Relevant bibliographies by topics / Cyber security management tool

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Cyber security management tool'

Author: Grafiati
Published: 28 June 2021
Last updated: 11 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Cyber security management tool.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Cyber security management tool"

1

Štitilis, Darius, Irmantas Rotomskis, Marius Laurinaitis, Sergiy Nadvynychnyy, and Nadiya Khorunzhak. "National cyber security strategies: management, unification and assessment." Independent Journal of Management & Production 11, no. 9 (November 1, 2020): 2341. http://dx.doi.org/10.14807/ijmp.v11i9.1431.

Full text
Abstract:
Cyber security has become an important issue both on the EU and the national level. Cyber security is now perceived as a part of national security. The newly emerging cyber security policy, comprising national cyber security strategies as an important constituent part, has been recently paid considerable attention. Speaking of national cyber security strategies, a positive thing is that the majority of EU member states have already approved such strategies. However, the approved strategies differ considerably in terms of their content and implementation. The present article aims at identifying reasons for differences in individual national strategies and analyses aspects of their unifications in expectation to find out an optimum balance between the degree of unification and the need to retain differences arising from intrinsic national singularities. To this end, the article analyses the issue of national cyber security on the basis of Lithuania's cyber security strategy as a sample in the context of ENISA good practices for the development of cyber security strategies and by application of ENISA developed KPIs and testing ENISA cyber security strategy evaluation tool. Finally, the article suggests recommendations on further development of national cyber security strategies in terms of their unification and national singularities.
APA, Harvard, Vancouver, ISO, and other styles
2

Fakiha, Bandr. "Business Organization Security Strategies to Cyber Security Threats." International Journal of Safety and Security Engineering 11, no. 1 (February 28, 2021): 101–4. http://dx.doi.org/10.18280/ijsse.110111.

Full text
Abstract:
It is argued that the advancement of Information, Communication and Technology went hand in hand with the emergence of certain threats and vulnerabilities to cybersecurity. In several cases, cyber attacks have targeted the information, communication and infrastructure networks of numerous organizations. Today, hackers and intruders have advanced technology within their scope that lets them access the organizational information system. The present study highlights numerous internet security related problems, it offers a broad-based overview of internet threats from the perspective of business enterprises, along with prevention measures and enhanced safety strategies. A systematic analysis of secondary literature was introduced by researchers, the study found that it is critical for organizations to choose an IT security management tool that can be categorized as best practices and standards. The Security Incident Event Management (SIEM) framework is one key instrument proposed here. SIEM instruments help security analysts gain insight into the security threats targeting the IT structures of a given organization.
APA, Harvard, Vancouver, ISO, and other styles
3

Суворов, Александр, Aleksandr Suvorov, Мария Матанцева, Mariya Matanceva, Евгения Плотникова, and Evgeniya Plotnikova. "Cyber Insurance as a Way of Cyber Risks Management." Safety in Technosphere 7, no. 5 (November 19, 2019): 35–42. http://dx.doi.org/10.12737/article_5d8b1f1205ad35.02378913.

Full text
Abstract:
A review of the cyber insurance domain has been carried out with a description of classical terms from the insurance industry. Have been considered two the most comprehensive today definitions of cyber risk in authors’ opinion. A diagram of processes for cyber risk management using insurance has been presented, and the place of cyber-risk among other company’s risks has been demonstrated, i. e. the context of cyber risk among the risks of any commercial organization has been shown. A typical cyber insurance process has been described, and a scheme of cyber insurance processes has been developed. A brief description of problem areas and controversial issues in cyber insurance, with which cyber-risk insurance practices may face, has been presented, as well as a table showing at which stage of cyber-insurance the specific problems may arise. Has been provided the basic economic utility function, which formalizes decision making for agents with a different attitude to risk. Standards in cyber security, and various software products that can be used as a tool for assessing the security level of an enterprise’s IT infrastructure have been presented, and it has been demonstrated how these products can help in cyber risk assessment. Different methods used at each stage of cyber insurance have been shown.
APA, Harvard, Vancouver, ISO, and other styles
4

Svilicic, Boris, Junzo Kamahara, Matthew Rooks, and Yoshiji Yano. "Maritime Cyber Risk Management: An Experimental Ship Assessment." Journal of Navigation 72, no. 5 (February 7, 2019): 1108–20. http://dx.doi.org/10.1017/s0373463318001157.

