To see the other types of publications on this topic, follow the link: Cyber security management tool.
Dissertations / Theses on the topic 'Cyber security management tool'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Cyber security management tool.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Strachová, Zuzana. "Implementace nástroje pro řízení kybernetické bezpečnosti." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2021. http://www.nusl.cz/ntk/nusl-444573.
Full textAbstract:
The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.
2
Pech, Jan. "Aplikace zákona a vyhlášky o kybernetické bezpečnosti na úřadech státní správy." Master's thesis, Vysoká škola ekonomická v Praze, 2016. http://www.nusl.cz/ntk/nusl-203989.
Full textAbstract:
The thesis is focused on the Czech act no. 181/2014 Sb., on cyber security and subsequent regulations, introduces origin and importance of act, defines the state administration´s office which identifies important information systems according to regulations, and subsequently thesis detailed analyses act and regulation on cyber security in relation to the defined state administration´s office. Keynote of this thesis is show the real application of identified obligations of the act and regulation to the defined state administration´s office, especially a design, implementation and management of organizational and technical security measures, including the evaluation of real impact on information security. To achieve the set goals author of this thesis uses the analysis of legislation, and draws own conclusions from author´s position of a security technologist who actively participated in the design security policy, and implementation and management of security tools. The benefit of this thesis is complex overview of the security employees work at defined state administration´s office, overview of the real fulfilment obligations of the act and regulation of cybernetic security, and ultimately this thesis brings ideas for further development of technical security tools. This thesis can brings benefit to other important information systems administrators as a set of processes, proposals and recommendation for their own information security management system. This thesis is structurally divided into four main parts. The first theoretical part introduces origin, importance and impact of the act on state and private organizations. The second analytical part analyses act and subsequent regulations in relation to the defined state administration´s office. The third practical part shows the real application of organizational and technical security measures. The fourth last part evaluates the real impact of measures on information security.
3
Johansson, Dan. "Empirical test of a tool for cyber security vulnerability assessment." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-176032.
Full textAbstract:
This report describes a study aimed at verifying a cyber security modeling language named the Predictive, Probabilistic Cyber Security Modelling Language. This modeling language together with the Enterprise Architecture Analysis Tool acts as a tool for cyber security evaluations of system architectures. To verify the accuracy and readiness of the tool, a generic model of a real life Supervisory Control And Data Acquisition System’s system architecture was modeled using the tool and later evaluated. The evaluation process consisted of a Turing test, which was the same method used for evaluation of the Predictive, Probabilistic Cyber Security Modelling Language predecessor the Cyber Security Modelling Language. For the Turing test, interviews were held with five domain experts within cyber security. Four of which were tasked with creating attack paths given a scenario in the modeled system architecture. The Predictive, Probabilistic Cyber Security Modelling Language was given the same task as the four experts. The attack paths created were consolidated in a standardized form for the last internal company expert within cyber security to evaluate. An expert evaluator was tasked with grading the attack paths produced by the four experts and the Predictive, Probabilistic Cyber Security Modelling Language. The grading was based on how probable the attack paths were perceived by the internal expert. The conclusion was made that given the limitations of the study, the Predictive, Probabilistic Cyber Security Modelling Language produced a cyber security evaluation that was as probable as those created by the human cyber security experts. The results produced were also consistent with the results produced by the Predictive, Probabilistic Cyber Security Modelling Language predecessor the Cyber Security Modelling Language in a previous study. Suggestions for further studies were also introduced which could complement this study and further strengthen the results. This thesis was a collaboration between ABB Enterprise Software and the members of the team behind the Predictive, Probabilistic Cyber Security Modelling Language at ICS at KTH.Denna rapport beskriver en studie vars mål var att verifiera ett modelleringsspråk för datasäkerhet vid namn Predictive, Probabilistic Cyber Security Modelling Language. Detta modelleringsspråk tillsammans med Enterprise Architecture Analysis Tool utgör ett verktyg för datasäkerhetsutvärderingar av systemarkitekturer. För att verifiera exaktheten och mognadsnivån på verktyget så skapades en generisk modell av ett verkligt Supervisory Control And Data Acquisition System-systems arkitektur. Denna modell utvärderades i ett senare skede. Utvärderingsprocessen bestod av ett Turingtest, som är samma metod som användes i en tidigare utvärdering av Predictive, Probabilistic Cyber Security Modelling Languages föregångare Cyber Security Modelling Language. För Turingtestet hölls fem intervjuer med domänexperter inom datasäkerhet. Fyra av dessa fick i uppgift att skapa attackvägar givet ett scenario i den modellerade systemarkitekturen. Attackvägarna som skapades sammanställdes i ett standardiserat formulär för den sista interna företagsexperten inom datasäkerhet att utvärdera. En expertutvärderare fick i uppgift att betygsätta de attackvägar som hade producerats av de fyra experterna och Predictive, Probabilistic Cyber Security Modelling Language. Betygsättningen baserades på hur sannolika de olika attackvägarna uppfattades av den interna experten. Slutsatsen som gjordes var att givet begränsningarna i studien, så producerade Predictive, Probabilistic Cyber Security Modelling Language en datasäkerhetsutvärdering som var likvärdigt sannolik jämfört med de som skapades av mänskliga experter. Resultaten som producerades var också konsistenta med resultaten som producerades av Predictive, Probabilistic Cyber Security Modelling Language föregångare Cyber Security Modelling Language i en tidigare studie. Förslag på kommande studier som skulle komplettera denna studie och stärka resultaten ytterligare introducerades också. Detta examensarbete var ett samarbete mellan ABB Enterprise Software och medlemmarna i teamet bakom Predictive, Probabilistic Cyber Security Modelling Language på ICS på KTH.
4
Moe, Lwin P. "Cyber security risk analysis framework : network traffic anomaly detection." Thesis, Massachusetts Institute of Technology, 2018. http://hdl.handle.net/1721.1/118536.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2018.Cataloged from PDF version of thesis.
Includes bibliographical references (pages 84-86).
Cybersecurity is a growing research area with direct commercial impact to organizations and companies in every industry. With all other technological advancements in the Internet of Things (IoT), mobile devices, cloud computing, 5G network, and artificial intelligence, the need for cybersecurity is more critical than ever before. These technologies drive the need for tighter cybersecurity implementations, while at the same time act as enablers to provide more advanced security solutions. This paper will discuss a framework that can predict cybersecurity risk by identifying normal network behavior and detect network traffic anomalies. Our research focuses on the analysis of the historical network traffic data to identify network usage trends and security vulnerabilities. Specifically, this thesis will focus on multiple components of the data analytics platform. It explores the big data platform architecture, and data ingestion, analysis, and engineering processes. The experiments were conducted utilizing various time series algorithms (Seasonal ETS, Seasonal ARIMA, TBATS, Double-Seasonal Holt-Winters, and Ensemble methods) and Long Short-Term Memory Recurrent Neural Network algorithm. Upon creating the baselines and forecasting network traffic trends, the anomaly detection algorithm was implemented using specific thresholds to detect network traffic trends that show significant variation from the baseline. Lastly, the network traffic data was analyzed and forecasted in various dimensions: total volume, source vs. destination volume, protocol, port, machine, geography, and network structure and pattern. The experiments were conducted with multiple approaches to get more insights into the network patterns and traffic trends to detect anomalies.
by Lwin P. Moe.
S.M. in Engineering and Management
5
Ellithorpe, James O. "The Role and Impact of Cyber Security Mentoring." Thesis, Walden University, 2016. http://pqdtopen.proquest.com/#viewpdf?dispub=10126660.
Full textAbstract:
Business organizations are faced with an enormous challenge to improve cyber security, as breeches and lapses through firewalls are increasingly commonplace. The Chief Information Security Officer (CISO) and Information Technology (IT) staff are constantly challenged to identify and purge online and network structural weaknesses. The goal is to reduce overall business risk because unresolved risks are a constant concern to consumers who are uneasy about cyber security failures. The purpose of this general qualitative study was to examine the role and impact of Cyber Security Mentoring (CSM) from the perspectives of the workplace CISO, mentors, and protégés, who were randomly polled from various workplace settings across the United States. Mentoring allows IT staff members to learn from their CISOs and from workplace mentor mistakes and successes. Workplace IT staff are also closest to the various attack methodologies used by cyber hackers, and cohort and dyadic mentoring may provide insight into and responding to cyber-attacks and improving cyber defenses. Sixty-eight sets of respondent data relating to field experience, formal education, professional industry cyber security certifications, and mentoring were compared and examined between respondents. The goal was to determine where respondents agreed and disagreed on issues pertaining to cyber security and CSM. The findings suggested that CSM with a qualified mentor could improve cyber security in the workplace; in addition, more time must be devoted to continued professional education. Implications for positive social change included the use of CSM to enhance cyber security through the sharing of incidents, mindsets, procedures and expertise, and improvement of customer-consumer security confidence.
6
Cook, Kimberly Diane. "Effective Cyber Security Strategies for Small Businesses." ScholarWorks, 2017. https://scholarworks.waldenu.edu/dissertations/3871.
Full textAbstract:
Disruptive technologies developed in the digital age expose individuals, businesses, and government entities to potential cyber security vulnerabilities. Through the conceptual framework of general systems theory, this multiple case study was used to explore the strategies among owners of 4 retail small- and medium-size enterprises (SMEs) in Melbourne, Florida, who successfully protected their businesses against cyber attacks. The data were collected from a review of archival company documents and semistructured interviews. Yin's 5-phased cycles for analyzing case studies provided the guidelines for the data analysis process. Three themes emerged from thematic analysis across the data sets: cyber security strategy, reliance on third-party vendors for infrastructure services, and cyber security awareness. The study findings indicated that the SME owners' successful cyber security strategies might serve as a foundational guide for others to assess and mitigate cyber threat vulnerabilities. The implications for positive social change include the potential to empower other SME owners, new entrepreneurs, and academic institutions with successful cyber security strategies and resources to affect changes within the community. SME owners who survive cyber attacks may spur economic growth by employing local residents, thus stimulating the socioeconomic lifecycle. Moreover, implementation of these successful strategies may catalyze consumer confidence, resulting in greater economic prosperity.
7
Salim, Hamid M. "Cyber safety : a systems thinking and systems theory approach to managing cyber security risks." Thesis, Massachusetts Institute of Technology, 2014. http://hdl.handle.net/1721.1/90804.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, Engineering Systems Division, System Design and Management Program, 2014.Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2014.
93
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 148-156).
