systems.Cybercriminals behind APT attacks have recently been targeting the IoT ecosystems,prevalent in many of these cities.In this paper,we used a publicly available dataset on Advanced Persistent Threats(APT)and developed a data-driven approach for detecting APT stages using the Cyber Kill Chain.APTs are highly sophisticated and targeted forms of attacks that can evade intrusion detection systems,resulting in one of the greatest current challenges facing security professionals.In this experiment,we used multiple machine learning classifiers,such as Naïve Bayes,Bayes Net,KNN,Random Forest and Support Vector Machine(SVM).We used Weka performance metrics to show the numeric results.The best performance result of 91.1%was obtained with the Naïve Bayes classifier.We hope our proposed solution will help security professionals to deal with APTs in a timely and effective manner.