Full text
Abstract:
The maritime transport industry is increasingly reliant on computing and communication technologies, and the need for cyber risk management of critical systems and assets on vessels is becoming critically important. In this paper, a comprehensive cyber risk assessment of a ship is presented. An experimental process consisting of assessment preparation activities, assessment conduct and results communication has been developed. The assessment conduct relies on a survey developed and performed by interviewing a ship's crew. Computational vulnerability scanning of the ship's Electronic Chart Display and Information System (ECDIS) is introduced as a specific part of this cyber security assessment. The assessment process presented has been experimentally tested by evaluating the cyber security level of Kobe University's training ship Fukae-maru. For computational vulnerability scanning, an industry-leading software tool has been used, and a quantitative cyber risk analysis has been conducted to evaluate cyber risks on the ship.
APA, Harvard, Vancouver, ISO, and other styles
5

Karagozlu, Damla. "Determination of cyber security ensuring behaviours of pre-service teachers." Cypriot Journal of Educational Sciences 15, no. 6 (December 31, 2020): 1698–706. http://dx.doi.org/10.18844/cjes.v15i6.5327.

Full text
Abstract:
As cyber security attack rates increase, so do cyber security concerns. Cyber security is the collection of tools, policies, security concepts, security measures, risk management approaches, actions, education, applications, security and technologies that can be used in order to protect the cyber environment and user rights. The aim of this study is to determine the behaviours of pre-service teachers as this study’s objective is to determine the behaviours of pre-service teachers regarding cyber security. This study is designed according to the quantitative research method and the Personal Cyber Security Ensuring Scale has been used. 144 pre-service teachers of two different universities who took up instructional technologies and material design courses in the 2019–2020 spring semester participated in the study. It has been observed that the participants frequently took measures when they noticed unreliable people and situations in the internet environment but took occasional measures in terms of not leaving any trace, taking precautions and protecting personal privacy. Keywords: Cyber attack, cyber security, personal cyber security, pre-service teachers
APA, Harvard, Vancouver, ISO, and other styles
6

Kachynskyi, A. B., and M. S. Stremetska. "Operational analytics as a data monitoring and event management tool of the cyber security management systems." Reports of the National Academy of Sciences of Ukraine, no. 1 (February 2021): 9–16. http://dx.doi.org/10.15407/dopovidi2021.01.009.

Full text
Abstract:
With growing demand for the digitalization of data collection, transmission, processing and storage processes in all life spheres of individual, society, and state, there is an urgent need to construct an infrastructure of infor-mation transmission networks which can provide a secure connection between endpoints and data centers. These networks must have high availability and provide the fast and efficient processing of information requests, espe-cially in case of critical infrastructure networks. A structural functional scheme of data management for SIEM systems which includes straight and reverse relations between physical, mathematical and analytical levels is proposed, based on the stratum theory by M. Messarovich. A model of multilevel system for the data monito ring and cyber security event management is built in order to provide a systematic approach to maintain the safety state of complex systems and to ensure mechanisms for the operative real-time cyber security incident response.
APA, Harvard, Vancouver, ISO, and other styles
7

Russo, Pietro, Alberto Caponi, Marco Leuti, and Giuseppe Bianchi. "A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management." Information 10, no. 7 (July 17, 2019): 242. http://dx.doi.org/10.3390/info10070242.

Full text
Abstract:
Cyber risk management is a very important problem for every company connected to the internet. Usually, risk management is done considering only Risk Analysis without connecting it with Vulnerability Assessment, using external and expensive tools. In this paper we present CYber Risk Vulnerability Management (CYRVM)—a custom-made software platform devised to simplify and improve automation and continuity in cyber security assessment. CYRVM’s main novelties are the combination, in a single and easy-to-use Web-based software platform, of an online Vulnerability Assessment tool within a Risk Analysis framework following the NIST 800-30 Risk Management guidelines and the integration of predictive solutions able to suggest to the user the risk rating and classification.
APA, Harvard, Vancouver, ISO, and other styles
8

Atoum, Issa, Ahmed Otoom, and Amer Abu Ali. "A holistic cyber security implementation framework." Information Management & Computer Security 22, no. 3 (July 8, 2014): 251–64. http://dx.doi.org/10.1108/imcs-02-2013-0014.

Full text
Abstract:
Purpose – The purpose of this paper is to propose a holistic cyber security implementation framework (HCS-IF) that lays out the ground for a conceptual, coherent, systematic, overarching and consolidated approach to implement cyber security strategies (CSSs). Design/methodology/approach – The HCS-IF is conceptually proposed to address the actual needs that are extracted from literature review. The HCS-IF uses and integrates a set of high-level conceptual security controls, solutions, processes, entities, tools, techniques or mechanisms that are already known in the domains of information security management, software engineering and project management to address the identified needs. Findings – The HCS-IF components and controls collectively interact and cooperate to implement CSSs. The proposed framework is compared with other related frameworks, and the results show that the HCS-IF outperforms other frameworks on most of the suggested comparison criteria. Originality/value – From a practical standpoint, governments and practitioners alike stand to gain from the findings of this research. Governments who want to implement CSSs on a national level will find the proposed framework useful in overseeing cyber security implementation. Practitioners will be prepared to address the anticipated cyber security implementation challenges and the required controls needed to facilitate cyber-security implementation in a holistic overarching manner.
APA, Harvard, Vancouver, ISO, and other styles
9

Pavlík, Lukáš, Ekaterina Chytilová, and Jarmila Zimmermannová. "Security Aspects of Healthcare Organization from the Perspective of Digitization of Facility Management." WSEAS TRANSACTIONS ON BUSINESS AND ECONOMICS 18 (January 25, 2021): 360–66. http://dx.doi.org/10.37394/23207.2021.18.36.