If we are to manage cyber security risks more effectively in today's complex and dynamic Web 2.0 environment, then a new way of thinking is needed to complement traditional approaches. According to Symantec's 2014 Internet Security Threat Report, in 2012 more than ten million identities that included real names, dates of birth, and social security were exposed by a single breach. In 2013 there were eight breaches that each exposed over ten million identities. These breaches were recorded despite the fact that significant resources are expended, on managing cyber security risks each year by businesses and governments. The objective of this thesis was twofold. The first objective was to understand why traditional approaches for managing cyber security risks were not yielding desired results. Second, propose a new method for managing cyber security risks more effectively. The thesis investigated widely used approaches and standards, and puts forward a method based on the premise that traditional technology centric approaches have become ineffective on their own. This lack of efficacy can be attributed primarily to the fact that, Web 2.0 is a dynamic and a complex socio-technical system that is continuously evolving. This thesis proposes a new method for managing cyber security risks based on a model for accident or incident analysis, used in Systems Safety field. The model is called System-Theoretic Accident Model and Processes (STAMP). It is rooted in Systems Thinking and Systems Theory. Based on a case study specifically written for this thesis, the largest cyber-attack reported in 2007 on a major US based retailer, is analyzed using the STAMP model. The STAMP based analysis revealed insights both at systemic and detailed level, which otherwise would not be available, if traditional approaches were used for analysis. Further, STAMP generated specific recommendations for managing cyber security risks more effectively.
by Hamid M. Salim.
S.M. in Engineering and Management
S.M.
8
Dutta, Saurabh. "Striking a balance between usability and cyber-security in IoT devices/." Thesis, Massachusetts Institute of Technology, 2017. http://hdl.handle.net/1721.1/113508.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2017.Cataloged from PDF version of thesis.
Includes bibliographical references (pages 67-74).
Today more and more physical objects are being connected to internet. The Internet of Things, or loT, is dramatically changing the way of living and the way we interact with things and each other. Home doors can be opened remotely with a watch, cars' performance can be upgraded remotely, devices monitor health and send updates to physicians remotely. loT technology has made some labor-intensive jobs simple and has the potential to simplify and enhance nearly every aspect of our lives. On the other hand, increased levels of high profile cyber security breaches in recent years have made it clear how important it is to make sure these devices are trustworthy and secure. While most users are aware of how critical it is to secure their laptops, mobile devices, and apps, due to the seamless ways in which loT devices integrates into our daily lives, users are often unaware of risks associated with them. At the same time, IoT device makers are aggressively releasing new products in a mad race to establish themselves in this emerging market. Increased pressure to differentiate on usability based functionalities has spurred products and features that are not properly vetted for security. Gartner predicts that by 2020, more than 25% of identified enterprise attacks will involve IoT, though loT will account for only 10% of IT security budgets. As loT continues to grow, vendors will favor usability over security and IT security practitioners remain unsure of the correct amount of acceptable risk.
by Saurabh Dutta.
S.M. in Engineering and Management
9
Sheen, Frank Jordan. "An Extensible Technology Framework for Cyber Security Education." BYU ScholarsArchive, 2015. https://scholarsarchive.byu.edu/etd/4375.
Full textAbstract:
Cyber security education has evolved over the last decade to include new methods of teaching and technology to prepare students. Instructors in this field of study often deal with a subject matter that has rigid principles, but changing ways of applying those principles. This makes maintaining courses difficult. This case study explored the kind of teaching methods, technology, and means used to explain these concepts. This study shows that generally, cyber security courses require more time to keep up to date. It also evaluates one effort, the NxSecLab, on how it attempted to relieve the administrative issues in teaching these concepts. The proposed framework in this model looks at ways on how to ease the administrative burden in cyber security education by using a central engine to coordinate learning management with infrastructure-as-a-service resources.
10
Reid, Rayne. "A brain-compatible approach to the presentation of cyber security educational material." Thesis, Nelson Mandela Metropolitan University, 2012. http://hdl.handle.net/10948/d1019895.
Full textAbstract:
Information is an extremely important asset in modern society. It is used in most daily activities and transactions, and, thus, the importance of information is acknowledged by both organisational and private home information users. Unfortunately, as with any asset, there are often threats to this asset and, therefore, an information security solution is required to protect information against potential threats. Human beings play a major role in the implementation and governing of an entire information security process and, therefore, they have responsibilities in this regard. Thus, the effectiveness of any information security solutions in either an organisational or a private context is dependent on the human beings involved in the process. Accordingly, if these human beings are either unaware or not knowledgeable about their roles in the security solution they become the weak link in the information security solutions and, thus, it is essential that all these information users be educated in order to combat any threats to the information security. Many of the current information security education programmes and materials are not effective, possibly because the majority of these current approaches have been designed without using a sound pedagogical theory. In addition, many of these programmes also only target organisational users. This, in turn, is problematic as information security education is required by everybody, organisational and private information users alike. This dissertation addressed the lack of a pedagogical basis in the designing of information security educational courses suited to an extremely broad target audience. Accordingly, the dissertation set out to demonstrate how a pedagogy, which is broadly used and accepted for a diverse target audience of learners, could be applied to the design of the presentation of a web based, cyber security educational courses.
11
Nelson, Natalia (Natalia Natasha). "How companies achieve balance between technology enabled innovation and cyber-security." Thesis, Massachusetts Institute of Technology, 2016. http://hdl.handle.net/1721.1/104552.
Full textAbstract:
Thesis: M.B.A., Massachusetts Institute of Technology, Sloan School of Management, 2016.Cataloged from PDF version of thesis.
Includes bibliographical references (pages 117-120).
With increasing economic pressures and exponential growth in technological innovations, companies are increasingly relying on digital technologies to fulfill their innovation and value creation agendas. At the same time, based on the increasing levels of cyber-security breaches, it is clear that the trustworthiness of many established and new technologies is not yet well addressed or appreciated as a fundamental core value in the new digital economy. Consequently, companies are aggressively pursuing strategies to increase cybersecurity of their existing and new digital assets. Many ClOs are faced with having to deal with both of these priorities simultaneously and find them to be frequently conflicting, and creating tensions. This exploratory study first introduces a framework for evaluating these risk/reward trade-offs. Through a survey and a series of interviews, companies are positioned in different quadrants on a digital innovation and cyber-security maturity matrix. This positioning is then overlaid with the perceptual negative impact of cyber-security controls on the innovative projects. The thesis then analyzes the industry level, firm level, technology management and the technology maturity factors that affect this perception and these trade-offs. Ultimately the thesis provides a set of practical recommendations for any company to evaluate their own positioning on the innovation / cyber-security matrix, understand the underlying factors that affect that position and how to better manage these trade-offs.
by Natalia (Natasha) Nelson.
M.B.A.
12
Marcos, Conca Alexandre. "A Solution to Selecting Cyber-Security Software Tools for an Organization Using Security Controls." Thesis, KTH, Elkraftteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-205272.
Full textAbstract:
In the last decade, cyber-threats have evolved dramatically, forcing organizations yearafter year to use increasingly sophisticated security measures, security software amongothers. This has led to a huge increase in the number of security tools available in theindustry. The result of the increase is that that companies often do not know in whichsoftware to invest in order to meet their security needs. The purpose of this thesis isto address this problem by developing a solution that helps companies to choose theright security software based on their security needs and that allows to do the selectionprocess in a systematic and reliable way.The solution proposed in the thesis builds on interviews with experts in information security,data collection from the literature and Internet and on a case study. The solutionconsists of rstly an investigate method with which it is possible to categorize any securitytool according to the list of cyber-security controls proposed by CIS Critical SecurityControls (CSC), which were chosen after a comparative study with other publicly availablecontrols because they are actionable, relevant and updated frequently. Secondly,the solution proposes a user-friendly web tool that has been developed to allow the usersto visualize the collected information for comparison. The visualization tool will helpthe users to select the security tools in which the company could be interested to investin. The visualization is done in a simple way and the CSCs that would be covered areshown together with the gaps and the overlaps of the selected tools. In order to verifythe viability of the solution that was developed with real data, the project includes acase study with a representative set of security tools. The case study facilitates thecomprehension of the process undertaken and shows how this method could be appliedin a real case scenario.Under det senaste decenniet har cyberhot utvecklats dramatiskt. Hotet tvingar organisationeratt år efter år använda allt mer sofistikerade säkerhetsåtgärder, bland annatsäkerhetsmjukvara. Detta har lett till en enorm ökning av antalet av säkerhetsverktygsom finns i branschen. Resultatet av ökningen är att företag ofta inte vet i vilken programvarade borde investera i för att möta sina säkerhetsbehov. Syftet med dennarapporten är att ta itu med detta problem genom att utveckla en lösning som hjälperföretag att välja rätt säkerhetsprogramvara baserat på deras säkerhetsbehov och somgör urvalsprocessen på ett systematiskt och tillförlitligt sätt.Den lösning som föreslås i rapporten bygger på intervjuer med experter inom informationssäkerhet, datainsamling från litteraturen och Internet och på en fallstudie. Lösningenbestår först av en utredningsmetod med vilken det är möjligt att kategorisera vilketsäkerhetsverktyg som helst enligt listan över cybersäkerhetskontroller som publiceras avCIS Critical Security Controls (CSC). CSC valdes efter en jämförande studie som inkluderadeandra allmänt tillgängliga förteckningar över kontrollerna, eftersom CSC kontrollerär genomförbara, relevanta och uppdateras ofta. För det andra föreslår lösningen ettanvändarvänligt webbverktyg som har utvecklats för att göra det möjligt för användareatt visualisera den insamlade informationen för jämförelse. Visualiseringsverktyget kommeratt hjälpa användarna välja säkerhetsverktyg som företaget kan vara intresseradeav att investera i. Visualiseringen sker på ett enkelt sätt och CSCs som omfattas visastillsammans med de luckor och överlappningar som finns i den valda programvaran.För att bekräfta genomförbarhet för den lösning som utvecklats med verkliga data,omfattar projektet en fallstudie med ett representativt urval av säkerhetsverktyg. Fallstudienunderlättar förståelsen för klassificeringen och urvalsprocessen genom att visahur denna metod skulle kunna tillämpas i ett verkligt fall.
13
Erkan, Ahmet. "An Automated Tool For Information Security Management System." Master's thesis, METU, 2006. http://etd.lib.metu.edu.tr/upload/12607783/index.pdf.
Full textAbstract:
This thesis focuses on automation of processes of Information Security
Management System. In accordance with two International Standards, ISO/IEC
27001:2005 and ISO/IEC 17799:2005, to automate the activities required for a
documented ISMS as much as possible helps organizations. Some of the well
known tools in this scope are analyzed and a comparative study on them including
&ldquoInfoSec Toolkit&rdquo
, which is developed for this purpose in the thesis scope, is given. &ldquo
InfoSec Toolkit&rdquo
is based on ISO/IEC 27001:2005 and ISO 17799:2005. Five basic integrated modules constituting the &ldquo
InfoSec Toolkit&rdquo
are &ldquo
Gap Analysis Module&rdquo
, &ldquo
Risk Module&rdquo
, &ldquo
Policy Management Module&rdquo
, &ldquo
Monitoring Module&rdquo
and &ldquo
Query and Reporting Module&rdquo
. In addition a research framework is proposed in order to assess the public and private organizations&rsquo
information security situation in Turkey.