Full text
Abstract:
Many healthcare organizations are exposed to various cyber threats. The increase in the frequency of these cyber threats can also be observed during the Covid-19 pandemic. The security of information systems in hospitals and their management is also not part of the management of facilities in these organizations. The paper presents the possibilities of securing facility management processes in healthcare organizations from a security point of view. There is an analysis of security aspects of a particular medical facility and its information system with emphasis on the application of regular facility management. Analysis and evaluation of tools for ensuring the security of the hospital information network is also applied. The contribution of the paper is the identification and expression of the correlation between cyber threats and the following modules of the information system in the medical facility. Another part of the proven research compares safety mechanisms and their possible failure in a selected hospital. The main research results, which are based on the evaluation of safety aspects in these organizations, can be further used as a platform for the effectiveness of processes in healthcare and thus increase synergies between safety levels and ensure facility management processes
APA, Harvard, Vancouver, ISO, and other styles
10

Comizio, V. Gerard, Behnam Dayanim, and Laura Bain. "Cybersecurity as a global concern in need of global solutions: an overview of financial regulatory developments in 2015." Journal of Investment Compliance 17, no. 1 (May 3, 2016): 101–11. http://dx.doi.org/10.1108/joic-01-2016-0003.

Full text
Abstract:
Purpose To provide financial institutions an overview of the developments in cybersecurity regulation of financial institutions during 2015 by the United States, the United Kingdom, and the European Union, as well as guidance for developing effective cyber-risk management programs in light of evolving cyber-threats and cyber-regulatory expectations. Design/methodology/approach Reviews US, UK and EU regulatory developments in the cybersecurity area and provides several best practice tips financial institutions should consider and implement to improve their cybersecurity compliance programs. Findings While cyber-threats and financial regulators’ expectations for cyber-security are constantly evolving, recent guidance and enforcement efforts by the US, UK and EU illustrate the need for financial institutions to develop effective cybersecurity programs that address current regulatory compliance requirements and prepare for emergency cyber responses. Practical implications Financial institutions should utilize the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool to assess their cyber-risk profile and cyber-preparedness. Originality/value Practical guidance from experienced financial regulatory and privacy lawyers that provides a survey of the current regulatory environment and recommendations for cyber-security compliance.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Cyber security management tool"

1

Strachová, Zuzana. "Implementace nástroje pro řízení kybernetické bezpečnosti." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2021. http://www.nusl.cz/ntk/nusl-444573.

Full text
Abstract:
The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.
APA, Harvard, Vancouver, ISO, and other styles
2

Pech, Jan. "Aplikace zákona a vyhlášky o kybernetické bezpečnosti na úřadech státní správy." Master's thesis, Vysoká škola ekonomická v Praze, 2016. http://www.nusl.cz/ntk/nusl-203989.

Full text
Abstract:
The thesis is focused on the Czech act no. 181/2014 Sb., on cyber security and subsequent regulations, introduces origin and importance of act, defines the state administration´s office which identifies important information systems according to regulations, and subsequently thesis detailed analyses act and regulation on cyber security in relation to the defined state administration´s office. Keynote of this thesis is show the real application of identified obligations of the act and regulation to the defined state administration´s office, especially a design, implementation and management of organizational and technical security measures, including the evaluation of real impact on information security. To achieve the set goals author of this thesis uses the analysis of legislation, and draws own conclusions from author´s position of a security technologist who actively participated in the design security policy, and implementation and management of security tools. The benefit of this thesis is complex overview of the security employees work at defined state administration´s office, overview of the real fulfilment obligations of the act and regulation of cybernetic security, and ultimately this thesis brings ideas for further development of technical security tools. This thesis can brings benefit to other important information systems administrators as a set of processes, proposals and recommendation for their own information security management system. This thesis is structurally divided into four main parts. The first theoretical part introduces origin, importance and impact of the act on state and private organizations. The second analytical part analyses act and subsequent regulations in relation to the defined state administration´s office. The third practical part shows the real application of organizational and technical security measures. The fourth last part evaluates the real impact of measures on information security.
APA, Harvard, Vancouver, ISO, and other styles
3

Johansson, Dan. "Empirical test of a tool for cyber security vulnerability assessment." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-176032.