14
Hansch, Gerhard [Verfasser]. "Automating Security Risk and Requirements Management for Cyber-Physical Systems / Gerhard Hansch." Göttingen : Niedersächsische Staats- und Universitätsbibliothek Göttingen, 2020. http://d-nb.info/1223171639/34.
Full text
15
Iheagwara, Charles M. "The strategic implications of the current Internet design for cyber security." Thesis, Massachusetts Institute of Technology, 2011. http://hdl.handle.net/1721.1/67554.
Full textAbstract:
Thesis (S.M. in Engineering and Management)--Massachusetts Institute of Technology, Engineering Systems Division, System Design and Management Program, 2011.Cataloged from PDF version of thesis.
Includes bibliographical references (p. 87-89).
In the last two decades, the Internet system has evolved from a collection point of a few networks to a worldwide interconnection of millions of networks and users who connect to transact virtually all kinds of business. The evolved network system is also known as Cyberspace. The use of Cyberspace is now greatly expanded to all fields of human endeavor by far exceeding the original design projection. And even though, the Internet architecture and design has been robust enough to accommodate the extended domains of uses and applications, it has also become a medium used to launch all sorts of Cyber attacks that results into several undesirable consequences to users. This thesis analyzes the current Internet system architecture and design and how their flaws are exploited to launch Cyber attacks; evaluates reports from Internet traffic monitoring activities and research reports from several organizations; provides a mapping of Cyber attacks to Internet architecture and design flaw origin; conducts Internet system stakeholder analysis; derives strategic implications of the impact of Internet system weaknesses on Cyber security; and makes recommendations on the broader issues of developing effective strategies to implement Cyber security in enterprise systems that have increasingly become complex. From a global architectural design perspective, the study conducted demonstrates that although the Internet is a robust design, the lack of any means of authentication on the system is primarily responsible for the host of Cyber security issues and thus has become the bane of the system. Following the analysis, extrapolation of facts and by inferences we conclude that the myriad of Cyber security problems will remain and continue on the current exponential growth path until the Internet and in particular the TCP/IP stack is given the ability to authenticate and that only through a collaborative effort by all stakeholders of the Internet system can the other major Cyber security issues be resolved especially as it relates to envisioning and fashioning new Cyber security centric technologies.
by Charles M. Iheagwara.
S.M.in Engineering and Management
16
Hou, Chengjun. "Dynamic Programming under Parametric Uncertainty with Applications in Cyber Security and Project Management." The Ohio State University, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=osu1437676379.
Full text
17
Rabbani, Talvia. "Empirical Testing of the CySeMoL Tool for Cyber Security Assessment – Case Study of Linux Server and MySQL." Thesis, KTH, Skolan för elektro- och systemteknik (EES), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-187664.
Full textAbstract:
In this Master Thesis, several common applications used with MySQL and Linux server are modelled using the Enterprise Architecture Analysis Tool (EAAT) and the Cyber Security Modelling Language (CySeMoL), both developed by the Department of Industrial Information and Control System (ICS) at KTH. The objective of this study is to use the CySeMoL tool to evaluate the feasibility and correctness of the tool by simulating some particular type of attacks on a real life Linux server. A few common applications with MySQL on a Linux server and two Linux operating system services are modelled and explained together with their detailed information and defense mechanisms. A real life penetration test has then been carried out in order to validate the simulated results from the tool. The results of the analysis suggest that the security vulnerability predictions done by CySeMoL on a Linux server has good predictive performance.I denna Masteruppsats modelleras ett antal vanliga applikationer på en MySQL- och Linuxplattform med hjälp av Enterprise Architecture Analysis Tool (EAAT) tillsammans med Cybersecurity Modeling Language (CySeMoL). Båda dessa är utvecklade vid avdelningen för industriella informations- och styrsystem (ICS) på KTH. Syftet med denna studie är att validera korrektheten av CySeMoL-verktygets sårbarhetsprediktioner genom att simulera ett antal specifika cyberattacker mot en Linuxplattform. Ett antal vanligt förekommande applikationer på en MySQL-plattform samt två operativsystemstjänster i en Linuxserver modelleras. Penetrationstest utförs därefter för att validera resultaten som simuleras i CySeMoL-verktyget. Studien visar att CySeMols förutsägelser stämmer väl med resultaten av penetrationstesterna.
18
Ayereby, Manouan Pierre-Marius. "Overcoming Data Breaches and Human Factors in Minimizing Threats to Cyber-Security Ecosystems." ScholarWorks, 2018. https://scholarworks.waldenu.edu/dissertations/6163.
Full textAbstract:
This mixed-methods study focused on the internal human factors responsible for data breaches that could cause adverse impacts on organizations. Based on the Swiss cheese theory, the study was designed to examine preventative measures that managers could implement to minimize potential data breaches resulting from internal employees' behaviors. The purpose of this study was to provide insight to managers about developing strategies that could prevent data breaches from cyber-threats by focusing on the specific internal human factors responsible for data breaches, the root causes, and the preventive measures that could minimize threats from internal employees. Data were collected from 10 managers and 12 employees from the business sector, and 5 government managers in Ivory Coast, Africa. The mixed methodology focused on the why and who using the phenomenological approach, consisting of a survey, face-to-face interviews using open-ended questions, and a questionnaire to extract the experiences and perceptions of the participants about preventing the adverse consequences from cyber-threats. The results indicated the importance of top managers to be committed to a coordinated, continuous effort throughout the organization to ensure cyber security awareness, training, and compliance of security policies and procedures, as well as implementing and upgrading software designed to detect and prevent data breaches both internally and externally. The findings of this study could contribute to social change by educating managers about preventing data breaches who in turn may implement information accessibility without retribution. Protecting confidential data is a major concern because one data breach could impact many people as well as jeopardize the viability of the entire organization.
19
Nunes, Sérgio Rodrigues. "Value focused assessment of cyber risks to gain benefits from security investments." Doctoral thesis, Instituto Superior de Economia e Gestão, 2018. http://hdl.handle.net/10400.5/15874.
Full textAbstract:
Doutoramento em GestãoCom a multiplicação de dispositivos tecnológicos e com as suas complexas interacções, os ciber riscos não param de crescer. As entidades supervisoras estabelecem novos requisitos para forçar organizações a gerir os ciber riscos. Mesmo com estas crescentes ameaças e requisitos, decisões para a mitigação de ciber riscos continuam a não ser bem aceites pelas partes interessadas e os benefícios dos investimentos em segurança permanecem imperceptíveis para a gestão de topo. Esta investigação analisa o ciclo de vida da gestão de ciber risco identificando objectivos de mitigação de ciber risco, capturados de especialistas da área, prioritizando esses objectivos para criar um modelo de decisão para auxiliar gestores de risco tendo em conta vários cenários reais, desenvolvendo um conjunto de princípios de gestão de risco que possibilitam o estabelecimento de uma base para a estratégia de ciber risco aplicável e adaptável às organizações e finalmente a avaliação dos benefícios dos investimentos em segurança para mitigação dos ciber riscos seguindo uma abordagem de melhoria contínua. Duas frameworks teóricas são integradas para endereçar o ciclo de vida completo da gestão de ciber risco: o pensamento focado em valor guia o processo de decisão e a gestão de benefícios assegura que os benefícios para o negócio são realizados durante a implementação do projecto, depois de tomada a decisão para investir numa solução de segurança para mitigação do ciber risco.
With the multiplication of technological devices and their multiple complex interactions, the cyber risks keep increasing. Supervision entities establish new compliance requirements to force organizations to manage cyber risks. Despite these growing threats and requirements, decisions in cyber risk minimization continue not to be accepted by stakeholders and the business benefits of security investments remain unnoticed to top management. This research analyzes the cyber risk management lifecycle by identifying cyber risk mitigation objectives captured from subject matter experts, prioritizing those objectives in a cyber risk management decision model to help risk managers in the decision process by taking into account multiple real scenarios, developing the baseline of cyber risk management principles to form a cyber risk strategy applicable and adaptable to current organizations and finally evaluating the business benefits of security investments to mitigate cyber risks in a continuous improvement approach. Two theoretical frameworks are combined to address the full cyber risk management lifecycle: value focused thinking guides the decision process and benefits management ensures that business benefits are realized during project implementation, after the decision is taken to invest in a security solution to mitigate cyber risk.
info:eu-repo/semantics/publishedVersion
20
Azab, Mohamed Mahmoud Mahmoud. "Cooperative Autonomous Resilient Defense Platform for Cyber-Physical Systems." Diss., Virginia Tech, 2013. http://hdl.handle.net/10919/19273.
Full textAbstract:
Cyber-Physical Systems (CPS) entail the tight integration of and coordination between computational and physical resources. These systems are increasingly becoming vital to modernizing the national critical infrastructure systems ranging from healthcare, to transportation and energy, to homeland security and national defense. Advances in CPS technology are needed to help improve their current capabilities as well as their adaptability, autonomicity, efficiency, reliability, safety and usability. Due to the proliferation of increasingly sophisticated cyber threats with exponentially destructive effects, CPS defense systems must systematically evolve their detection, understanding, attribution, and mitigation capabilities. Unfortunately most of the current CPS defense systems fall short to adequately provision defense services while maintaining operational continuity and stability of the targeted CPS applications in presence of advanced persistent attacks. Most of these defense systems use un-coordinated combinations of disparate tools to provision defense services for the cyber and physical components. Such isolation and lack of awareness of and cooperation between defense tools may lead to massive resource waste due to unnecessary redundancy, and potential conflicts that can be utilized by a resourceful attacker to penetrate the system. Recent research argued against the suitability of the current security solutions to CPS environments. We assert the need for new defense platforms that effectively and efficiently manage dynamic defense missions and toolsets in real-time with the following goals:
1) Achieve asymmetric advantage to CPS defenders, prohibitively increasing the cost for attackers;
2) Ensure resilient operations in presence of persistent and evolving attacks and failures; and
3) Facilitate defense alliances, effectively and efficiently diffusing defense intelligence and operations transcending organizational boundaries.
Our proposed solution comprehensively addresses the aforementioned goals offering an evolutionary CPS defense system. The presented CPS defense platform, termed CyPhyCARD (Cooperative Autonomous Resilient Defenses for Cyber-Physical systems) presents a unified defense platform to monitor, manage, and control the heterogeneous composition of CPS components. CyPhyCARD relies on three interrelated pillars to construct its defense platform. CyPhyCARD comprehensively integrates these pillars, therefore building a large scale, intrinsically resilient, self- and situation- aware, cooperative, and autonomous defense cloud-like platform that provisions adequate, prompt, and pervasive defense services for large-scale, heterogeneously-composed CPS. The CyPhyCARD pillars are:
1) Autonomous management platform (CyberX) for CyPhyCARD\'s foundation. CyberX enables application elasticity and autonomic adaptation to changes by runtime diversity employment, enhances the application resilience against attacks and failures by multimodal recovery mechanism, and enables unified application execution on heterogeneously composed platforms by a smart employment of a fine-grained environment-virtualization technology.