Full text
Abstract:
This report describes a study aimed at verifying a cyber security modeling language named the Predictive, Probabilistic Cyber Security Modelling Language. This modeling language together with the Enterprise Architecture Analysis Tool acts as a tool for cyber security evaluations of system architectures. To verify the accuracy and readiness of the tool, a generic model of a real life Supervisory Control And Data Acquisition System’s system architecture was modeled using the tool and later evaluated. The evaluation process consisted of a Turing test, which was the same method used for evaluation of the Predictive, Probabilistic Cyber Security Modelling Language predecessor the Cyber Security Modelling Language. For the Turing test, interviews were held with five domain experts within cyber security. Four of which were tasked with creating attack paths given a scenario in the modeled system architecture. The Predictive, Probabilistic Cyber Security Modelling Language was given the same task as the four experts. The attack paths created were consolidated in a standardized form for the last internal company expert within cyber security to evaluate. An expert evaluator was tasked with grading the attack paths produced by the four experts and the Predictive, Probabilistic Cyber Security Modelling Language. The grading was based on how probable the attack paths were perceived by the internal expert.  The conclusion was made that given the limitations of the study, the Predictive, Probabilistic Cyber Security Modelling Language produced a cyber security evaluation that was as probable as those created by the human cyber security experts. The results produced were also consistent with the results produced by the Predictive, Probabilistic Cyber Security Modelling Language predecessor the Cyber Security Modelling Language in a previous study. Suggestions for further studies were also introduced which could complement this study and further strengthen the results. This thesis was a collaboration between ABB Enterprise Software and the members of the team behind the Predictive, Probabilistic Cyber Security Modelling Language at ICS at KTH.
Denna rapport beskriver en studie vars mål var att verifiera ett modelleringsspråk för datasäkerhet vid namn Predictive, Probabilistic Cyber Security Modelling Language. Detta modelleringsspråk tillsammans med Enterprise Architecture Analysis Tool utgör ett verktyg för datasäkerhetsutvärderingar av systemarkitekturer. För att verifiera exaktheten och mognadsnivån på verktyget så skapades en generisk modell av ett verkligt Supervisory Control And Data Acquisition System-systems arkitektur. Denna modell utvärderades i ett senare skede. Utvärderingsprocessen bestod av ett Turingtest, som är samma metod som användes i en tidigare utvärdering av Predictive, Probabilistic Cyber Security Modelling Languages föregångare Cyber Security Modelling Language. För Turingtestet hölls fem intervjuer med domänexperter inom datasäkerhet. Fyra av dessa fick i uppgift att skapa attackvägar givet ett scenario i den modellerade systemarkitekturen. Attackvägarna som skapades sammanställdes i ett standardiserat formulär för den sista interna företagsexperten inom datasäkerhet att utvärdera. En expertutvärderare fick i uppgift att betygsätta de attackvägar som hade producerats av de fyra experterna och Predictive, Probabilistic Cyber Security Modelling Language. Betygsättningen baserades på hur sannolika de olika attackvägarna uppfattades av den interna experten. Slutsatsen som gjordes var att givet begränsningarna i studien, så producerade Predictive, Probabilistic Cyber Security Modelling Language en datasäkerhetsutvärdering som var likvärdigt sannolik jämfört med de som skapades av mänskliga experter. Resultaten som producerades var också konsistenta med resultaten som producerades av Predictive, Probabilistic Cyber Security Modelling Language föregångare Cyber Security Modelling Language i en tidigare studie. Förslag på kommande studier som skulle komplettera denna studie och stärka resultaten ytterligare introducerades också. Detta examensarbete var ett samarbete mellan ABB Enterprise Software och medlemmarna i teamet bakom Predictive, Probabilistic Cyber Security Modelling Language på ICS på KTH.
APA, Harvard, Vancouver, ISO, and other styles
4

Moe, Lwin P. "Cyber security risk analysis framework : network traffic anomaly detection." Thesis, Massachusetts Institute of Technology, 2018. http://hdl.handle.net/1721.1/118536.

Full text
Abstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2018.
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 84-86).
Cybersecurity is a growing research area with direct commercial impact to organizations and companies in every industry. With all other technological advancements in the Internet of Things (IoT), mobile devices, cloud computing, 5G network, and artificial intelligence, the need for cybersecurity is more critical than ever before. These technologies drive the need for tighter cybersecurity implementations, while at the same time act as enablers to provide more advanced security solutions. This paper will discuss a framework that can predict cybersecurity risk by identifying normal network behavior and detect network traffic anomalies. Our research focuses on the analysis of the historical network traffic data to identify network usage trends and security vulnerabilities. Specifically, this thesis will focus on multiple components of the data analytics platform. It explores the big data platform architecture, and data ingestion, analysis, and engineering processes. The experiments were conducted utilizing various time series algorithms (Seasonal ETS, Seasonal ARIMA, TBATS, Double-Seasonal Holt-Winters, and Ensemble methods) and Long Short-Term Memory Recurrent Neural Network algorithm. Upon creating the baselines and forecasting network traffic trends, the anomaly detection algorithm was implemented using specific thresholds to detect network traffic trends that show significant variation from the baseline. Lastly, the network traffic data was analyzed and forecasted in various dimensions: total volume, source vs. destination volume, protocol, port, machine, geography, and network structure and pattern. The experiments were conducted with multiple approaches to get more insights into the network patterns and traffic trends to detect anomalies.
by Lwin P. Moe.
S.M. in Engineering and Management
APA, Harvard, Vancouver, ISO, and other styles
5

Ellithorpe, James O. "The Role and Impact of Cyber Security Mentoring." Thesis, Walden University, 2016. http://pqdtopen.proquest.com/#viewpdf?dispub=10126660.

Full text
Abstract:

Business organizations are faced with an enormous challenge to improve cyber security, as breeches and lapses through firewalls are increasingly commonplace. The Chief Information Security Officer (CISO) and Information Technology (IT) staff are constantly challenged to identify and purge online and network structural weaknesses. The goal is to reduce overall business risk because unresolved risks are a constant concern to consumers who are uneasy about cyber security failures. The purpose of this general qualitative study was to examine the role and impact of Cyber Security Mentoring (CSM) from the perspectives of the workplace CISO, mentors, and protégés, who were randomly polled from various workplace settings across the United States. Mentoring allows IT staff members to learn from their CISOs and from workplace mentor mistakes and successes. Workplace IT staff are also closest to the various attack methodologies used by cyber hackers, and cohort and dyadic mentoring may provide insight into and responding to cyber-attacks and improving cyber defenses. Sixty-eight sets of respondent data relating to field experience, formal education, professional industry cyber security certifications, and mentoring were compared and examined between respondents. The goal was to determine where respondents agreed and disagreed on issues pertaining to cyber security and CSM. The findings suggested that CSM with a qualified mentor could improve cyber security in the workplace; in addition, more time must be devoted to continued professional education. Implications for positive social change included the use of CSM to enhance cyber security through the sharing of incidents, mindsets, procedures and expertise, and improvement of customer-consumer security confidence.

APA, Harvard, Vancouver, ISO, and other styles
6

Cook, Kimberly Diane. "Effective Cyber Security Strategies for Small Businesses." ScholarWorks, 2017. https://scholarworks.waldenu.edu/dissertations/3871.

Full text
Abstract:
Disruptive technologies developed in the digital age expose individuals, businesses, and government entities to potential cyber security vulnerabilities. Through the conceptual framework of general systems theory, this multiple case study was used to explore the strategies among owners of 4 retail small- and medium-size enterprises (SMEs) in Melbourne, Florida, who successfully protected their businesses against cyber attacks. The data were collected from a review of archival company documents and semistructured interviews. Yin's 5-phased cycles for analyzing case studies provided the guidelines for the data analysis process. Three themes emerged from thematic analysis across the data sets: cyber security strategy, reliance on third-party vendors for infrastructure services, and cyber security awareness. The study findings indicated that the SME owners' successful cyber security strategies might serve as a foundational guide for others to assess and mitigate cyber threat vulnerabilities. The implications for positive social change include the potential to empower other SME owners, new entrepreneurs, and academic institutions with successful cyber security strategies and resources to affect changes within the community. SME owners who survive cyber attacks may spur economic growth by employing local residents, thus stimulating the socioeconomic lifecycle. Moreover, implementation of these successful strategies may catalyze consumer confidence, resulting in greater economic prosperity.
APA, Harvard, Vancouver, ISO, and other styles
7

Salim, Hamid M. "Cyber safety : a systems thinking and systems theory approach to managing cyber security risks." Thesis, Massachusetts Institute of Technology, 2014. http://hdl.handle.net/1721.1/90804.

Full text
Abstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, Engineering Systems Division, System Design and Management Program, 2014.
Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.
93
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 148-156).
If we are to manage cyber security risks more effectively in today's complex and dynamic Web 2.0 environment, then a new way of thinking is needed to complement traditional approaches. According to Symantec's 2014 Internet Security Threat Report, in 2012 more than ten million identities that included real names, dates of birth, and social security were exposed by a single breach. In 2013 there were eight breaches that each exposed over ten million identities. These breaches were recorded despite the fact that significant resources are expended, on managing cyber security risks each year by businesses and governments. The objective of this thesis was twofold. The first objective was to understand why traditional approaches for managing cyber security risks were not yielding desired results. Second, propose a new method for managing cyber security risks more effectively. The thesis investigated widely used approaches and standards, and puts forward a method based on the premise that traditional technology centric approaches have become ineffective on their own. This lack of efficacy can be attributed primarily to the fact that, Web 2.0 is a dynamic and a complex socio-technical system that is continuously evolving. This thesis proposes a new method for managing cyber security risks based on a model for accident or incident analysis, used in Systems Safety field. The model is called System-Theoretic Accident Model and Processes (STAMP). It is rooted in Systems Thinking and Systems Theory. Based on a case study specifically written for this thesis, the largest cyber-attack reported in 2007 on a major US based retailer, is analyzed using the STAMP model. The STAMP based analysis revealed insights both at systemic and detailed level, which otherwise would not be available, if traditional approaches were used for analysis. Further, STAMP generated specific recommendations for managing cyber security risks more effectively.
by Hamid M. Salim.
S.M. in Engineering and Management
S.M.
APA, Harvard, Vancouver, ISO, and other styles
8

Dutta, Saurabh. "Striking a balance between usability and cyber-security in IoT devices/." Thesis, Massachusetts Institute of Technology, 2017. http://hdl.handle.net/1721.1/113508.