2) Diversity management system (ChameleonSoft) built on CyberX. ChameleonSoft encrypts software execution behavior by smart employment of runtime diversity across multiple dimensions to include time, space, and platform heterogeneity inducing a trace-resistant moving-target defense that works on securing CyPhyCARD platform against software attacks.
3) Evolutionary Sensory system (EvoSense) built on CyberX. EvoSense realizes pervasive, intrinsically-resilient, situation-aware sense and response system to seamlessly effect biological-immune-system like defense. EvoSense acts as a middle layer between the defense service provider(s) and the Target of Defense (ToD) creating a uniform defense interface that hides ToD\'s scale and heterogeneity concerns from defense-provisioning management.
CyPhyCARD is evaluated both qualitatively and quantitatively. The efficacy of the presented approach is assessed qualitatively, through a complex synthetic CPS attack scenario. In addition to the presented scenario, we devised multiple prototype packages for the presented pillars to assess their applicability in real execution environment and applications. Further, the efficacy and the efficiency of the presented approach is comprehensively assessed quantitatively by a set of custom-made simulation packages simulating each CyPhyCARD pillar for performance and security evaluation. The evaluation illustrated the success of CyPhyCARD and its constructing pillars to efficiently and effectively achieve its design objective with reasonable overhead.
Ph. D.
21
Jung, Jeyong. "A study of cyber security management within South Korean businesses : an examination of risks and cybercrime involving industrial security." Thesis, University of Portsmouth, 2018. https://researchportal.port.ac.uk/portal/en/theses/a-study-of-cyber-security-management-within-south-korean-businesses(4f6f8a10-c31a-4eec-b092-2b38ac8815d9).html.
Full textAbstract:
This study aims to empirically explore and evaluate the current state of cyber security management for small and medium-sized businesses in South Korea. As academic discourse relating to the cyber security management of businesses is relatively new, there is a clear lack of literature relating to this discipline. This study, therefore, looks to address this issue by taking an exploratory approach to the subject. Based on various sources in the UK, this study used the UK’s cyber security framework as a conceptual model against which conditions in South Korea were examined. Drawing on a mixed methods approach, this study employed three research methods: documentary research, quantitative questionnaires, and qualitative interviews. In the quantitative phase, current situations of the businesses in relation to cyber security were assessed and differences by business sectors and sizes were identified. In the qualitative phase, five themes were identified. Findings from the quantitative and qualitative research were triangulated with the existing literature, including the qualitative results describing the empirical field of enquiry, to present a holistic picture of cyber security management of South Korean businesses. It was revealed that small and medium-sized businesses did not have a structural mechanism to prevent or mitigate risks at the pre-breach stage. Rather, they focused on responses at the post-breach stage. This finding demonstrated that small and medium-sized businesses were not prepared for the risks and threats from a preventative point of view. In addition, management of cyber security in businesses was not an isolated mechanism, but affected by external influences and initiatives. However, small and medium-sized businesses relied more upon private organisations than public organisations, which indicates that there was an insufficient role of public sector organisations in protecting small and medium-sized businesses. In conclusion, this research has proposed an integrated cyber security risk management model. The framework was based on the argument that cyber security management relates to three elements: risk assessment, organisational behaviours and external factors. It is here that the biggest gains can be made if businesses manage cyber security in a holistic manner and if national leadership is strengthened in the Korean cyber security governance. This empirical research has made a contribution to knowledge in relevant studies by presenting a comprehensive landscape of cyber security management of businesses.
22
Beyer, Dawn Marie. "Constructing a Cyber Preparedness Framework (CPF): The Lockheed Martin Case Study." NSUWorks, 2014. http://nsuworks.nova.edu/gscis_etd/90.
Full textAbstract:
The protection of sensitive data and technologies is critical in preserving United States (U.S.) national security and minimizing economic losses. However, during a cyber attack, the operational capability to constrain the exfiltrations of sensitive data and technologies may not be available. A cyber preparedness methodology (CPM) can improve operational capability and cyber security. The CPM enables a corporation to (a) characterize cyber threats; (b) determine the level of preparedness necessary to ensure mission success; (c) facilitate strategic planning for cyber security (CS); and (d) establish priorities for CS investment planning and management decisions. The cyber preparedness framework (CPF) underlies the CPM. A corporation's leadership articulates its fundamental approach to risk management (RM) and mission assurance, and determines its target level of preparedness. Typically, corporations utilize the CPF to (a) characterize the caliber of the threat; (b) assess the technical and operational capabilities to counter the threat; and (c) develop the governance and processes necessary to achieve its cyber preparedness level.
The problem that was investigated in this case study was how to construct a CPF for Lockheed Martin (LM) that works in conjunction with a risk management process (RMP). The goal was to extend the CPF into an RMP to construct a risk management framework (RMF) paradigm that can aid similarly large-sized private sector U.S. Government (USG) contractors in implementing the CPM. In this investigation, the author identified the corporate (a) security categorization, (b) cyber threats, (c) cyber threat level, (d) cyber preparedness level, (e) capabilities the corporation should utilize to counter cyber threats, and (f) governance and processes necessary to achieve the cyber preparedness level for a large-sized private sector USG contractor. The results of this investigation were organized in terms of RMP phases. Based on the results, the author constructed an RMF paradigm that can aid similarly large-sized USG contractors in implementing a CPM.
23
Twisdale, Jerry Allen. "Exploring SME Vulnerabilities to Cyber-criminal Activities Through Employee Behavior and Internet Access." ScholarWorks, 2018. https://scholarworks.waldenu.edu/dissertations/5428.
Full textAbstract:
Cybercriminal activity may be a relatively new concern to small and medium enterprises (SMEs), but it has the potential to create financial and liability issues for SME organizations. The problem is that SMEs are a future growth target for cybercrime activity as larger corporations begin to address security issues to reduce cybercriminal risks and vulnerabilities. The purpose of this study was to explore a small business owner's knowledge about to the principal elements of decision making for SME investment into cybersecurity education for employees with respect to internet access and employee vulnerabilities. The theoretical framework consisted of the psychological studies by Bandura and Jaishankar that might affect individual decision making in terms of employee risks created through internet use. This qualitative case study involved a participant interview and workplace observations to solicit a small rural business owner's knowledge of cybercriminal exploitation of employees through internet activities such as social media and the potential exploitation of workers by social engineers. Word frequency analysis of the collected data concluded that SME owners are ill equipped to combat employee exploitation of their business through social engineering. Qualitative research is consistent with understanding the decision factors for cost, technical support, and security threat prevention SME organizational leadership use and is the focus of this study as emergent themes. The expectation is that this study will aid in the prevention of social engineering tactics against SME employees and provide a platform for future research for SMEs and cybercriminal activity prevention.
24
Tamrakar, Anjila. "SPICE: A Software Tool for Studying End-user’s Insecure Cyber Behavior and Personality-traits." ScholarWorks@UNO, 2016. http://scholarworks.uno.edu/td/2236.
Full textAbstract:
Insecure cyber behavior of end users may expose their computers to cyber-attack. A first step to improve their cyber behavior is to identify their tendency toward insecure cyber behavior. Unfortunately, not much work has been done in this area. In particular, the relationship between end users cyber behavior and their personality traits is much less explored. This paper presents a comprehensive review of a newly developed, easily configurable, and flexible software SPICE for psychologist and cognitive scientists to study personality traits and insecure cyber behavior of end users. The software utilizes well-established cognitive methods (such as dot-probe) to identify number of personality traits, and further allows researchers to design and conduct experiments and detailed quantitative study on the cyber behavior of end users. The software collects fine-grained data on users for analysis.
25
Takacs, Gergely. "Integration of CTI into security management." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-74246.
Full textAbstract:
Current thesis is a documentative approach to sum up experiences of a practical projectof implementing Cyber Threat Intelligence into an existing information securitymanagement system and delivering best practices using action design researchmethodology. The project itself was delivered to a multinational energy provider in 2017.The aim of the CTI-implementation was to improve the information security posture ofthe customer. The author, as participant of the delivery team presents an extensive reviewof the current literature on CTI and puts the need for threat intelligence into context. Theauthor claims that traditional security management is not able to keep up with currentcybersecurity threats which makes a new approach required. The thesis gives an insightof an actually working and continuously developed CTI-service and offers possible bestpractices for InfoSec professionals, adds theoretical knowledge to the body of knowledgeand opens up new research areas for researchers.
26
McConky, Katie Theresa. "Design and analysis of information fusion, dynamic sensor management rules for cyber security systems using simulation /." Online version of thesis, 2007. http://hdl.handle.net/1850/4895.
Full text
27
Ryttare, Emma. "Change Management: A Key in Achieving Successful Cyber Security : A Multiple Case Study of Organizations in Sweden." Thesis, Luleå tekniska universitet, Institutionen för ekonomi, teknik och samhälle, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-74788.
Full textAbstract:
Purpose – The purpose of this study is to enhance the understanding of how organizations can improve their cyber security with change management. To fulfill the purpose, the following research questions were developed: RQ1: What are the key factors for effective change management in the context of cyber security? and RQ2: How can organizations manage these factors to improve cyber security? Method – A qualitative research method with an inductive approach was chosen. The empirical data collection was performed as a multiple case study with 16 semi-structured interviews with respondents from six organizations, and the data were analyzed through a thematic analysis. Result – The findings of this study is gathered in a framework for successful cyber security culture change that highlights each essential activity for how to improve cyber security with change management. It also shows when and how these activities should be performed, when to consider each leadership characteristic, and what employee sensemaking needs that should be considered during the process. Theoretical contribution – The study contributes to both cyber security literature and change management literature. It contributes to the cyber security literature by providing a processual model that illustrates the factors dependency of each other. Also, by adding the perspective of sensemaking, the study provides an overall picture, with both a leader and employee perspective, of how change management can be used to improve cyber security. Additionally, this study extends earlier change management literature by providing a sensemaking approach to the change process. Managerial implications – The study contributes with valuable insights for management in practice by presenting a framework that can help CISO’s, security consultants or other managers responsible for the organizations security to execute successful cyber security culture change. With the presented framework, they can plan, execute and sustain the change in the organization’s cyber security culture.
28
Teixeira, André. "Toward Cyber-Secure and Resilient Networked Control Systems." Doctoral thesis, KTH, Reglerteknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-154204.
Full textAbstract:
Resilience is the ability to maintain acceptable levels of operation in the presence of abnormal conditions. It is an essential property in industrial control systems, which are the backbone of several critical infrastructures. The trend towards using pervasive information technology systems, such as the Internet, results in control systems becoming increasingly vulnerable to cyber threats. Traditional cyber security does not consider the interdependencies between the physical components and the cyber systems. On the other hand, control-theoretic approaches typically deal with independent disturbances and faults, thus they are not tailored to handle cyber threats. Theory and tools to analyze and build control system resilience are, therefore, lacking and in need to be developed. This thesis contributes towards a framework for analyzing and building resilient control systems. First, a conceptual model for networked control systems with malicious adversaries is introduced. In this model, the adversary aims at disrupting the system behavior while remaining undetected by an anomaly detector The adversary is constrained in terms of the available model knowledge, disclosure resources, and disruption capabilities. These resources may correspond to the anomaly detector’s algorithm, sniffers of private data, and spoofers of control commands, respectively. Second, we address security and resilience under the perspective of risk management, where the notion of risk is defined in terms of a threat’s scenario, impact, and likelihood. Quantitative tools to analyze risk are proposed. They take into account both the likelihood and impact of threats. Attack scenarios with high impact are identified using the proposed tools, e.g., zero-dynamics attacks are analyzed in detail. The problem of revealing attacks is also addressed. Their stealthiness is characterized, and how to detect them by modifying the system’s structure is also described. As our third contribution, we propose distributed fault detection and isolation schemes to detect physical and cyber threats on interconnected second-order linear systems. A distributed scheme based on unknown input observers is designed to jointly detect and isolate threats that may occur on the network edges or nodes. Additionally, we propose a distributed scheme based on local models and measurements that is resilient to changes outside the local subsystem. The complexity of the proposed methods is decreased by reducing the number of monitoring nodes and by characterizing the minimum amount of model information and measurements needed to achieve fault detection and isolation. Finally, we tackle the problem of distributed reconfiguration under sensor and actuator faults. In particular, we consider a control system with redundant sensors and actuators cooperating to recover from the removal of individual nodes. The proposed scheme minimizes a quadratic cost while satisfying a model-matching condition, which maintains the nominal closed-loop behavior after faults. Stability of the closed-loop system under the proposed scheme is analyzed.Ett resilient system har förmågan att återhämta sig efter en kraftig och oväntad störning. Resiliens är en viktig egenskap hos industriella styrsystem som utgör en viktig komponent i många kritiska infrastrukturer, såsom processindustri och elkraftnät. Trenden att använda storskaliga IT-system, såsom Internet, inom styrsystem resulterar i en ökad sårbarhet för cyberhot. Traditionell IT-säkerhet tar inte hänsyn till den speciella koppling mellan fysikaliska komponenter och ITsystem som finns inom styrsystem. Å andra sidan så brukar traditionell reglerteknik fokusera på att hantera naturliga fel och inte cybersårbarheter. Teori och verktyg för resilienta och cybersäkra styrsystem saknas därför och behöver utvecklas. Denna avhandling bidrar till att ta fram ett ramverk för att analysera och konstruera just sådana styrsystem. Först så tar vi fram en representativ abstrakt modell för nätverkade styrsystem som består av fyra komponenter: den fysikaliska processen med sensorer och ställdon, kommunikationsnätet, det digitala styrsystemet och en feldetektor. Sedan införs en konceptuell modell för attacker gentemot det nätverkade styrsystemet. I modellen så beskrivs attacker som försöker undgå att skapa alarm i feldetektorn men ändå stör den fysikaliska processen. Dessutom så utgår modellen ifrån att den som utför attacken har begränsade resurser i fråga om modellkännedom och kommunikationskanaler. Det beskrivna ramverket används sedan för att studera resilens gentemot attackerna genom en riskanalys, där risk definieras utifrån ett hots scenario, konsekvenser och sannolikhet. Kvantitativa metoder för att uppskatta attackernas konsekvenser och sannolikheter tas fram, och speciellt visas hur hot med hög risk kan identifieras och motverkas. Resultaten i avhandlingen illustreras med ett flertal numeriska och praktiska exempel.
QC 20141016
29
Kondamudi, Harini. "Web Service for Knowledge Management Information Tool (KMIT) Hotline module and its Security." FIU Digital Commons, 2010. http://digitalcommons.fiu.edu/etd/262.
Full textAbstract:
This thesis presents the development of a Web Service for the Hotline module of the Knowledge Management Information Tool (KMIT), a tool that is custom built for the decontamination & decommissionin (D&D) community of the Department Of Energy (DOE). The Hotline module allows interested users to post problems to specific areas of interest in the field of D&D. Various clients working with DOE and KMIT want to display the latest published problems of KMIT Hotline search in their own applications on a regular basis. Considering one of the major benefits of Web Services is the ease of integration of one piece of software with another, the Hotline Service is successfully developed and can be plugged into client’s applications by adding a reference to it. In such a distributed environment, messages can flow from node to node, through firewalls, onto the internet and through various intermediaries. This introduces a variety of message security threats. The research for this thesis included a study of the various security risks and scenarios. Appropriate security model is designed and is successfully implemented. Hotline Service can authenticate the client and ensure confidentiality making the service secure to communicate with
30
Hakkestad, Mårten, and Simon Rynningsjö. "Who hacked my toaster? : A study about security management of the Internet of Things." Thesis, Linköpings universitet, Informatik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-158468.
Full textAbstract:
The Internet of Things is a growing area with growing security concerns, new threat emerge almost everyday. Keeping up to date, monitor the network and devices and responding to compromised devices and networks are a hard and complex matters. This bachelor’s thesis aims to discover how a IT-company can work with security management within the Internet of Things, this is done by looking into how a IT-company can work with updating, monitoring and responding within the Internet of Things, as well what challenges there are with working with this. A qualitative research approach was used for this case study along with an interpretative perspective, as well as abductive reasoning. Interviews were performed with employees of a large IT-company based in Sweden, along with extensive document analysis. Our bachelor’s thesis results in challenges with Security Management within the areas updating, monitoring and responding along with how our Case Company works with these security challenges. Largely these challenges can be summarized that everything is harder with the number of devices there are within the Internet of ThingsInternet of Things eller Sakernas internet är ett växande område med en växande hotbild och nya hot uppkommer dagligen. Att hålla sig uppdaterad, övervaka nätverk och enheter samt att reagera på att enheter och nätverk blir hackade är en svår och komplicerad uppgift. Den här uppsatsen ämnar undersöka hur ett IT-företag kan arbeta med säkerhetshantering inom Internet of Things. Detta har gjorts genom att kolla utmaningar och säkerhetslösningar inom de tre områdena uppdatera, övervaka och reagera. En kvalitativ forskningsmetod har använts i denna fallstudie tillsammans med ett tolkande synsätt och en abduktiv ansats. Vi har utfört intervjuer på ett stort IT-företag baserat i Sverige tillsammans med en utförlig dokumentanalys. Resultatet av denna uppsats påvisar ett antal utmaningar inom säkerhetshanteringen inom områdena uppdatera, övervaka och reagera tillsammans med hur vårt fallföretag jobbar med att motarbeta dessa utmaningar. I stort sett kan utmaningarna sammanfattas till att allting är svårare när mängden enheten är så hög som den är inom Internet of Things.
31
Lavine, Michael Keith. "Cyber security information sharing in the United States : an empirical study including risk management and control implications, 2000-2003." Thesis, City University London, 2007. http://openaccess.city.ac.uk/8496/.
Full textAbstract:
A tremendous amount of change in traditional business paradigms has occurred over the past decade through the development of Electronic Commerce and advancements in the field of Information Technology. As lesser-developed countries progress and become more prosperous, traditional 'first world' countries have migrated to become strong service oriented economies (Asch, 2001). Supporting technologies have developed over the past decade which has exploited the benefits of the Internet and other information technologies. While Electronic Commerce continues to grow there is a corresponding impact on computer software and individual privacy (Ghosh and Swaminatha, 2001). Recently, the U.S. National Institute of Standards and Technology (NIST) found that software bugs cost the U.S. economy approximately $59.5 billion, or 60% of the annual Gross Domestic Product (U.S. Department of Commerce, 2003). In addition, we have witnessed a rise in the strength and impact of Denial of Service and other types of computer attacks such as: viruses, trojans, exploit scripts and probes/scans. Popular industry surveys such as the annual Federal Bureau of Investigation/Computer Security Institute (Gordon, Et. Al., 2006) confirm the growing threats in the Information Assurance field. In addition to these concerns our increased reliance on the Internet enabled systems (Loudon and Loudon, 2000), E-Commerce systems and Information Technologies an integrated suite of risks which must be managed effectively across the public and private sectors (Backhouse, Et. Al, 2005, Ghosh and Swamintha, 2001, Parker, 2001, Graf, 1995, Greenberg and Goldman, 1995). Previous research (Rumizen, 1998, Haver, 1998, Roulier, 1998) examined Inter-Organisational, Web Information Systems and Government Information Systems in order to assess how companies and other organisations can effectively design these information systems such that maximum benefits can be achieved for all participating organisations. Furthermore, Davenport, Harris and Delong (2001) and Davenport (1999) explained that collaboration is central to the results of a knowledge management system in which open, nonpolitical, non-competitive entities are involved in environments to achieve optimal individual and collective results. Before this memorable event, some related programmatic initiatives were already in-process at that time. The United States government built upon its active leadership in the areas of computer security and information assurance when it launched a number of important efforts to manage information security threats. This was clearly evident when President Clinton made the U.S. National Infrastructure (NII) a major national priority in the 1990s. One critical development occurred in 1998 when the National Infrastructure Protection Centre was established to be the central point for gathering, analysing and disseminating critical cyber security information and built upon the previous success of the national Computer Emergency Response Team (CERT). Earlier research (Rich, 2001, Soo Hoo, 2000, Howard, 1997 and Landwher, 1994) addressed various aspects of information security information and incident reporting. Also, Vatis (2001) addressed some research considerations in this area while investigating foreign network centric and traditional warfare events primarily through Denial of Service and Web Site Defacement attacks. However, areas for new exploration existed especially as they related to U.S. critical infrastructure protection (Karestand, 2003, Vatis, 2001, U.S. General Accounting Office, 2000, Alexander and Swetham, 1999). Finally, Information and Network Centric Warfare (Arens and Rosenbloom, 2003, Davies, 2000, Denning and Baugh, 2000, and Schwartau, 1997) are increasing national security issues in the War on Terrorism and Homeland Security in general.
32
Lundberg, Johan. "Dynamic Risk Management in Information Security : A socio-technical approach to mitigate cyber threats in the financial sector." Thesis, Örebro universitet, Handelshögskolan vid Örebro Universitet, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:oru:diva-87359.