Full text
Abstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2017.
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 67-74).
Today more and more physical objects are being connected to internet. The Internet of Things, or loT, is dramatically changing the way of living and the way we interact with things and each other. Home doors can be opened remotely with a watch, cars' performance can be upgraded remotely, devices monitor health and send updates to physicians remotely. loT technology has made some labor-intensive jobs simple and has the potential to simplify and enhance nearly every aspect of our lives. On the other hand, increased levels of high profile cyber security breaches in recent years have made it clear how important it is to make sure these devices are trustworthy and secure. While most users are aware of how critical it is to secure their laptops, mobile devices, and apps, due to the seamless ways in which loT devices integrates into our daily lives, users are often unaware of risks associated with them. At the same time, IoT device makers are aggressively releasing new products in a mad race to establish themselves in this emerging market. Increased pressure to differentiate on usability based functionalities has spurred products and features that are not properly vetted for security. Gartner predicts that by 2020, more than 25% of identified enterprise attacks will involve IoT, though loT will account for only 10% of IT security budgets. As loT continues to grow, vendors will favor usability over security and IT security practitioners remain unsure of the correct amount of acceptable risk.
by Saurabh Dutta.
S.M. in Engineering and Management
APA, Harvard, Vancouver, ISO, and other styles
9

Sheen, Frank Jordan. "An Extensible Technology Framework for Cyber Security Education." BYU ScholarsArchive, 2015. https://scholarsarchive.byu.edu/etd/4375.

Full text
Abstract:
Cyber security education has evolved over the last decade to include new methods of teaching and technology to prepare students. Instructors in this field of study often deal with a subject matter that has rigid principles, but changing ways of applying those principles. This makes maintaining courses difficult. This case study explored the kind of teaching methods, technology, and means used to explain these concepts. This study shows that generally, cyber security courses require more time to keep up to date. It also evaluates one effort, the NxSecLab, on how it attempted to relieve the administrative issues in teaching these concepts. The proposed framework in this model looks at ways on how to ease the administrative burden in cyber security education by using a central engine to coordinate learning management with infrastructure-as-a-service resources.
APA, Harvard, Vancouver, ISO, and other styles
10

Reid, Rayne. "A brain-compatible approach to the presentation of cyber security educational material." Thesis, Nelson Mandela Metropolitan University, 2012. http://hdl.handle.net/10948/d1019895.

Full text
Abstract:
Information is an extremely important asset in modern society. It is used in most daily activities and transactions, and, thus, the importance of information is acknowledged by both organisational and private home information users. Unfortunately, as with any asset, there are often threats to this asset and, therefore, an information security solution is required to protect information against potential threats. Human beings play a major role in the implementation and governing of an entire information security process and, therefore, they have responsibilities in this regard. Thus, the effectiveness of any information security solutions in either an organisational or a private context is dependent on the human beings involved in the process. Accordingly, if these human beings are either unaware or not knowledgeable about their roles in the security solution they become the weak link in the information security solutions and, thus, it is essential that all these information users be educated in order to combat any threats to the information security. Many of the current information security education programmes and materials are not effective, possibly because the majority of these current approaches have been designed without using a sound pedagogical theory. In addition, many of these programmes also only target organisational users. This, in turn, is problematic as information security education is required by everybody, organisational and private information users alike. This dissertation addressed the lack of a pedagogical basis in the designing of information security educational courses suited to an extremely broad target audience. Accordingly, the dissertation set out to demonstrate how a pedagogy, which is broadly used and accepted for a diverse target audience of learners, could be applied to the design of the presentation of a web based, cyber security educational courses.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Cyber security management tool"

1

Cyber security essentials. Boca Raton: Auerbach Publications, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

United States. Dept. of Energy. Office of Audit Services. Audit report: The department's cyber security incident management capability. Washington, DC: Office of Inspector General, Dept. of Energy, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

United States. Dept. of Energy. Office of Audit Services. Audit report: The department's cyber security incident management capability. [Washington, DC: Office of Inspector General, Dept. of Energy, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Gustin, Joseph F. Cyber terrorism: A guide for facility managers. Lilburn, Ga: Fairmont Press, 2004.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Scott, Lynn M. Human capital management for the USAF cyber force. Santa Monica, CA: RAND Project Air Force, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Cyber challenges and national security: Threats, opportunities, and power in a virtual world. Washington, D.C: Georgetown University Press, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

United States. Dept. of Energy. Office of Audit Services. Management controls over the Federal Energy Regulatory Commission's unclassified cyber security program, 2006. Washington, D.C: U.S. Department of Energy, Office of Inspector General, 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Cyber terrorism: Political and economic implications. Hershey, PA: Idea Group Pub., 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Criminal major case management: Persons of Interest Priority Assessment Tool (POIPAT). Boca Raton: Taylor & Francis, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Buford, John F. Koegel. Cyber security, situation management, and impact assessment II and visual analytics for homeland defense and security II: 5 and 8-9 April 2010, Orlando, Florida, United States. Bellingham, Wash: SPIE, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Cyber security management tool"

1

Rajamäki, Jyri. "Cyber Security, Trust-Building, and Trust-Management: As Tools for Multi-agency Cooperation Within the Functions Vital to Society." In Cyber-Physical Security, 233–49. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-32824-9_12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Alsmadi, Izzat. "Cyber Security Management." In The NICE Cyber Security Framework, 243–51. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-02360-7_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Burghouwt, Pieter, Marinus Maris, Sjaak van Peski, Eric Luiijf, Imelda van de Voorde, and Marcel Spruit. "Cyber Targets Water Management." In Critical Information Infrastructures Security, 38–49. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-71368-7_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Davis, Robert E. "Security Governance Management." In Auditing Information and Cyber Security Governance, 74–107. Boca Raton: CRC Press, 2021. http://dx.doi.org/10.1201/9781003099673-3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Tawalbeh, Lo’ai. "Network Management." In The NICE Cyber Security Framework, 99–115. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-41987-5_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Tawalbeh, Lo’ai. "Risk Management." In The NICE Cyber Security Framework, 117–30. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-41987-5_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Alsmadi, Izzat. "Software Management." In The NICE Cyber Security Framework, 131–74. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-41987-5_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Alsmadi, Izzat. "Identity Management." In The NICE Cyber Security Framework, 313–29. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-02360-7_12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Alsmadi, Izzat. "Acquisition Management." In The NICE Cyber Security Framework, 9–40. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-02360-7_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Alsmadi, Izzat. "Information Systems Security Management." In The NICE Cyber Security Framework, 31–53. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-41987-5_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Cyber security management tool"

1

Ekstedt, Mathias, Pontus Johnson, Robert Lagerstrom, Dan Gorton, Joakim Nydren, and Khurram Shahzad. "Securi CAD by Foreseeti: A CAD Tool for Enterprise Cyber Security Management." In 2015 IEEE 19th International Enterprise Distributed Object Computing Workshop (EDOCW). IEEE, 2015. http://dx.doi.org/10.1109/edocw.2015.40.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Almroth, Jonas, and Tommy Gustafsson. "CRATE Exercise Control – A cyber defense exercise management and support tool." In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 2020. http://dx.doi.org/10.1109/eurospw51379.2020.00014.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Huang, Yi, Jayanta Debnath, Michaela Iorga, Anup Kumar, and Bin Xie. "CSAT: A User-interactive Cyber Security Architecture Tool based on NIST-compliance Security Controls for Risk Management." In 2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON). IEEE, 2019. http://dx.doi.org/10.1109/uemcon47517.2019.8993090.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Gavėnaitė-Sirvydienė, Julija, and Algita Miečinskienė. "FORECASTING COSTS OF CYBER ATTACKS USING ESTIMATION THE GLOBAL COST OF CYBER RISK CALCULATOR V 1.2." In International Scientific Conference „Contemporary Issues in Business, Management and Economics Engineering". Vilnius Gediminas Technical University, 2021. http://dx.doi.org/10.3846/cibmee.2021.618.

Full text
Abstract:
Purpose – due to the constant increase of cyber-attacks not only the measures of identifying and controlling cyber risks are created, but also the methods of estimating possible cyber-attacks financial costs should be developed to increase business preparedness. The purpose of this research is to forecast potential costs of cyber-attacks in Baltic countries. Research methodology – to achieve the aim of the article and prepare a prognosis of possible cyber-attacks costs the Estimation the Global Costs of Cyber Risk Calculator V 1.2 tool was used. Findings – estimated costs of cyber-attacks in Lithuania, Latvia and Estonia are highest in the public business and ser-vices sector and also in the defense sector. According to conducted calculations the costs of cyber-attacks in Lithuania will reach 1% of GDP of Lithuania by 2026. Research limitations – in this research the costs of cyber-attacks are estimated regarding industries of business but not excluding specific cyber threats. Therefore, for the future research possibilities could be the analyses of specific cyber risks and their impact to various business sectors. Practical implications – the results of the research may be useful in practical approach for preparing the risk manage-ment tools, evaluating possible damage and effect of cyber-attacks to business, also increasing preparedness level and business resilience. Originality/Value – this estimation model has been not used to evaluate and discuss cyber-risks costs in Lithuania among previous researches, therefore the topic and conducted results are original and significantly relevant for further analyses of cyber security issues in Lithuania.
APA, Harvard, Vancouver, ISO, and other styles
5