Full textAbstract:
In the last decade, a new wave of socio-technical cyber threats has emerged that is targeting both the technical and social vulnerabilities of organizations and requires fast and efficient threat mitigations. Yet, it is still common that financial organizations rely on yearly reviewed risk management methodologies that are slow and static to mitigate the ever-changing cyber threats. The purpose of this research is to explore the field of Dynamic Risk Management in Information Security from a socio-technical perspective in order to mitigate both types of threats faster and dynamically to better suit the connected world we live in today. In this study, the Design Science Research methodology was utilized to create a Dynamic Information Security Risk Management model based on functionality requirements collected through interviews with professionals in the financial sector and structured literature studies. Finally, the constructed dynamic model was then evaluated in terms of its functionality and usability. The results of the evaluation showed that the finalized dynamic risk management model has great potential to mitigate both social and technical cyber threats in a dynamic fashion.Under senaste decenniet har en ny våg av sociotekniska cyberhot uppkommit som är riktade både mot de sociala och tekniska sårbarheterna hos organisationer. Dessa hot kräver snabba och effektiva hotreduceringar, dock är det fortfarande vanligt att finansiella organisationer förlitar sig på årligen granskade riskhanteringsmetoder som både är långsamma och statiska för att mildra de ständigt föränderliga cyberhoten. Syftet med denna forskning är att undersöka området för dynamisk riskhantering inom informationssäkerhet ur ett sociotekniskt perspektiv, med målsättningen att snabbare och dynamiskt kunna mildra bägge typerna av hot för att bättre passa dagens uppkopplade värld. I studien användes Design Science Research för att skapa en dynamisk riskhanteringsmodell med syfte att hantera sociotekniska cyberhot mot informationssäkerheten. Riskhanteringsmodellen är baserad på funktionskrav insamlade genom intervjuer med yrkesverksamma inom finanssektorn, samt strukturerade litteraturstudier. Avslutningsvis utvärderades den konstruerade dynamiska modellen avseende dess funktionalitet och användbarhet. Resultaten av utvärderingen påvisade att den slutgiltiga dynamiska riskhanteringsmodellen har en stor potential att mitigera både sociala och tekniska cyberhot på ett dynamiskt sätt.
33
Hachem, Nabil. "MPLS-based mitigation technique to handle cyber attacks." Thesis, Evry, Institut national des télécommunications, 2014. http://www.theses.fr/2014TELE0013/document.
Full textAbstract:
Les cyber-attaques pourraient engendrer des pertes qui sont de plus en plus importantes pour les utilisateurs finaux et les fournisseurs de service. Ces attaques sont, en outre, élevées par une myriade des ressources infectées et comptent surtout sur les réseaux pour être contrôlées, se propager ou endommager. Face à ces risques, il y a un besoin essentiel qui se manifeste dans la réponse à ces nombreuses attaques par des stratégies de défense efficaces. Malgré les multitudes efforts dévouées pour mettre en œuvre des techniques de défense complètes afin de se protéger contre les attaques réseaux; les approches proposées n’ont pas parvenus à satisfaire toutes les exigences. Les stratégies de défense impliquent un processus de détection complété par des actions de mitigation. Parallèlement à l’importance accordée à la conception des stratégies de détection, il est essentiel de fermer la boucle de sécurité avec des techniques efficaces permettant d’atténuer les impacts des différentes attaques. Dans cette thèse, nous proposons une technique pour réagir aux attaques qui abusent les ressources du réseau, par exemple, DDoS, botnet, distribution des vers, etc. La technique proposée s’appuie sur des approches de gestion du trafic et utilise le standard Multiprotocol Label Switching (MPLS) pour gérer le trafic diagnostiqué comme abusant du réseau, tout en invoquant les processus de détection. Les objectifs de notre technique peuvent être résumés comme suit: d’une part, fournir les moyens — par la qualité de service et schémas de routage — à séparer les flux suspects des légitimes, et d’autre part de prendre le contrôle des flux suspects. Nous bénéficions de l’extension du MPLS au niveau d’inter-domaine pour permettre une coopération entre les fournisseurs, permettant par suite la construction d’un mécanisme de défense à grande échelle. Nous développons un système afin de compléter les aspects de gestion de la technique proposée. Ce système effectue plusieurs tâches telles que l’extraction de données d’alerte, l’adaptation de la stratégie et la configuration des équipements. Nous modélisons le système en utilisant une approche de regroupement et un langage de politiques de sécurité afin de gérer de manière cohérente et automatique le contexte et l’environnement dans lequel la technique de mitigation est exécutée. Enfin, nous montrons l’applicabilité de la technique et du système à travers des différentes simulations tout en évaluant la qualité de service dans des réseaux MPLS. L’application de la technique a démontré son efficacité dans non seulement la mitigation des impacts des attaques mais aussi dans l’offre des avantages financiers aux acteurs de la chaîne de sécurité, à savoir les fournisseurs de serviceCyber attacks cause considerable losses not only for end-users but also service providers. They are fostered by myriad of infected resources and mostly rely on network resources for whether propagating, controlling or damaging. There is an essential need to address these numerous attacks by efficient defence strategies. Researchers have dedicated large resources without reaching a comprehensive method to protect from network attacks. Defence strategies involve first a detection process, completed by mitigation actions. Research on detection is more active than on mitigation. Yet, it is crucial to close the security loop with efficient technique to mitigate counter attacks and their effects. In this thesis, we propose a novel technique to react to attacks that misuse network resources, e.g., DDoS, Botnet, worm spreading, etc. Our technique is built upon network traffic management techniques. We use the Multiprotocol Label Switching (MPLS) technology to manage the traffic diagnosed to be part of a network misuse by detection processes. The goals of our technique can be summarized as follows: first to provide the means — via QoS and routing schemes — to segregate the suspicious flows from the legitimate traffic; and second, to take control over suspicious flows. We profit from the enhancement on the inter-domain MPLS to permit a cooperation among providers building a large-scale defence mechanism. We develop a system to complete the management aspects of the proposed technique. This system performs tasks such as alert data extraction, strategy adaptation and equipments configurations. We model the system using a clustering method and a policy language in order to consistently and automatically manage the mitigation context and environment in which the proposed technique is running. Finally, we show the applicability of the technique and the system through simulation. We evaluate and analyse the QoS and financial impacts inside MPLS networks. The application of the technique demonstrates its effectiveness and reliability in not only alleviating attacks but also providing financial benefits for the different players in the mitigation chain, i.e., service providers
34
Holm, Hannes. "A Framework and Calculation Engine for Modeling and Predicting the Cyber Security of Enterprise Architectures." Doctoral thesis, KTH, Industriella informations- och styrsystem, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-140525.
Full textAbstract:
Information Technology (IT) is a cornerstone of our modern society and essential for governments' management of public services, economic growth and national security. Consequently, it is of importance that IT systems are kept in a dependable and secure state. Unfortunately, as modern IT systems typically are composed of numerous interconnected components, including personnel and processes that use or support it (often referred to as an enterprise architecture), this is not a simple endeavor. To make matters worse, there are malicious actors who seek to exploit vulnerabilities in the enterprise architecture to conduct unauthorized activity within it. Various models have been proposed by academia and industry to identify and mitigate vulnerabilities in enterprise architectures, however, so far none has provided a sufficiently comprehensive scope. The contribution of this thesis is a modeling framework and calculation engine that can be used as support by enterprise decision makers in regard to cyber security matters, e.g., chief information security officers. In summary, the contribution can be used to model and analyze the vulnerability of enterprise architectures, and provide mitigation suggestions based on the resulting estimates. The contribution has been tested in real-world cases and has been validated on both a component level and system level; the results of these studies show that it is adequate in terms of supporting enterprise decision making. This thesis is a composite thesis of eight papers. Paper 1 describes a method and dataset that can be used to validate the contribution described in this thesis and models similar to it. Paper 2 presents what statistical distributions that are best fit for modeling the time required to compromise computer systems. Paper 3 describes estimates on the effort required to discover novel web application vulnerabilities. Paper 4 describes estimates on the possibility of circumventing web application firewalls. Paper 5 describes a study of the time required by an attacker to obtain critical vulnerabilities and exploits for compiled software. Paper 6 presents the effectiveness of seven commonly used automated network vulnerability scanners. Paper 7 describes the ability of the signature-based intrusion detection system Snort at detecting attacks that are more novel, or older than its rule set. Finally, paper 8 describes a tool that can be used to estimate the vulnerability of enterprise architectures; this tool is founded upon the results presented in papers 1-7.Informationsteknik (IT) är en grundsten i vårt moderna samhälle och grundläggande för staters hantering av samhällstjänster, ekonomisk tillväxt och nationell säkerhet. Det är därför av vikt att IT-system hålls i ett tillförlitligt och säkert tillstånd. Då moderna IT-system vanligen består av en mångfald av olika integrerade komponenter, inklusive människor och processer som nyttjar eller stödjer systemet (ofta benämnd organisationsövergripande arkitektur, eller enterprise architecture), är detta tyvärr ingen enkel uppgift. För att förvärra det hela så finns det även illvilliga aktörer som ämnar utnyttja sårbarheter i den organisationsövergripande arkitekturen för att utföra obehörig aktivitet inom den. Olika modeller har föreslagits av den akademiska världen och näringslivet för att identifiera samt behandla sårbarheter i organisationsövergripande arkitekturer, men det finns ännu ingen modell som är tillräckligt omfattande. Bidraget presenterat i denna avhandling är ett modelleringsramverk och en beräkningsmotor som kan användas som stöd av organisatoriska beslutsfattare med avseende på säkerhetsärenden. Sammanfattningsvis kan bidraget användas för att modellera och analysera sårbarheten av organisationsövergripande arkitekturer, samt ge förbättringsförslag baserat på dess uppskattningar. Bidraget har testats i fallstudier och validerats på både komponentnivå och systemnivå; resultaten från dessa studier visar att det är lämpligt för att stödja organisatoriskt beslutsfattande. Avhandlingen är en sammanläggningsavhandling med åtta artiklar. Artikel 1 beskriver en metod och ett dataset som kan användas för att validera avhandlingens bidrag och andra modeller likt detta. Artikel 2 presenterar vilka statistiska fördelningar som är bäst lämpade för att beskriva tiden som krävs för att kompromettera en dator. Artikel 3 beskriver uppskattningar av tiden som krävs för att upptäcka nya sårbarheter i webbapplikationer. Artikel 4 beskriver uppskattningar för möjligheten att kringgå webbapplikationsbrandväggar. Artikel 5 beskriver en studie av den tid som krävs för att en angripare skall kunna anskaffa kritiska sårbarheter och program för att utnyttja dessa för kompilerad programvara. Artikel 6 presenterar effektiviteten av sju vanligt nyttjade verktyg som används för att automatiskt identifiera sårbarheter i nätverk. Artikel 7 beskriver förmågan av det signatur-baserade intrångsdetekteringssystemet Snort att upptäcka attacker som är nyare, eller äldre, än dess regeluppsättning. Slutligen beskriver artikel 8 ett verktyg som kan användas för att uppskatta sårbarheten av organisationsövergripande arkitekturer; grunden för detta verktyg är de resultat som presenteras i artikel 1-7.
QC 20140203
35
Saber, Jennifer. "Determining Small Business Cybersecurity Strategies to Prevent Data Breaches." ScholarWorks, 2016. https://scholarworks.waldenu.edu/dissertations/4991.
Full textAbstract:
Cybercrime is one of the quickest growing areas of criminality. Criminals abuse the speed, accessibility, and privacy of the Internet to commit diverse crimes involving data and identity theft that cause severe damage to victims worldwide. Many small businesses do not have the financial and technological means to protect their systems from cyberattack, making them vulnerable to data breaches. This exploratory multiple case study, grounded in systems thinking theory and routine activities theory, encompassed an investigation of cybersecurity strategies used by 5 small business leaders in Middlesex County, Massachusetts. The data collection process involved open-ended online questionnaires, semistructured face-to-face interviews, and review of company documents. Based on methodological triangulation of the data sources and inductive analysis, 3 emergent themes identified are policy, training, and technology. Key findings include having a specific goal and tactical approach when creating small business cybersecurity strategies and arming employees with cybersecurity training to increase their awareness of security compliance. Recommendations include small business use of cloud computing to remove the burden of protecting data on their own, thus making it unnecessary to house corporate servers. The study has implications for positive social change because small business leaders may apply the findings to decrease personal information leakage, resulting from data breaches, which affects the livelihood of individuals or companies if disclosure of their data occurs.
36
Jeong, Juyong. "WebSAT: Web-based systems administration tool." CSUSB ScholarWorks, 2005. https://scholarworks.lib.csusb.edu/etd-project/2667.
Full textAbstract:
Discusses the development of WebSAT (Web-based systems administration tool), a computer network tool that allows systems administrators to create and delete accounts, disable and enable existing accounts, manage disk space conveniently, monitor the status of all network printers, and monitor network security. The WebSAT application was implemented using PHP, a server-side embedded scripting language, with a MySQL database.
37
Carlsson, Elin, and Moa Mattsson. "The MaRiQ model: A quantitative approach to risk management." Thesis, Uppsala universitet, Avdelningen för datalogi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-385257.
Full textAbstract:
In recent years, cyber attacks and data fraud have become major issues to companies, businesses and nation states alike. The need for more accurate and reliable risk management models is therefore substantial. Today, cybersecurity risk management is often carried out on a qualitative basis, where risks are evaluated to a predefined set of categories such as low, medium or high. This thesis aims to challenge that practice, by presenting a model that quantitatively assesses risks - therefore named MaRiQ (Manage Risks Quantitatively). MaRiQ was developed based on collected requirements and contemporary literature on quantitative risk management. The model consists of a clearly defined flowchart and a supporting tool created in Excel. To generate scientifically validated results, MaRiQ makes use of a number of statistical techniques and mathematical functions, such as Monte Carlo simulations and probability distributions. To evaluate whether our developed model really was an improvement compared to current qualitative processes, we conducted a workshop at the end of the project. The organization that tested MaRiQexperienced the model to be useful and that it fulfilled most of their needs. Our results indicate that risk management within cybersecurity can and should be performed using more quantitative approaches than what is praxis today. Even though there are several potential developments to be made, MaRiQ demonstrates the possible advantages of transitioning from qualitative to quantitative risk management processes.
38
Olsson, Sanna, and Isabella Hultberg. "Cybersäkerhet - Att stärka den svaga länken : En flerfallsstudie om hur formella och informella styrmedel förebygger interna cyberhot i banksektorn." Thesis, Linköpings universitet, Institutionen för ekonomisk och industriell utveckling, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-176804.
Full textAbstract:
Bakgrund: Banker fyller en mycket viktig funktion i samhället och har sedan digitaliseringen varit särskilt utsatta för cyberhot. Samtidigt bygger bankens verksamhet till stor del på att upprätthålla förtroendet hos sina kunder, varpå det är av stor vikt för banker att ha en hög cybersäkerhet. Framför allt kan interna cyberhot i form av mänskliga misstag konstateras vara den svaga länken i bankers säkerhetsarbete idag. Därför är det intressant att undersöka hur banker i Sverige arbetar för att öka cybersäkerheten genom formella och informella styrmedel, som kan påverka anställdas beteenden. Syfte: Studien syftar till att bidra till ökad förståelse om hur banker styr sin verksamhet med formella och informella styrmedel för att förebygga interna cyberhot på arbetsplatsen. Metod: Studien har ett hermeneutiskt perspektiv och är utformad enligt en kvalitativ metod. Vidare har en abduktiv ansats format uppsatsen. Syfte och frågeställningar har besvarats genom en flerfallstudie av fyra olika banker i Sverige. Det empiriska materialet har inhämtats med hjälp av intervjuer med representanter från respektive bank som arbetar med säkerhet. Slutsats: För att förebygga interna cyberhot arbetar banker med formella styrmedel främst i form av regler, där de tar hjälp av globala standarder vid utformningen. Reglerna utformas även utifrån bankens kultur och uppdateras ofta. Vi har sett att kompetens och medvetenhet inom cybersäkerhet hos anställda är något som samtliga fallföretag värderar högt, och för att stärka kompetensen lägger bankerna stora resurser på utbildning. Att göra säkerhetstänket till en naturlig del av anställdas dagliga arbete har framför allt understrukits av respondenterna, samtidigt som arbetet med kultur till stor del görs passivt då det starka regelverket formar kulturen. Informella dialoger menas dock vara något som ökar medvetenheten och därmed stärker kulturen. Slutligen har vi identifierat att samtliga styrmedel nämnda ovan påverkar varandra, varpå det är viktigt att ha ett helhetstänk vid styrningsarbetet vad gäller cybersäkerhet.Background: Banks play an important role in society and have since the increasing digitalization been particularly exposed to cyber threats. At the same time, the bank's operations are largely based on maintaining trust of its customers, and therefore it is of great importance for banks to have a high level of cyber security. Above all, internal cyber threats in the form of human error constitute one of the greatest risks to banks' security work today. Therefore, it is interesting to investigate how banks work to mitigate internal cyber threats through formal and informal management controls. Purpose: This study aims to contribute to an increased understanding of how banks use formal and informal management control to mitigate internal cyber threats in the workplace. Methodology: This study adopts a hermeneutic perspective and uses qualitative method. Furthermore, an abductive approach has shaped the essay. The purpose and research questions have been answered through a multiple case study of four different banks in Sweden. The empirical material has been obtained with the help of interviews with representatives from each bank who work with security. Conclusion: To prevent internal cyber threats, banks work with rules which global standards and the company’s culture help design. We have noted that competence and awareness in cyber security is something that is valued highly. To strengthen the competence banks invest large resources in training. Making the idea of safety a natural part of employees' daily work has above all been emphasized by, at the same time as cultural development is largely done passively as the strong regulations shape culture. Informal dialogues, however, increase awareness and thus strengthen culture. Finally, we have identified that all the management controls mentioned above affect each other. Therefore, it is important to have a holistic approach to the governance work regarding cyber security.
39
Baker, Wade Henderson. "Toward a Decision Support System for Measuring and Managing Cybersecurity Risk in Supply Chains." Diss., Virginia Tech, 2017. http://hdl.handle.net/10919/85128.
Full textAbstract:
Much of the confusion about the effectiveness of information security programs concerns not only how to measure, but also what to measure — an issue of equivocality. Thus, to lower uncertainty for improved decision-making, it is first essential to reduce equivocality by defining, expanding, and clarifying risk factors so that metrics, the "necessary measures," can be unambiguously applied. We formulate a system that (1) allows threats to be accurately measured and tracked, (2) enables the impacts and costs of successful threats to be determined, and (3) aids in evaluating the effectiveness and return on investment of countermeasures. We then examine the quality of controls implemented to mitigate cyber risk and study how effectively they reduce the likelihood of security incidents. Improved control quality was shown to reduce the likelihood of security incidents, yet the results indicate that investing in maximum quality is not necessarily the most efficient use of resources. The next manuscript expands the discussion of cyber risk management beyond single organizations by surveying perceptions and experiences of risk factors related to 3rd parties. To validate and these findings, we undertake in an in-depth investigation of nearly 1000 real-world data breaches occurring over a ten-year period. It provides a robust data model and rich database required by a decision support system for cyber risk in the extended enterprise. To our knowledge, it is the most comprehensive field study ever conducted on the subject. Finally, we incorporate these insights, data, and factors into a simulation model that enables us study the transfer of cyber risk across different supply chain configurations and draw important managerial implications.Ph. D.
40
Gancarčik, Rastislav. "Informační bezpečnost jako ukazatel výkonnosti podniku." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2017. http://www.nusl.cz/ntk/nusl-318349.
Full textAbstract:
The content of this thesis is a proposal of methodology for evaluating company's performance in areas of information security, while their performance will be judged based on compliance with standard ISO/IEC 27001:2013, Act no. 181/2014 Coll., Regulation 2016/679 of European Parliament and Directive 2016/1148 of the European Parliament. The proposal of this methodology is designed in a particular company which operates in the Czech Republic.
41
Hajný, Jiří. "Management informační bezpečnosti ve zdravotnickém zařízení." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2014. http://www.nusl.cz/ntk/nusl-224498.
Full textAbstract:
The diploma thesis focuses on implementation and deployment of information security management system (ISMS) into healthcare organizations. Specifies what is required to include in this process and what not to forget. It includes a risk analysis of a branch of the selected company, and for it is written a safety guide. Safety guide provides advice and recommendations regarding security in terms of human resources, physical security, ICT security and other aspects that should be included in the ISMS deployment in healthcare organizations. The work also reflects the newly emerging law on cyber security. It is expected that the law will also address cyber security in healthcare.
42
Betz, Linda. "An Analysis of the Relationship between Security Information Technology Enhancements and Computer Security Breaches and Incidents." NSUWorks, 2016. http://nsuworks.nova.edu/gscis_etd/960.
Full textAbstract:
Financial services institutions maintain large amounts of data that include both intellectual property and personally identifiable information for employees and customers. Due to the potential damage to individuals, government regulators hold institutions accountable for ensuring that personal data are protected and require reporting of data security breaches. No company wants a data breach, but finding a security incident or breach early in the attack cycle may decrease the damage or data loss a company experiences. In multiple high profile data breaches reported in major news stories over the past few years, there is a pattern of the adversary being inside the company’s network for months, and often law enforcement is the first to inform the company of the breach.
The problem that was investigated in this case study was whether new information technology (IT) utilized by Fortune 500 financial services companies led to the changes in data security incidents and breaches. The goal of this dissertation is to gain a deeper understanding on how IT can increase awareness of a security incident or breach, and can also decrease security incidents and breaches. This dissertation also explores how threat information sharing increases awareness and decreases information security incidents and breaches. The objective of the study was to understand how changes in IT can influence an increase or decrease in data security breaches.
This investigation was a case study of nine Fortune 500 financial services companies to understand what types of IT increase or decrease detection of security incidents and breaches. An increase in detecting and stopping a security incident or breach may have positive effects on the security of an enterprise. The longer a hacker has access to IT systems, the more entrenched they become and the more time the hacker has to locate data with high value. Time is of the essence to detect a compromise and react. The results of the case study showed that Fortune 500 companies utilized new IT that allowed them to improve their visibility of security incidents and breaches from months and years to hours and days.
43
Kroupová, Hana. "Metodika asistovaného zhodnocení." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2019. http://www.nusl.cz/ntk/nusl-402066.
Full textAbstract:
The master‘s thesis is focused on security audit. The aim of this thesis is to create methodology, which might help with creating security audits and research current condition of cybernetic and information security in a business establishment. Theoretical part explains basic terms and concepts about cyber and information security. Own interpretation consist description of methodological areas of security audit.
44
Innocenti, Federica. "Analisi e riprogettazione del processo di ict risk management: un caso applicativo in Telecom Italia." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6708/.
Full textAbstract:
Questo lavoro di tesi muove da tematiche relative alla sicurezza IT e risulta dagli otto mesi di lavoro all’interno della funzione Technical Security di Telecom Italia Information Technology. Il compito primario di questa unità di business è ridurre il rischio informatico dei sistemi di Telecom Italia per mezzo dell’attuazione del processo di ICT Risk Management, che coinvolge l’intera organizzazione ed è stato oggetto di una riprogettazione nel corso del 2012. Per estendere tale processo a tutti i sistemi informatici, nello specifico a quelli caratterizzati da non conformità, all’inizio del 2013 è stato avviato il Programma Strutturato di Sicurezza, un aggregato di quattro progetti dalla durata triennale particolarmente articolato e complesso. La pianificazione di tale Programma ha visto coinvolto, tra gli altri, il team di cui ho fatto parte, che ha collaborato con Telecom Italia assolvendo alcune delle funzioni di supporto tipiche dei Project Management Office (PMO).
45
Volfová, Jana. "Budování bezpečnostního povědomí na fakultě podnikatelské." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2021. http://www.nusl.cz/ntk/nusl-444577.
Full textAbstract:
This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.
46
Dočekal, Petr. "Návrh zavedení bezpečnostních opatření v souladu s ISMS pro obchodní společnost." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2018. http://www.nusl.cz/ntk/nusl-378344.
Full textAbstract:
The master’s thesis focuses on area of security countermeasures in accordance with information security management system. Presents basic theoretical background of information and cyber security and describes a current state in the company. The thesis’s output is the design of security countermeasures implementation which contribute to information security in the company.
47
Mapoka, Trust Tshepo. "Location based authenticated multi-services group key management for cyber security in high speed broadband wireless multicast communications : multi-service group key management scheme with location based handover authentication for multi-handoffs participating in multi-group service subscriptions, its performance evaluation and security correctness in high speed broadband wireless multicast communications." Thesis, University of Bradford, 2015. http://hdl.handle.net/10454/14468.
Full textAbstract:
Secure information exchanges over cyberspace is on the increase due to the convergence of wireless and mobile access technologies in all businesses. Accordingly, with the proliferation of diverse multicast group service subscriptions that are possible to co-exist within a single broadband network, there is also huge demand by the mobile subscribers to ubiquitously access these services over high speed broadband using their portable devices. Likewise, the Network Providers (NPs) invest hugely in infrastructure deployment to disseminate these services efficiently and concomitantly. Therefore, cyber security in any business is obligatory to restrict access of disseminated services to only authorised personnel. This becomes a vital requirement for a successful commercialisation of exchanged group services. The standard way to achieve cyber security in a wireless mobile multicast communication environment is through confidentiality using Group Key Management (GKM).The existing GKM schemes for secure wireless multicast from literature only target single group service confidentiality; however, the adoption of multiple group service confidentiality in them involve inefficient management of keys that induce huge performance overheads unbearable for real time computing. Therefore, a novel authenticated GKM scheme for multiple multicast group subscriptions known as slot based multiple group key management (SMGKM) is proposed. In the SMGKM, the handovers move across diverse decentralised clusters of homogeneous or heterogeneous wireless access network technologies while participating in multiple group service subscriptions. Unlike the conventional art, the SMGKM advances its security by integrating location based authentication and GKM functions. Both functions are securely offloaded from the Domain Key Distributor (DKD) to the intermediate cluster controllers, Area Key Distributors (AKDs), in a distributed fashion, using the proposed location based authenticated membership list (SKDL). A significant upgrade of fast handoff performance with reduced performance overheads of the SMGKM scheme is achieved. The developed numerical analysis and the simulation results display significant resource economy in terms of reduced rekeying transmission, communication bandwidth and storage overheads while providing enhanced security. The performance of the SMGKM in a high speed environment is also evaluated and has demonstrated that SMGKM outperforms the previous work. Finally, the SMGKM correctness against various attacks is verified using BAN logic, the eminent tool for analysing the widely deployed security protocols. The security analysis demonstrates that SMGKM can counteract the security flaws and redundancies identified in the chosen related art.
48
Covic, Mirjana, and Thomas Kohler. "IT security for small and medium-sized enterprises : A didactical concept of a dynamical questionnaire." Thesis, Växjö University, School of Mathematics and Systems Engineering, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-6266.
Full textAbstract:
This master thesis has been written at the School of Mathematics and System Engineering (MSI) at Växjö University in the field of computer science. IT security has become one of the main topics of every enterprise since they all use information technology in their business. Investments have to be done in order to achieve a high protection status of the IT environments. Specially small and medium-sized enterprises need more knowledge and advisory how to handle their IT security. This thesis analyses management tools that have the goal to improve the IT security. The second and main part of the thesis is the design of a tool that should helps to solve the described problems.
49
Šisler, Marcel. "Porovnání výuky informační a kybernetické bezpečnosti v České republice a Jižní Koreji s návrhy na zlepšení." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2020. http://www.nusl.cz/ntk/nusl-417808.
Full textAbstract:
This diploma thesis deals with a suggestions to improve the current state of education information and cyber security in the Czech Republic. These suggestions are from a comparison of education at the Brno University of Technology - Faculty of Business and Hallym University in South Korea. Another part is the analysis of trends in the field of cyber attacks and comparison of this area between the Czech Republic and South Korea.
50
Mohor, Guilherme Samprogna. "Water insurance as climate change adaptation tool for optimization of water permits." Universidade de São Paulo, 2016. http://www.teses.usp.br/teses/disponiveis/18/18138/tde-23032017-102949/.
Full textAbstract:
Recent prolonged droughts make the urgent need to revise the criteria for water use permits in Brazil, especially in basins under conflicts for water use. Mechanisms for water risks transfer are an important adaptation tool. However, in Brazil, there is no established methodology that adapts this technique to assist the water use permit instrument. Moreover, there is no water risk insurance methodology with uncertainty analysis that complements its effectiveness in reducing losses from extreme events. Hydrologic modelling is the basis for development of these tools, which carries uncertainties that must be considered in decision-making. The objectives of this project were: i) coupling climatic, hydrologic and water insurance models to evaluate the use permit decision-making; ii) analyse sensitivity of performance indicators of a water risk insurance model through the application of different hydrologic models driven by climate change projections. The methodology was applied in donor basins of the Cantareira Water Supply System, which supplies water to an important metropolitan region that showed itself vulnerable to hydrologic extremes in the last years. The MHD-INPE and SWAT hydrologic models were applied, driven by the Eta- HadGEM2-ES climate model projections to characterize the future hydrologic regime in the region and also to compare the structure, performances and gaps of the models. Structural differences are most likely the greater responsible for the results differences, though no result could be identified as \"more certain\". With the hydrologic models outputs fitted the the Gumbel extreme values distribution, a proposed insurance fund simulator, MTRH-SHS, was run with 100 equiprobable scenarios of 50-year annual low-flow events to calculated an optimized premium capable of paying all indeminities of hydrologic drought. Besides the future hydrologic regimes, water demand scenarios were also tested. The optimized premiums were compared to the local GDP to assess the apparent affordability of the insurance, with some premium representing up to 0.54% of local GDP, but in the water resources management framework, the decision should be made collectively by several actors within the basin's committee.Recentes estiagens fazem reconsiderar a necessidade de aperfeiçoar critérios de outorga de água no Brasil, especialmente em bacias com conflitos pelo uso da água. Seguros (transferência de risco) são importante ferramenta de adaptação. Contudo, no Brasil ainda não há metodologia consolidada que adapte esta técnica para auxiliar o instrumento de outorga de recursos hídricos. Ainda, não há metodologia de seguros hídricos com análise de incertezas, complementando sua efetividade ao reduzir os prejuízos advindos de eventos extremos. Modelos hidrológicos são a base de desenvolvimento destas ferramentas e carregam incertezas que devem ser integralizadas nos processos de decisão. Os objetivos deste projeto foram: i) acoplar modelos: climático, hidrológico e de seguros hídricos para a avaliação do processo de decisão de outorga; ii) realizar análise de sensibilidade dos indicadores de desempenho de modelo de seguros hídricos com diferentes modelos hidrológicos sob cenários de mudanças do clima. A metodologia foi aplicada nas bacias doadoras do Sistema Cantareira, que abastece importante região metropolitana e mostrou-se vulnerável a extremos hidrológicos nos últimos anos. Os modelos hidrológicos MHD-INPE e SWAT foram aplicados, forçados pelas projeções climáticas do modelo Eta-HadGEM2-ES a fim de caracterizar o regime hidrológico future na região, assim como comparar a estrutura, diferenças e performances dos modelos hidrológicos. As diferenças estruturais são provavelmente as maiores responsáveis pela diferença nos resultados, embora não seja possível apontar um modelo "melhor" que o outro. As saídas dos modelos foram ajustadas na distribuição de Gumbel e utilizada no modelo proposto de simulação de fundo de seguros, MTRH-SHS, rodado com 100 séries equiprováveis de 50 anos de eventos mínimos anuais. A cada série um prêmio otimizado é calculado para cobrir todas as indenizações de seca hidrológica. Além das projeções hidrológicas, cenários de demanda foram testados. Os prêmios otimizados foram comparados com o PIB local para demonstrar a viabilidade em implementar o seguro. Os valores representam até 0.54% do PIB local em um dos casos, mas na gestão de recursos hídricos, a decisão final pela implementação deve ser feita no âmbito do comitê de bacias por múltiplos atores.