Massel, Liudmila, and Vladimir Kuzmin. "Tools for Strategic Decision Support in Energy Sector Based on Situation Management and Semantic Modeling." In Vth International workshop "Critical infrastructures: Contingency management, Intelligent, Agent-based, Cloud computing and Cyber security" (IWCI 2018). Paris, France: Atlantis Press, 2018. http://dx.doi.org/10.2991/iwci-18.2018.23.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Khayrullina, Elena. "Methodical Approach and Tools for Creating and Modifying Ontology-based Information System." In Proceedings of the VIth International Workshop 'Critical Infrastructures: Contingency Management, Intelligent, Agent-Based, Cloud Computing and Cyber Security' (IWCI 2019). Paris, France: Atlantis Press, 2019. http://dx.doi.org/10.2991/iwci-19.2019.4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Pavlov, Alexander, and Alexander Stolbov. "The Application of the Knowledge-Based Systems Development Platform for Creating Scenario Analysis Support Tools." In Proceedings of the VIth International Workshop 'Critical Infrastructures: Contingency Management, Intelligent, Agent-Based, Cloud Computing and Cyber Security' (IWCI 2019). Paris, France: Atlantis Press, 2019. http://dx.doi.org/10.2991/iwci-19.2019.8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Kawano, K. "Cyber security threat management." In IEE Seminar on Security of Distributed Control Systems. IEEE, 2005. http://dx.doi.org/10.1109/iee.2005.201377.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Kawano, K. "Cyber security threat management." In IEE Seminar on Security of Distributed Control Systems. IEE, 2005. http://dx.doi.org/10.1049/ic:20050259.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Rajput, Prashant Hari Narayan, and Michail Maniatakos. "JTAG: A Multifaceted Tool for Cyber Security." In 2019 IEEE 25th International Symposium on On-Line Testing And Robust System Design (IOLTS). IEEE, 2019. http://dx.doi.org/10.1109/iolts.2019.8854430.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Cyber security management tool"

1

Nielsen, Roy S. CS651 Computer Systems Security Foundations 3d Imagination Cyber Security Management Plan. Office of Scientific and Technical Information (OSTI), March 2015. http://dx.doi.org/10.2172/1171665.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Edgar, Thomas W. Conformance Tool High Level Design Document: IEC 61850 Cyber Security Acceleration Project. Office of Scientific and Technical Information (OSTI), May 2013. http://dx.doi.org/10.2172/1134528.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Haller, John, Samuel A. Merrell, Matthew J. Butkovic, and Bradford J. Willke. Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability. Fort Belvoir, VA: Defense Technical Information Center, June 2010. http://dx.doi.org/10.21236/ada536721.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Long, Michael, Daniel Bush, Stephen Briggs, Tapan Patel, Eileen Westervelt, Daniel Shepard, Eric Lynch, and David Schwenk. An Army guide to navigating the cyber security process for Facility Related Control Systems : cybersecurity and risk management framework explanations for the real world. Engineer Research and Development Center (U.S.), January 2020. http://dx.doi.org/10.21079/11681/35294.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Rico, Helen M., Fred Hall, II Maciolek, and Michael J. From Garage-Band to World Tour: Technical, Security, and Scalability Challenges of a Web-Based Program Management Tool from Workgroup-Level to Enterprise-Class in 24 Months. Fort Belvoir, VA: Defense Technical Information Center, June 2004. http://dx.doi.org/10.21236/ada465793.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Howard, Heidi, Chad Helmle, Raina Dwivedi, and Daniel Gambill. Stormwater Management and Optimization Toolbox. Engineer Research and Development Center (U.S.), January 2021. http://dx.doi.org/10.21079/11681/39480.

Full text
Abstract:
As stormwater regulations for hydrologic and water quality control become increasingly stringent, Department of Defense (DoD) facilities are faced with the daunting task of complying with multiple laws and regulations. This often requires facilities to plan, design, and implement structural best management practices (BMPs) to capture, filter, and/or infiltrate runoff—requirements that can be complicated, contradictory, and difficult to plan. This project demonstrated the Stormwater Management Optimization Toolbox (SMOT), a spreadsheet-based tool that effectively analyzes and plans for compliance to the Energy Independence and Security Act (EISA) of 2007 pre-hydrologic conditions through BMP implementation, resulting in potential cost savings by reducing BMP sizes while simultaneously achieving compliance with multiple objectives. SMOT identifies the most cost-effective modeling method based on an installation’s local conditions (soils, rainfall patterns, drainage network, and regulatory requirements). The work first demonstrated that the Model Selection Tool (MST) recommendation accurately results in the minimum BMP cost for 45 facilities of widely varying climatic and regional conditions, and then demonstrated SMOT at two facilities.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Cyber security management tool' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography