To see the other types of publications on this topic, follow the link: Perception of security risks.
Dissertations / Theses on the topic 'Perception of security risks'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Perception of security risks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
De, Villiers R. R. (Raoul Reenen). "The role of risk perception in Internet purchasing behaviour and intention." Thesis, Stellenbosch : Stellenbosch University, 2001. http://hdl.handle.net/10019.1/52570.
Full textAbstract:
Thesis (MComm.)--Stellenbosch University, 2001.ENGLISH ABSTRACT: In recent years the importance and number of users of electronic commerce and its medium, the Internet, have grown substantially. Despite this, the Business-to- Consumer sector has shown slow expansion and limited growth, with the majority of consumers slow to adopt the Internet as a medium for purchase. A probable factor affecting the purchasing behaviour of individuals is the perception of risk of a breach in (credit card) security and/or a violation of privacy. The research discussed here indicates that two closely related constructs, namely perceived privacy risk and perceived security risk exerts an influence on the Internet purchasing behaviour of Internet users, and more importantly, the intention to purchase. In addition, the role of social pressures regarding the provision of personal and credit card information is indicated to be of considerable importance.
AFRIKAANSE OPSOMMING: Die afgelope aantal jare het die belangrikheid en gebruik van eletroniese handel en die Internet aansienlik toegeneem. Ongeag hierdie groei het die sektor gemoeid met die handel tussen besighede en verbruikers egter beperkte groei getoon. 'n Waarskynlike rede vir die tendens in Internet aankoop gedrag is die persepsie dat daar 'n risiko is van misbruik van 'n krediet kaart sowel as misbruik en skending van privaatheid. Die studie wat hier bespreek word toon aan dat twee nou verwante kostrukte, naamlik persepsie van sekuriteits- en persepsie van privaatheidsrisiko 'n rol speel in die bepaling van Internet aankoop gedrag, sowel as die intensie om te koop. Verder is die rol van sosiale druk rakende die verskaffing van persoonlike en krediet kaart inligting uitgelig as 'n faktor van uiterste belang.
2
Mabanga, Silingile Portia. "South Africa's official external threat perceptions : 1994-2012." Diss., University of Pretoria, 2013. http://hdl.handle.net/2263/43680.
Full textAbstract:
The aim of this study is to analyse and critically assess the nature, scope and basis of South Africa‟s official external threat perception as it developed during the period from 1994 to 2012. Accordingly, the assessment allows for the identification of shortcomings in the current national security policy on external security threats, based on the alignment of external threat perceptions with the Government Programme of Action. Essentially what had to be determined is whether perceived official threats correspond with the actual situation. Accordingly, the main research question of the study is: What is the nature, scope and basis of the post-1994 official external threat perception of South Africa? The research problem generated four subsidiary questions: When does a security issue become a national threat? What types of threat are there? How does the South African government perceive these threats? And whose security is threatened?
In responding to the main research questions, the study‟s findings note a change in perceptions during the post-Cold War era as to what constituted threats to security. The focus shifted from traditional to non-traditional threats to national security, because most current threats are non-military and transnational in nature. The analysis of South Africa‟s official external threat perception is informed by the changed views of Government towards what are considered the main threats to national security. The study concludes with key findings in response to the stated problem and with specific recommendations. The study confirmed that the nature of threats and security debates post-1994 have changed constantly with the expansion of the security agenda beyond state and military security. The official viewpoint is that South Africa at present is not faced with any military threats. Emphasis is currently placed on human beings as the main object of security. Most identified threats are transnational in nature and these relate to the illegal flow of immigrants, terrorism, organised
crime, climate change (linked to food and water security), regional instability and other socio-economic threats. These threats are being perceived and articulated by Government through policy announcements and public speeches, also validated in the critical analysis of various scholars.
The concept of non-traditional threats still lacks a commonly accepted definition; hence the study proposes the need for South Africa to define and outline non-military security threats in a comprehensive manner, preferably through the development of a South African External Threat Perception Framework. Developing such a framework will assist security agencies (such as analysts) and other stakeholders in providing advice and guidance to Government in identifying external security threats. This initiative could eliminate the abuse of power by various stakeholders in securitising any issue as a threat to national security, and instead divert those resources to other Government services. Provision should also be made in the form of policy initiatives on the role of military force and other agencies in addressing non-military security threats. Thus, the development of key elements of an integrated national security strategy in order to address external security issues and threats is essential.Dissertation (MSecurity Studies)--University of Pretoria, 2013.
gm2015
Political Sciences
MSecurity Studies
Unrestricted
3
BROOKS, David, and d. brooks@ecu edu au. "Public street surveillance: a psychometric study on the perceived social risk." Edith Cowan University. Computing, Health And Science: School Of Engineering, 2003. http://adt.ecu.edu.au/adt-public/adt-ECU2006.0007.html.
Full textAbstract:
Public street surveillance, a domain of Closed Circuit Television (CCTV), has grown enormously and is becoming common place with increasing utilization in society as an all-purpose security tool. Previous authors (Ditton, 1999; Davies, 1998; Horne, 1998; Tomkins, 1998) have raised concern over social, civil and privacy issues, but there has been limited research to quantify these concerns. There are a number of core aspects that could relocate the risk perception and therefore, social support of public street surveillance. This study utilized the psychometric paradigm to quantitatively measure the social risk perception of public street surveillance. The psychometric paradigm is a method that presents risk perception in a two factor representation, being dread risk and familiarity to risk. Four additional control activities and technologies were tested, being radioactive waste, drinking water chlorination, coal mining disease and home swimming pools. Analysis included spatial representation, and multidimensional scaling (MDS) Euclidean and INDSCAL methods. The study utilized a seven point Likert scale, pre and post methodology, and had a target population of N=2106, with a sample of N=135 (alpha=0.7).
4
Heeb, Alexis. "Violent crime, public perceptions and citizen security strategies in Colombia during the 1990s." Thesis, University of Oxford, 2002. http://ora.ox.ac.uk/objects/uuid:9aa285b1-15e6-402f-a4e8-2f7322c9adc3.
Full textAbstract:
This research deals with the topic of violent crime in urban Colombia. Although many references are made to the conflict between the State, guerrilla groups and paramilitary organisations in rural areas, and to the problem of drug-cartels and illegal-drug production, the main aim of the thesis is to show recent trends in violent crime and discuss citizen security strategies followed during the decade of the 1990s. Chapter 1 focuses on urban homicides. In Colombia, 40 percent of the 25,000 annual homicides are committed in the ten largest cities. The cities of Medellin, Bogota and Cali account for almost 30 percent of this total. Although the victims are mainly young men from the poorest socio-economic levels, homicides are not necessarily correlated to the areas where the poor live. The probability of getting involved in a homicide, either as a victim or as victimiser, is significantly higher in places where access to economic resources is greater. Chapter 2 analyses the problem of kidnappings. The chapter looks at recent progresses in Colombian anti-kidnapping legislation and focuses on the authors, the victims and the riskzones where most cases take place. Although these crimes affect mainly the rich and the middle class, kidnappers have recently started to target victims from all social backgrounds. This strategy creates fear among citizens and permits kidnappers to extort more fees from people who could be at risk of being kidnapped. Chapter 3 looks at the issue of perception and fear of crime. This question provides a better understanding of the concept of risk and the subjectivity of decision-making when facing insecurity. If citizen security strategies have had little impact during the last decade, it has been partly because of poor levels of co-operation and communication with the population. The consequence of this has been an increasing perception of insecurity and distrust among citizens. Chapter 4 assesses citizen security strategies followed during the administrations of Presidents Gaviria (1990-1994), Samper (1994-1998) and Pastrana (1998-2002). The reforms implemented since the adoption of a new Constitution in 1991 have had important impacts on security strategies as they have given more discretionary powers to civilian authorities, especially at the municipal level. Larger cities like Bogotá, Cali and Medellin, implemented a series of successful programmes that have reduced the levels of violent crime, notably homicides. Other crimes, like kidnappings, have not decreased since the government has lacked a coherent strategy to combine its peace negotiations with insurgent organisations with its legitimate right to fight violent crime.
5
Johnson, Kim. "Better Safe than Sorry: The Relationship Between Locus of Control, Perception of Risk, and Cyber Misbehaviors." Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7630.
Full textAbstract:
Information security is of vital importance to organizations. Breaches in security very often stem from behaviors of the system operator. Cyber misbehaviors on the part of employees can have devastating repercussions on the well-being of an organization. Up to now, research has mainly focused on how to protect information systems from outside attack, and only recently have researchers turned to the part the operator plays in keeping the systems safe. The present study investigated some individual differences that may play a role in people’s cyber behavior. The purpose of the study was to determine if locus of control was related to an individual’s perception of cyber risk and likelihood of engaging in cyber misbehaviors. Internal locus of control was found to be associated with higher perception of cyber risk, and higher cyber risk perception was found to lead to fewer cyber misbehaviors. The trait sensation seeking was also explored but no firm conclusions could be drawn from those results. Gaining an understanding of some of the differences between individuals that make some more likely to commit cyber misbehaviors-- as well as the dynamics behind these relationships—should be greatly beneficial in helping develop deterrents to cyber misbehavior and keeping information systems safer.
6
Nuth, Michael John. "Ontological Security and the Global Risk Environment: A Case Study of Risk and Risk Perception in the Tourist-Dependent Township of Akaroa." Thesis, University of Canterbury. Sociology and Anthropology, 2007. http://hdl.handle.net/10092/988.
Full textAbstract:
This thesis is about global catastrophic risks and the conscious effect of such risks at the level of everyday life. Utilising R. D. Laing's concept of "ontological security", this thesis questions the extent to which risks that loom in the global environment cause a sense of ontological insecurity amongst individuals at the local-level. In addressing this question, this thesis responds to the theories of Ulrich Beck and Anthony Giddens who maintain that the contemporary age is marked both by the emergence of global risks that exist as the unintended consequences of modernisation and a greater sense of risk owing to how information about such risks is disseminated by the media. While no objection is made to the argument that the global environment has become more objectively threatening, this thesis questions whether individuals in fact perceive such threat in their daily lives. This argument rests on the view that global risks, in the main, lack a tangible dimension needed to elicit a sense of urgency. Seeking to ground the risk literature from the level of theoretical abstraction to that of lived experience, this thesis presents a case study of how risk is perceived in the tourist-dependent township of Akaroa. Despite the fact that New Zealand is generally seen as "safe" and "secure" and removed from the vicissitudes of global events, its economic reliance on international tourism ensures a susceptibility to external forces that disrupt global tourism flows. Given the recent publicity as to how such risks as climate change and peak oil may undermine international tourism in New Zealand, it is clear that areas that are particularly reliant on the international visitor market, like Akaroa, are significantly exposed to global events. This not only makes Akaroa an ideal case study in which to establish the extent to which global risks undermine ontological security in daily life, it also helps measure how seriously individuals in tourist-dependent areas consider the possibility of a substantial tourist decline.
7
Hou, Wenliang. "How Accurate are Retirees' Assessments of Their Retirement Risk?:." Thesis, Boston College, 2020. http://hdl.handle.net/2345/bc-ir:108826.
Full textAbstract:
Thesis advisor: Peter IrelandRetirees with limited financial resources face numerous risks, including out-living their money (longevity risk), investment losses (market risk), unexpected health expenses (health risk), the unforeseen needs of family members (family risk), and even retirement benefit cuts (policy risk). This study systematically values and ranks the financial impacts of these risks from both the objective and subjective perspectives and then compares them to show the gaps between retirees’ actual risks and their perceptions of the risks in a unified framework. It finds that 1) under the empirical analysis, the greatest risk is longevity risk, followed by health risk; 2) under the subjective analysis, retirees perceive market risk as the highest-ranking risk due to their exaggeration of market volatility; and 3) the longevity risk and health risk are valued less in the subjective ranking than in the objective ranking, because retirees underestimate their life spans and their health costs in late life
Thesis (PhD) — Boston College, 2020
Submitted to: Boston College. Graduate School of Arts and Sciences
Discipline: Economics
8
Realista, Andreia cristina Saraiva. "A perceção do risco na atividade dos bombeiros." Master's thesis, Instituto Politécnico de Setúbal. Escola Superior de Ciências Empresariais. Escola Superior de Tecnologia de Setúbal, 2014. http://hdl.handle.net/10400.26/7157.
Full textAbstract:
Dissertação apresentada para cumprimento dos requisitos necessários à obtenção do grau de Mestre em Segurança e Higiene no TrabalhoO presente trabalho tem como objetivo, analisar e caracterizar a Perceção do Risco de elementos de corporações de Bombeiros. Na abordagem desta problemática, realizou-se uma análise dos determinantes da Perceção de Riscos, bem como a caraterização da Perceção de Riscos específicos nesta atividade. A primeira parte do trabalho efetua uma referência à realidade dos Bombeiros em Portugal, nomeadamente dos riscos a que estão sujeitos e ainda à perceção do risco, dando especial atenção aos fatores que a podem influenciar. A segunda parte apresenta a caracterização do instrumento de diagnóstico, o procedimento, a amostra e a análise e discussão dos resultados obtidos. Relativamente aos dados obtidos, verifica-se que a média das várias subescalas avaliadas nos Determinantes da Perceção do Risco está compreendida entre 1,49 (Irrelevância de Evitar o Risco) e 5,56 (Ansiedade), o desvio padrão entre 0,71 (Recompensas e Influência Social) e 0,97 (Severidade/Efeito Imediato ou Remoto). Nos dados obtidos nas subescalas da Perceção do Risco, os valores da média variam entre 5,29 (Risco Cognitivo) e 5,51 (Risco Emocional) e o desvio padrão entre 3,35 (Risco Cognitivo) e 5,55 (Risco Emocional). Os dados revelam que variáveis como Sexo, Vínculo com os Bombeiros, Chefia/Supervisão, Acidentes, Agregado familiar, Antiguidade, Estado civil, Graduação, Habilitações académicas e idade influenciam de forma significativa as perceções relativamente às subescalas dos Determinantes da Perceção do Risco.
Abstract: The current work settles has its objective to analyze and characterize, the risk perception of the fireman corporations. Within this problem approach, a determinants Risk Perception analyze was made, as well as the characterization of the Perception of specific risks in this activity. The first part in this work regards the Portugal Fireman reality, mainly the risks that they came across every day and also the Risk Perception they have, giving a special attention to the main factors that can actually influence this perception. The second part presents the characterizations of this diagnose instrument, the procedure, the sample and the analysis and discussion of the obtained results. Regarding the obtain data, it’s verified that the several dimensions, appraised average in the Risk Perception Determination is comprehended between 1.49 (Avoiding Risk Irrelevance) and 5.56 (Anxiety) and the standard deviation 0.71 (Rewards and Social Influence) as well as 0.97 (Severity/ Immediate Effect or Remote One). In the obtained data from the Risk Perception dimension, the average values vary between 5.29 (Cognitive Risk) and 5.51 (Emotional Risk) and the standard deviation settles between 3.35 (Cognitive Risk) and 5.55 (Emotional Risk). This data shows that different variables like Sex, Fireman bond, Leadership/Supervision, Accidents, Family, Seniority, Marital Status, Graduation, Academic Qualifications and Age, are a significant influence within the perceptions regarding the dimensions of the Risk Perception determinants.
9
Fantino, Benoît. "Quels élements d'influence pour l'adoption symbolique de la sécurité des systèmes d'information?" Thesis, Aix-Marseille, 2018. http://www.theses.fr/2018AIXM0586.
Full textAbstract:
La sécurité des systèmes d’information s’inscrit dans la dépendance croissante des entreprises envers leur SI en perspective du nombre grandissant d’incidents de sécurité. Dans cette recherche, nous nous intéressons à la gestion des risques SI, pour laquelle la littérature souligne le manque d’implication des top-managers. Nous abordons cette problématique sous l’angle de la décision des dirigeants, au travers de quatre approches théoriques : modèles des perceptions managériales des risques SI, perception des risques en psychologie, théorie néo-institutionnelle et théorie sur l’adoption symbolique des innovations. L’objectif est de rendre intelligible les influences sur l’adoption symbolique de la SSI. Nous employons une méthode qualitative organisée autour de 17 études de cas dans des entreprises d’activités variées. La SSI y est observée comme un processus de décision de gestion des risques SI. Nos résultats montrent la pertinence d’étudier la SSI selon une perspective individuelle de gestion des risques. D’une part, les caractéristiques de l’évaluation psychologique des risques éclairent les biais pour la gestion du risque SI. D’autre part, l’étude de ces biais apporte une perspective nouvelle sur la compréhension de l’investissement des top-managers pour la SSI. Nous montrons l’insensibilité des top-managers à l’exposition du risque, une préférence à aborder les risques sous l’angle des menaces. Aussi, nous exposons les influences qui contribuent à adopter une SSI technique et non managériale pourtant suggérée dans la littérature. Enfin, notre analyse fait émerger des perspectives pour prolonger la compréhension d’une SSI réactive, décriée par les auteurs en SSIThe information system security for which the interest joins in the increasing dependence of companies to them information system and in prospect of increasing number of security incidents. We are interested in the information system risk management, for whom the literature underlines the lack of involvement of top-managers.We approach the concern under the view of the decision of top executives for ISS, through four theoretical streams: the models of the managerial perceptions of IS risks, the risks perception in psychology, the institutional theory and the theory about symbolic adoption of the innovations. The aim is to make intelligible the influences on the symbolic adoption of such ISS approach. We use a qualitative method organized around 17 case studies in companies with varied activities. Our results highlight the relevance to study the ISS according to an individual perspective of risk management. On one hand, the characteristics of the psychological evaluation of the risks enlighten the biases for the management of the information system risk. On the other hand, the study of these biases brings a new perspective on the understanding of the investment of the top executives for the ISS. In particular, we underline the insensitivity of the top managers in the exposure of the risk, a preference to approach the risks under a threats point of view. We expose the influences which contribute to adopt a technical and not managerial ISS such as suggests by the Research. Finally, our analysis brings to the foreground perspectives to extend the comprehension of a reactive ISS, defame by ISS’ academics
10
Afshar, Faranak. "Investigating the Determinants of Disaster Recovery Technology Investment Choice in Small and Medium-sized Enterprises." NSUWorks, 2014. http://nsuworks.nova.edu/gscis_etd/7.
Full textAbstract:
Due to the importance of small and medium-sized enterprises (SMEs) as drivers of economic growth, it is essential to explore the security issues impacting SMEs' success and failure. One of the main security risks that could significantly impair the operability of the organizations is the permanent loss of data due to man-made and/or natural disasters and interruptions. Research has shown that SMEs are not taking disaster preparedness for their computer and networking systems as seriously as they should. This dissertation is an attempt to explain the process of a risky choice, specifically the decision maker's choice of not investing in disaster recovery technologies (DRT) to protect the firm. This study applied a revised model of determinants of risky decision-making behavior suggested by Sitkin and Weingart (1995) to a context of DRT investment in the real world. The model was empirically tested using survey data collected from a list of technology investment decision makers of SMEs located in the northeastern United States. Analysis and results of the collected survey data suggest the revised model can be applied to the real world context. The executive's characteristics, experience, and traits such as positive outcome history, risk propensity, risk perception, and decision framing influence the decision to invest in data protective technologies in SMEs. Specifically, the results of the analysis indicated that risk propensity is affected by outcome history and risk perception is affected by decision framing. In addition, risk propensity affected risk perception and risk perception affected the choice of DRT investment. Furthermore, decision framing had moderate effect on DRT investment
11
Talaie, Daniel, and Sara Ursu. "Kunders förtroende för mobila bankapplikationer : En empirisk studie som identifierar unga bankkunders förtroende för mobila bankapplikationer i samband med säkerhetsrisker." Thesis, Södertörns högskola, Företagsekonomi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:sh:diva-45904.
Full textAbstract:
The banking industry is constantly changing, resulting in more flexible payment methods and user-friendly services. Today's digital society attracts young people where new attitudes and behaviours are attributed. Thus, mobile banking applications are considered to be a technological development and streamlining of the bank. With this development, operational risks such as security risks may also arise. Trust is therefore of great importance for the relationship between bank customers and the bank in order to maintain customer satisfaction and customer loyalty. Previous research shows that young bank customers' confidence in mobile banking applications is influenced and connected by a number of factors. The purpose of the study is to describe and analyse the relationship between young bank customers' trust in mobile banking applications and perceived security risks. A quantitative research method is applied for this study. The method has been based on a deductive and positivistic approach based on theoretical frameworks that tests the study's six hypotheses. The empirical data that the study has applied was collected through a survey that was answered by 183 respondents. It was processed by using a univariate and bivariate analysis as well as a multiple regression analysis. The study's theoretical frame of reference introduces a number of theories with the purpose of investigating the study's background and problem discussion. An independent variable and five control variables have been developed as influential factors for young bank customers' trust in mobile banking applications. The independent variable is perception of security risks. The five control variables consist of gender, age, level of education, position and savings, all of which are related to the dependent variable trust. The results showed that there is no statistically significant relationship between young bank customers' trust in mobile banking applications in relation to gender, level of education and position. However, it was also discovered that there is a statistically significant connection between young bank customers' trust in mobile banking applications with respect to perception of security risks, age and savings. Beyond that it was also established that the older the bank customer is, the lower the customer's trust is in the mobile banking applications.Bankbranschen förändras ständigt där allt fler flexibla betalningsmetoder och användarvänliga tjänster uppkommer. Dagens digitaliserade samhälle lockar till sig unga människor där nya attityder och beteenden attribueras. Således anses mobila bankapplikationer vara en teknologisk utveckling och effektivisering av banken. Med denna utveckling kan även operativa risker såsom säkerhetsrisker tillkomma. Förtroendet är följaktligen av stor betydelse för förhållandet mellan bankkunder och banken för att bevara kundnöjdheten och kundlojaliteten. Tidigare forskning visar att unga bankkunders förtroende för mobila bankapplikationer influeras av och uppvisar samband mellan ett flertal faktorer. Syftet med studien är att beskriva och analysera sambandet mellan unga bankkunders förtroende för mobila bankapplikationer och upplevda säkerhetsrisker. Studien tillämpar en kvantitativ forskningsmetod. Metoden baseras på en deduktiv och positivistisk ansats med utgångspunkt i teoretiska ramverk som prövar studiens sex hypoteser. Den empiriska datan har samlats in genom en enkätundersökning, som vidare besvarades av 183 respondenter. Därefter bearbetades data med hjälp av en univariat och bivariat analys samt en multipel regressionsanalys. Studiens teoretiska referensram introducerar ett flertal teorier med ändamål att utreda studiens bakgrund och problemdiskussion. En oberoende variabel och fem kontrollvariabler har framtagits som inflytelserika faktorer för unga bankkunders förtroende för mobila bankapplikationer. Den oberoende variabeln består av perception av säkerhetsrisker och de fem kontrollvariablerna utgörs av kön, ålder, utbildningsnivå, befattning och sparande, vilka alla står i relation till den beroende variabeln förtroende. Resultatet påvisar att det inte finns ett statistiskt säkerställt samband mellan unga bankkunders förtroende för mobila bankapplikationer i relation till kön, utbildningsnivå och befattning. Däremot tyder resultatet på ett statistiskt säkerställt samband mellan unga bankkunders förtroende för mobila bankapplikationer i förhållande till perception av säkerhetsrisker, ålder och sparande. Studiens resultat fastslog även att ju äldre den unga bankkunden är desto lägre förtroende erhåller kunden för de mobila bankapplikationerna.
12
Rahman, Naseef. "International Students’ Perception of Risk and Safety when Travelling : Case Study on students of Dalarna University, Borlange, Sweden." Thesis, Högskolan Dalarna, Turismvetenskap, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:du-28877.
Full textAbstract:
International students are becoming a more and more attractive group for tourism agencies, and for those responsible for regional development, some study is warranted to explore how one may effectively recognize their preferences, wants, needs, and constraints to draw their attention towards the destination or to experience tourism firm’s offerings specially in this research about their perception about risk, safety and security during their travelling. Perception of risk, safety and security of a tourist destination may create a broader platform of preferences, and associated constraints. Perceived risk is defined as a consumer’s perception of the overall negativity of a course of action based upon an assessment of the possible negative outcomes and the likelihood that those outcomes will occur. Tourism, exclusively international tourism, is highly delicate to safety and security issues. It is one of the enterprise most exposed to changes in the world stage that may produce alteration in tourist behavior. A clearer perceptive of the traveler’s decision-making process and the role of intervening variables are compulsory, notably respecting travel inhibitors, such as risk perception, to assist develop enhanced destination development or recovery strategies. Constructing conditions for tourists to feel safe before and during the trip may be demanding to the success of a destination competing internationally. The current study attempts to fill a gap by exploring risk perceptions of individual international students who engaged in tourism and try to explore the concerned safety measure among them. The findings revealed that the most common risk perception and endeavors were transportation, fraudulent behavior of locals towards tourists, losing valuables, health issues and sexual harassment. However, the international students with experience with travelling themselves gave the safety and security precautions needed to minimize these risks. The safety and security features involve avoiding informal sectors, taking care of personal belongings, being always cautious about the situation happening around, educating themselves about the destination they are visiting, proper health care and proper authority to report any mishaps. After this research it could be understood that international student tourist is concerned about their safety and they would improve the situation of risk they perceive if given the chance to.
13
Liu, XiaoTong. "Privacy exposure on WeChat from users' perspective : A study among the university students in China." Thesis, Linnéuniversitetet, Institutionen för informatik (IK), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-80610.
Full textAbstract:
In 21st century, social media has become one necessary part in people’s life, different kinds of social media emerge in endlessly. In younger generation, it is popular to use social media as a communication tool to get closer to each other. During using social media, it is important to have awareness to protect their personal information. Comparing with Western countries, the topic of privacy is not often discussed in China and some privacy issues might be ignored due to people have not enough knowledge in this area. In this study, the focus is to investigate Chinese university students’ perception of privacy risks and WeChat personal information exposure. Based on this, this study also explores the users’ attitudes toward WeChat and how it influences the future usage of it. The adopted research method is qualitative research method, by doing interviews with 15 students from different school, city and major. From the study, eight essential concepts are used to answer two research questions. Though analysis, the situation of the privacy perception can be found, the reasons and attitudes toward WeChat are also figured out. At the end of the thesis, the contribution of this study and suggestions to future research are shown.
14
Liu, Fang. "Mining Security Risks from Massive Datasets." Diss., Virginia Tech, 2017. http://hdl.handle.net/10919/78684.
Full textAbstract:
Cyber security risk has been a problem ever since the appearance of telecommunication and electronic computers. In the recent 30 years, researchers have developed various tools to protect the confidentiality, integrity, and availability of data and programs.
However, new challenges are emerging as the amount of data grows rapidly in the big data era. On one hand, attacks are becoming stealthier by concealing their behaviors in massive datasets. One the other hand, it is becoming more and more difficult for existing tools to handle massive datasets with various data types.
This thesis presents the attempts to address the challenges and solve different security problems by mining security risks from massive datasets. The attempts are in three aspects: detecting security risks in the enterprise environment, prioritizing security risks of mobile apps and measuring the impact of security risks between websites and mobile apps. First, the thesis presents a framework to detect data leakage in very large content. The framework can be deployed on cloud for enterprise and preserve the privacy of sensitive data. Second, the thesis prioritizes the inter-app communication risks in large-scale Android apps by designing new distributed inter-app communication linking algorithm and performing nearest-neighbor risk analysis. Third, the thesis measures the impact of deep link hijacking risk, which is one type of inter-app communication risks, on 1 million websites and 160 thousand mobile apps. The measurement reveals the failure of Google's attempts to improve the security of deep links.Ph. D.
15
Ambrose, William, Samuel Athley, and Niclas Dagland. "Cloud Computing : Security Risks, SLA, and Trust." Thesis, Jönköping University, JIBS, Business Informatics, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-12484.
Full textAbstract:
With Cloud Computing becoming a popular term on the Information Technology (IT) market, security and accountability has become important issues to highlight. In our research we review these concepts by focusing on security risks with Cloud Computing and the associated services; Software, Platform and Infrastructure (SPI) and connecting them with a social study of trust.
The method that was conducted during our research was reviewing secondary literature, interviewing different experts regarding Cloud Computing and relating standards already established by ENISA, NIST, and CSA to the interviews.
The result of this study shows connections between the specific SPIs, both how they compare, but also how they differ. In the end we were also able to rank the top security risks from interviews with experts and see which SPI could be the most insecure one and what countermeasures could be applied.
This was further related to trust and Service Level Agreement (SLA) in Cloud Computing to show how the security risks we discuss are related to these two specific areas. By highlighting this we wanted to present useable information for both clients and providers in how to create a better Cloud Computing environment.
16
Messaggi, Kaya Monica. "Trust and security risks in mobile banking." Thesis, University of Oxford, 2013. http://ora.ox.ac.uk/objects/uuid:bccf1f59-70cc-4b67-bf87-bfc7af22880f.
Full textAbstract:
With the development and growth of mobile technologies, mobile phones enable users to perform a number of different tasks with their devices: from sending simple text messages, checking e-mails and browsing the internet, to running elaborated applications. Nowadays, the mobile phone platform creates great opportunities for businesses, especially due to its capabilities and population coverage: the number of mobile subscriptions approaches global population figures. In order to explore such opportunities, most banks have already launched their mobile applications and/or re-designed mobile version of their websites. One of the benefits of using mobile banking is the possibility for users to carry out bank transactions, such online payments or transfers, at anytime and anywhere. Expectations for the adoption of mobile banking were high; however, it represents about 20% of mobile phone users at the present. One factor has been recognised as being a strong reason for users not to adopt mobile banking: their concerns about security. This dissertation focuses on the relationship between the trust users have in mobile banking and the security risks that the use of mobile devices potentially pose. A questionnaire was created in order to gather users’ perception of security about mobile banking, and its results compared with recognised security issues.
17
Ward, Shannon-Jane. "The consumer-perceived risk associated with the intention to purchase online." Thesis, Link to the online version, 2008. http://hdl.handle.net/10019/1891.
Full text
18
Boksasp, Trond, and Eivind Utnes. "Android Apps and Permissions: Security and Privacy Risks." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2012. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-18898.
Full textAbstract:
This thesis investigates the permissions requested by Android applications, and the possibility of identifying suspicious applications based only on information presented to the user before an application is downloaded. During the course of this project, a large data set consisting of applications published on Google Play and three different third-party Android application markets was collected over a two-month period. These applications are analysed using manual pattern recognition and k-means clustering, focusing on the permissions they request. The pattern analysis is based on a smaller data set consisting of confirmed malicious applications. The method is evaluated based on its ability to recognise malicious potential in the analysed applications. The k-means clustering analysis takes the whole data set into consideration, in the attempt of uncovering suspicious patterns. This method is evaluated based on its ability to uncover distinct suspicious permission patterns and the findings acquired after further analysis of the clustering results.
19
Brand, Johanna Catherina. "The governance of significant enterprise mobility security risks." Thesis, Stellenbosch : Stellenbosch University, 2013. http://hdl.handle.net/10019.1/85853.
Full textAbstract:
Thesis (MComm)--Stellenbosch University, 2013.ENGLISH ABSTRACT: Enterprise mobility is emerging as a megatrend in the business world. Numerous risks originate from using mobile devices for business-related tasks and most of these risks pose a significant security threat to organisations’ information. Organisations should therefore apply due care during the process of governing the significant enterprise mobility security risks to ensure an effective process to mitigate the impact of these risks. Information technology (IT) governance frameworks, -models and -standards can provide guidance during this governance process to address enterprise mobility security risks on a strategic level. Due to the existence of the IT gap these risks are not effectively governed on an operational level as the IT governance frameworks, -models and -standards do not provide enough practical guidance to govern these risks on a technical, operational level. This study provides organisations with practical, implementable guidance to apply during the process of governing these risks in order to address enterprise mobility security risks in an effective manner on both a strategic and an operational level. The guidance given to organisations by the IT governance frameworks, -models and -standards can, however, lead to the governance process being inefficient and costly. This study therefore provides an efficient and cost-effective solution, in the form of a short list of best practices, for the governance of enterprise mobility security risks on both a strategic and an operational level.
AFRIKAANSE OPSOMMING: Ondernemingsmobiliteit kom deesdae as ‘n megatendens in die besigheidswêreld te voorskyn. Talle risiko's ontstaan as gevolg van die gebruik van mobiele toestelle vir sake-verwante take en meeste van hierdie risiko's hou 'n beduidende sekuriteitsbedreiging vir organisasies se inligting in. Organisasies moet dus tydens die risikobestuursproses van wesenlike mobiliteit sekuriteitsrisiko’s die nodige sorg toepas om ‘n doeltreffende proses te verseker ten einde die impak van hierdie risiko’s te beperk. Informasie tegnologie (IT)- risikobestuurraamwerke, -modelle en -standaarde kan op ‘n strategiese vlak leiding gee tydens die risikobestuursproses waarin mobiliteit sekuriteitsrisiko’s aangespreek word. As gevolg van die IT-gaping wat bestaan, word hierdie risiko’s nie effektief op ‘n operasionele vlak bestuur nie aangesien die ITrisikobestuurraamwerke, -modelle en -standaarde nie die nodige praktiese leiding gee om hierdie risiko’s op ‘n tegniese, operasionele vlak te bestuur nie. Om te verseker dat organisasies mobiliteit sekuriteitsrisiko’s op ‘n effektiewe manier op beide ‘n strategiese en operasionele vlak bestuur, verskaf hierdie studie praktiese, implementeerbare leiding aan organisasies wat tydens die bestuursproses van hierdie risiko’s toegepas kan word. Die leiding aan organisasies, soos verskaf in die IT-risikobestuurraamwerke, - modelle en -standaarde, kan egter tot’n ondoeltreffende en duur risikobestuursproses lei. Hierdie studie bied dus 'n doeltreffende, koste-effektiewe oplossing, in die vorm van 'n kort lys van beste praktyke, vir die bestuur van die mobiliteit sekuriteitsrisiko’s op beide 'n strategiese en 'n operasionele vlak.
20
Klasmark, Jacob, and Valter Lundegårdh. "Potential security risks in Google Nest Indoor Camera." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-280288.
Full textAbstract:
Our world is becoming more and more connected every day. Recently a new trend has taken off: smart homes. As people are investing in making their house connected this usually also includes some type of surveillance, more precisely a camera. A camera inside your home does however raise a question: how secure is it?In this bachelor thesis an investigation of how secure the Google Nest Indoor Camera is was conducted. This camera was chosen because it is relatively cheap compared to other Nest cameras making it more attractive to your average person. In addition, being a camera developed by Google one would expect hefty security. Previous penetration tests did to the contrary however discover several vulnerabilities resulting in media attention across the globe. These factors combined gave us enough reason to conduct our research around this device.A study around how secure the camera is was done. It began with an initial research phase to identify the current most crucial threats. Together with a threat model of the system and earlier research the threats were then summarised in a threat matrix. These were then ranked with DREAD as to delimit the amount of threats further so only the most potentially harmful ones could be investigated further. Penetration tests were then performed.From our study we did not find any evidence of there existing vulnerabilities that could allow an adversary to view the camera feed or access other parts of ones home network through it. Even so, other, perhaps dangerous, vulnerabilities and exploits where found. This includes the ability to learn in which mode the camera is in or prohibit a user from connecting to the camera through Bluetooth.Vår värld blir mer och mer uppkopplad varje dag. Nyligen har en trend tagit fart: smarta hem. När människor investerar i att göra sitt hus anslutet inkluderar det vanligtvis också någon typ av övervakning, mer exakt en kamera. En kamera i ditt hem lyfter emellertid frågan: hur säker är den? I denna kandidatuppsats genomfördes en undersökning av hur säker Google Nest Indoor Camera är. Denna kamera valdes eftersom den är relativt billig jämfört med andra Nest kameror vilket gör den mer attraktiv för gemene man. Då kameran är utvecklad av Google skulle en dessutom kunna förvänta sig rejäl säkerhet. Tidigare penetrationstest upptäckte tvärtemot flera sårbarheter vilket resulterade i medieuppmärksamhet över hela världen. Dessa faktorer kombinerade gav oss tillräckligt med anledning att genomföra vår kandidatexamen kring denna enhet.En studie kring hur säker kameran är genomfördes. Den inleddes med en forskningsfas för att identifiera de mest avgörande hoten. Tillsammans med en hotmodell av systemet och tidigare forskning summerades hoten i en hotmatris. Dessa rankades sedan med DREAD för att ytterligare begränsa mängden hot så att endast de mest potentiellt skadliga skulle kunna undersökas vidare. Penetrationstest utfördes därefter.Från vår studie hittade vi inga bevis på befintliga sårbarheter som kan göra det möjligt för en tuff motståndare att se kameraflödet eller komma åt andra delar av ens hemnätverk genom den. Trots det hittades andra, kanske farliga, sårbarheter och utnyttjanden. Detta inkluderar möjligheten att lära sig i vilket läge kameran är i eller hindra en användare från att ansluta till kameran via Bluetooth.
21
Alawaji, Ahmed S. "Privacy and security risks for national health records systems." Thesis, Massachusetts Institute of Technology, 2018. http://hdl.handle.net/1721.1/118558.
Full textAbstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2018.Page 104 blank. Cataloged from PDF version of thesis.
Includes bibliographical references (pages 101-103).
A review of national health records (NEHR) systems shows that privacy and security risks have a profound impact on the success of such projects. Countries have different approaches when dealing with privacy and security considerations. The aims of this study were to explore how governments can design secure national health records systems. To do that systematically, we developed a framework to analyze NEHR systems. We then applied the framework to investigate the privacy and security risks in these systems. The studied systems demonstrate that getting privacy and security right have a considerable impact on the success of NEHR projects. Also, our study reveals that the healthcare system structure has a substantial impact on the adoption and usage rates of the system. The studied cases uncover many opportunities for improving privacy and security measures in future projects. The framework demonstrates the utility of applying it to the three cases.
by Ahmed S. Alawaji.
S.M. in Engineering and Management
22
Han, Jun. "Advantages and Risks of Sensing for Cyber-Physical Security." Research Showcase @ CMU, 2018. http://repository.cmu.edu/dissertations/1161.
Full textAbstract:
With the the emergence of the Internet-of-Things (IoT) and Cyber-Physical Systems (CPS), modern computing is now transforming from residing only in the cyber domain to the cyber-physical domain. I focus on one important aspect of this transformation, namely shortcomings of traditional security measures. Security research over the last couple of decades focused on protecting data in regard to identities or similar static attributes. However, in the physical world, data rely more on physical relationships, hence requires CPS to verify identities together with relative physical context to provide security guarantees. To enable such verification, it requires the devices to prove unique relative physical context only available to the intended devices. In this work, I study how varying levels of constraints on physical boundary of co-located devices determine the relative physical context. Specifically, I explore different application scenarios with varying levels of constraints – including smart-home, semi-autonomous vehicles, and in-vehicle environments – and analyze how different constraints affect binding identities to physical relationships, ultimately enabling IoT devices to perform such verification. Furthermore, I also demonstrate that sensing may pose risks for CPS by presenting an attack on personal privacy in a smart home environment.
23
Sedlack, Derek J. "Reducing Incongruity of Perceptions Related to Information Risk: Dialogical Action Research in Organizations." NSUWorks, 2012. http://nsuworks.nova.edu/gscis_etd/299.
Full textAbstract:
A critical overreliance on the technical dimension of information security has recently shifted toward more robust, organizationally focused information security methods to countermand $54 billion lost from computer security incidents. Developing a more balanced approach is required since protecting information is not an all or nothing proposition. Inaccurate tradeoffs resulting from misidentified risk severity based on organizational group perceptions related to information risk form information security gaps. This dissertation applies dialogical action research to study the information security gap created by incongruent perceptions of organizational members related to information risk among different stakeholder communities. A new model, the Information Security Improvement model, based on Technological Frames of Reference (TFR), is proposed and tested to improve information security through reduced member incongruity. The model proved useful in realigning incongruent perceptions related to information risk within the studied organization. A process for identifying disparate information characteristics and potential influencing factors is also presented. The research suggested that the model is flexible and extensible, within the organizational context, and may be used to study incongruent individual perceptions (micro) or larger groups such as departments or divisions.
24
Alkaabi, Ahmed. "Strategic framework to minimise information security risks in the UAE." Thesis, University of Bedfordshire, 2014. http://hdl.handle.net/10547/344600.
Full textAbstract:
The transition process to ICT (Information and Communication Technology) has had significant influence on different aspects of society. Although the computerisation process has motivated the alignment of different technical and human factors with the expansion process, the technical pace of the transition surpasses the human adaptation to change. Much research on ICT development has shown that ICT security is essentially a political and a managerial act that must not disregard the importance of the relevant cultural characteristics of a society. Information sharing is a necessary action in society to exchange knowledge and to enable and facilitate communication. However, certain information should be shared only with selected parties or even kept private. Information sharing by humans forms the main obstacle to security measure undertaken by organisations to protect their assets. Moreover, certain cultural traits play a major role in thwarting information security measures. Arab culture of the United Arab Emirates is one of those cultures with strong collectivism featuring strong ties among individuals. Sharing sensitive information including passwords of online accounts can be found in some settings in some cultures, but with reason and generally on a small scale. However, this research includes a study on 3 main Gulf Cooperation Council (GCC) countries, namely, Saudi Arabia (KSA), United Arab Emirates (UAE) and Oman, showing that there is similar a significant level of sensitive information sharing among employees in the region. This is proven to highly contribute to compromising user digital authentication, eventually, putting users’ accounts at risk. The research continued by carrying out a comparison between the United Kingdom (UK) and the Gulf Cooperation Council (GCC) countries in terms of attitudes and behaviour towards information sharing. It was evident that there is a significant difference between GCC Arab culture and the UK culture in terms of information sharing. Respondents from the GCC countries were more inclined to share sensitive information with their families and friends than the UK respondents were. However, UK respondents still revealed behaviour in some contexts, which may lead potential threats to the authentication mechanism and consequently to other digital accounts that require a credential pass. It was shown that the lack of awareness and the cultural impact are the main issues for sensitive information sharing among family members and friends in the GCC. The research hence investigated channels and measures of reducing the prevalence of social engineering attacks, such as legislative measures, technological measures, and education and awareness. The found out that cultural change is necessary to remedy sensitive information sharing as a cultural trait. Education and awareness are perhaps the best defence to cultural change and should be designed effectively. Accordingly, the work critically analysed three national cybersecurity strategies of the United Kingdom (UK), the United States (U.S.) and Australia (AUS) in order to identify any information security awareness education designed to educate online users about the risk of sharing sensitive information including passwords. The analysis aimed to assess possible adoption of certain elements, if any, of these strategies by the UAE. The strategies discussed only user awareness to reduce information sharing. However, awareness in itself may not achieve the required result of reducing information sharing among family members and friends. Rather, computer users should be educated about the risks of such behaviour in order to realise and change. As a result, the research conducted an intervention study that proposed a UAE-focused strategy designed to promote information security education for the younger generation to mitigate the risk of sensitive information sharing. The results obtained from the intervention study of school children formed a basis for the information security education framework also proposed in this work.
25
Window, Marc. "Security in Precision Agriculture : Vulnerabilities and risks of agricultural systems." Thesis, Luleå tekniska universitet, Datavetenskap, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-74309.
Full text
26
Siljeströmer, Henrik. "Risks of Internet of ThingsA study of risks, consumer knowledge and behaviours regarding IoT usage and security." Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-447017.
Full textAbstract:
The internet has become a vital part of peoples everyday life and helped connect the world together. With the explosive growth of smaller IoT devices during the 2010s users have surrounded themselves with ever more smart devices. These IoT devices,equipped with sensors and wireless communication capabilities, are capable of forming small networks which support peoples everyday life. Security in IoT has been considered to be somewhat of a jokein the industry due to it often being neglected by manufacturers.This is due to it being built with the SCADA framework in mind but faces many more challenges, for example the limited hardware of the devices, the number of devices communicating and wider range of environments in which they operate. Apart from hardware related risks, the users also runs the risk of having their entire life monitored by these IoT devices by collecting the entire stream of data produced by them as well as these IoT devices can be abused to gain more than necessary information about them. The behaviours of users play a large roll in keeping systems secure. Humans makemistakes, not because they are lazy or stupid, but they tend to choose the path of least resistance, writing passwords down or skipping security measures when it becomes overwhelming. However,developers carry a certain level of responsibility for this, since a well designed user interface can facilitate the use of such security measures. A survey was sent out to get a better understanding of consumers knowledge and behaviours regarding IT,a survey was distributed with almost 100 respondents. The results showed that background were tied to greater knowledge and understanding of IT but did not mean that you had a better mind set of security. Similarly, both consumers with less or more IT knowledge could be lazy for the sake of convenience.
27
Abreu, Nair JÃlia Andrade de. "Perception of flooding risks in the PreguiÃa neighborhood - Maranguape(CE)." Universidade Federal do CearÃ, 2015. http://www.teses.ufc.br/tde_busca/arquivo.php?codArquivo=14654.
Full textAbstract:
Universidade Federal do CearÃThis research addresses the risks of flooding in the PreguiÃa neighborhood, Maranguape / CearÃ, covering more specifically the perceptual approach these risks. This approach is of great importance in that it presents data showing how residents perceive and understand the context of risks to which they belong, including information that can be extremely useful to risk management. In addition, aspects related to perception are hardly highlighted in studies of risks. Thus, this study aimed to analyze the perception that of the residents of the PreguiÃa neighborhood have about the flooding risk in that area, addressing the different aspects that may have influenced the observed perceptions. At the same time, the objective was to verify the measures taken (and to be made) in respect of such risks. The development of this study was performed by means of surveying and mapping and literature review; field observations; making maps; development and implementation of questionnaires; and discussion of the data obtained through the questionnaires and field surveys. The data on the perception of residents and issues relating to it were organized and analyzed on the following variables: experiences and knowledge related to accidents and / or alert conditions; conditions of flooding, causality and responsibility; evaluation and choice; threshold security and lastly, adjustments and other reactions to the risks. The results show that 92% of respondents consider the existence of flood risk in the area, 58% have adopted at least one preventive measure of immediacy and only 22% had changes in the structure of their respective residences. In the end, proposals were presented and discussed measures to be taken in order to reduce the risk of flooding in the area and prevent accidents.
A presente pesquisa aborda os riscos de inundaÃÃes existentes no bairro PreguiÃa, Maranguape/CearÃ, contemplando mais especificamente a abordagem perceptiva desses riscos. Esse tipo de abordagem reveste-se de grande importÃncia na medida em que apresenta dados que revelam como os moradores locais percebem e compreendem o contexto de riscos no qual estÃo inseridos, informaÃÃes que inclusive podem ser extremamente Ãteis à gestÃo de riscos. AlÃm disso, aspectos relacionados à percepÃÃo dificilmente sÃo destacados nos estudos sobre riscos. Desse modo, objetivou-se analisar a percepÃÃo que alguns dos residentes do bairro PreguiÃa apresentam sobre os riscos de inundaÃÃes na referida Ãrea, abordando os diferentes aspectos que podem ter influenciado nas percepÃÃes observadas. Paralelamente, objetivou-se verificar as medidas tomadas (e a serem tomadas) em relaÃÃo a esses riscos. O desenvolvimento desse estudo deu-se por meio de levantamento e revisÃo bibliogrÃfica e cartogrÃfica; observaÃÃes em campo; confecÃÃo de mapas; elaboraÃÃo e aplicaÃÃo de questionÃrios; bem como discussÃo dos dados obtidos por meio dos questionÃrios e dos levantamentos de campo. Os dados referentes à percepÃÃo dos moradores e aos aspectos relacionados a ela foram organizados e analisados em torno das seguintes variÃveis: experiÃncias e conhecimentos relacionados à ocorrÃncia de acidentes e/ou a situaÃÃes de alerta; condicionantes e deflagradores, causalidade e responsabilidade; avaliaÃÃo e escolha; limiar de seguranÃa e por Ãltimo, ajustamentos e outras reaÃÃes frente aos riscos. Os resultados obtidos mostram que 92% dos pesquisados consideram a existÃncia de riscos de inundaÃÃes na Ãrea, 58% jà adotaram pelo menos uma medida preventiva de carÃter imediato e apenas 22% deles realizaram modificaÃÃes na estrutura de suas respectivas residÃncias. Ao final sÃo apresentadas e discutidas propostas de medidas a serem tomadas no intuito de reduzir os riscos de inundaÃÃes na Ãrea e prevenir acidentes.
28
Masci, Stefano. "Airport Security: Passenger's Perception and Design Issues." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2016. http://amslaurea.unibo.it/10468/.
Full textAbstract:
The main goal of this thesis is to report patterns of perceived safety in the context of airport infrastructure, taking the airport of Bologna as reference. Many personal and environmental attributes are investigated to paint the profile of the sensitive passenger and to understand why precise factors of the transit environment are so impactful on the individual. The main analyses are based on a 2014-2015 passengers’ survey, involving almost six thousand of incoming and outgoing passengers. Other reports are used to implement and support the resource. The analysis is carried out by using a combination of Chi-square tests and binary logistic regressions. Findings shows that passengers result to be particularly affected by the perception of airport’s environment (e.g., state and maintenance of facilities, clarity and efficacy of information system, functionality of elevators and escalators), but also by the way how the passenger reaches the airport and the quality of security checks. In relation to such results, several suggestions are provided for the improvement of passenger satisfaction with safety. The attention is then focused on security checkpoints and related operations, described on a theoretical and technical ground. We present an example of how to realize a proper model of the security checks area of Bologna’s airport, with the aim to assess present performances of the system and consequences of potential variations. After a brief introduction to Arena, a widespread simulation software, the existing model is described, pointing out flaws and limitations. Such model is finally updated and changed in order to make it more reliable and more representative of the reality. Different scenarios are tested and results are compared using graphs and tables.
29
Mehmood, Furhan, and Rajia Rafique. "Management of operational risks related to information security in financial organizations." Thesis, Mälardalen University, School of Sustainable Development of Society and Technology, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-9823.
Full textAbstract:
Date: 30th May 2010
Authors: Rajia Rafique, Furhan Mehmood
Tutor: Dr. Michael Le Duc, Dr. Deepak Gupta
Title: Management of Operational Risks related to Information Security in Financial Organizations
Introduction: Information security is very significant for organizations, especially for financial organizations where customer information and their satisfaction are considered the most important assets for financial organizations. Therefore customer information must be sustained from information security breaches in order to satisfy customers. Financial organizations use their customer’s information several times a day to deal with different operations. These operations contain several types of risks. Operational risks related to information security are becoming sensational for financial organizations. Financial organizations concentrate to reduce the exposure of operational risk related to information security because these risks can affect the business to a great extent. Financial organizations need such policies and techniques which can be used to reduce the exposure of operational risk and to enhance information security. Several authors discuss about several types of operational risk related to information security, and several authors discuss about the techniques to avoid these risks in order to enhance information security.
Problem: Investigate the concept of Operational Risks related to Information Security and how it is perceived in Financial Organization?
Purpose: The aspiration of writing this report is to describe and analyze operational risks related to information security in financial organizations and then to present some suggestions in form of polices or techniques which can be used by financial organizations to enhance their information security.
Method: Since the type of our thesis is Qualitative based, therefore exploratory research approach is used to carry out research. Authors tried to use secondary source of information as well as primary source of information in order to get maximum knowledge about the topic and to come up with maximum possible output.
Target Audience
The target audience in our mind for this paper consists of both, academic readers and professionals who have interest and some knowledge about information security and operational risks. Target audience for this research work includes professionals, academic readers and both investigated organizations (NCCPL and CDC).
Conclusion
By critically analyzing the literature written by various authors and the worthy information provided by our primary sources gave us the opportunity to develop a solution to keep the operations secure from risks and to fix the current problems related to information security. We found that there are different types of operational risks related to information security which can affect the business of financial organizations and there are various techniques which can be used by financial organizations to solve the current issue related to operational risks in order to enhance information security. It was also found that top management in financial organizations is interested in issues about information security operational risk and they showed their keen interest in adopting new effective techniques.
Keywords: Information Security, Information Security Risks, Operational Risks, Operational Risk Management, Operational Risks in Financial Organizations.
30
Fielk, Klaus W. "Cyberciege scenario illustrating integrity risks to a military like facility." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2004. http://library.nps.navy.mil/uhtbin/hyperion/04Sep%5FFielk.pdf.
Full textAbstract:
Thesis (M.S. in Computer Science)--Naval Postgraduate School, Sept. 2004.Thesis advisor(s): Cynthia E. Irvine, Paul C. Clark. Includes bibliographical references (p. 97-101). Also available online.
31
Sung, Martin (Ming-Che). "The perception and management of pollution risks in Taiwan's electric utility." Thesis, Glasgow Caledonian University, 1999. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.313175.
Full textAbstract:
This thesis is the study of the perception and management of pollution risks in Taiwan's electric utility in terms of a social science paradigm of risk. It represents the first examination of Feng Shui belief impact on Taiwanese risk behaviour in electric risk settings. The deep seated culture and widespread practice of Feng Shui in traditional Chinese society would lead to the assumption that Feng Shui belief should strongly influence Taiwan risk behaviour. This empirical study research revealed that Feng Shui belief is much less important to Taiwanese risk behaviour than might have been thought. Most of the variation in electric risk acceptability resulted from the influence of social equity and justice. This study also examined the literature between Feng Shui and risk. What emerged from this is the notion that Feng Shui can be regarded as helpful complementary thinking in a social science paradigm of risk. This study suggests a number of important implications for Taipower Company and risk regulators. The choice about siting of a power plant should take account of the concept of Feng Shui the boundary rather than the concept of the fixed and administrative boundary. Implication also emerged in relation to social trust and the understanding of local residents' risk perception
32
Ackley, Mary. "Evaluating Environmental Risks in Mining: a Perceptual Study." ScholarWorks @ UVM, 2008. http://scholarworks.uvm.edu/graddis/7.
Full textAbstract:
Gold mining is often associated with positive economic benefits; however, it may also have negative impacts on the environment and human health. It is essential that communities understand the risks and benefits associated with mining, particularly in developing countries where there is often a lack of legislation governing the environmental performance of mining corporations. The perceptions of local people regarding the risks and benefits of mining may differ significantly from those of company representatives, policy makers, and the scientific community. Indeed, public concerns have sometimes been ignored or downplayed by those responsible for the implementation of environmental policies and practices. Examination of the complex social, economic, psychological, political, and cultural factors influencing risk perception in mining communities is thus important for successful risk communication and management. Issues arising from the interplay between socio-economic benefits and risks are particularly acute in small island states which have isola ted and highly limited economic development trajectories. The lessons learned in such cases are therefore instructive for crisis planning across the developing world. This study conducted firsthand empirical research into the perception of environmental and health risks in the communities surrounding the Vatukoula gold mine in Fiji. Primary data was obtained through a survey questionnaire designed to quantify and evaluate perceived risks (n= 340, representing approximately 24% of the target population). Concurrently, environmental samples were collected to assess the extent of environmental impacts at the study site. Study results revealed that gender is an important variable in risk perception at Vatukoula. Major findings include: (1) women feel they have less knowledge about the risks of mining compared to men; (2) women feel they have less control to avoid the risks of mining compared to men; and (3) women and men tend to receive risk messages from different sources. The information obtained during this study was made directly available to local stakeholders, to aid in risk management and decision-making.
33
Millman, Caroline Elizabeth. "Perceptions and risks : food-borne pathogens in the domestic environment." Thesis, University of Manchester, 2012. https://www.research.manchester.ac.uk/portal/en/theses/perceptions-and-risks-foodborne-pathogens-in-the-domestic-environment(daae2641-ddf5-41d0-877c-1ba1533ad243).html.
Full textAbstract:
Food-borne illness is a significant burden both with regard to public health and financially. Efforts to reduce the level of food-borne illness continue to concentrate on the full food supply chain with particular regard given to Campylobacter, the most commonly reported zoonosis and the greatest burden to public health. The focus of this research is domestic food safety practises, where there is no regulation. Food safety is reliant on people’s knowledge or awareness, their ability to adopt safe food handling practises and for the correct behaviours to achieve this, to be routine. The elicitation of awareness and perceptions with regard to food safety are problematic due to the complexities of human nature, including the presence of several forms of bias, such as social desirability bias and optimistic bias. The research was designed in order to try to minimise such biases, whilst further understanding influences on food safety preparation behaviour. Food safety preparation behaviours and kitchen hygiene were investigated between people who had campylobacteriosis in comparison to people who had not had food poisoning. Whilst no difference was noted in the kitchen hygiene between the two groups, significant differences were noted in self-reported food preparation behaviours. Optimistic bias was exhibited by both groups but when tested again after six months had elapsed, the group who had not had food poisoning increased their optimism, introducing a significant difference in optimistic bias between the two groups. Awareness of a number of unsafe food behaviours was explored for individuals and groups of people using a method developed as part of the research. This method of hazard awareness uses video as a stimulus, creating an interactive survey, combined with attitudinal and demographic data. Changes were made to perceptions of knowledge and risk following the hazard perception challenge, with the number of hazards missed, influencing this movement in perception. The risk perception of unsafe food handling behaviours was examined using a novel technique Best-Worst Scaling, in order to identify relative risks. This technique, in conjunction with latent class modelling, demonstrated a difference in perceptions between food safety experts and members of the general public. However, these differences are nuanced and demonstrate that heterogeneity exists both within and across the groups. Taken together, these findings have extended the research on domestic food safety behaviour and risk perceptions. It has done so by developing and testing novel methods to elicit relative risk perceptions and hazard perception with regard to food safety behaviours. The results provide valuable evidence for stakeholders particularly with regard to the novel methods used in identifying the heterogeneity and influences of food safety behaviour between groups of people. It also provides important tools for stakeholders, risk managers and communicators to use in future research, communication and education.
34
Zwickle, Adam K. "Communicating Environmental Risks." The Ohio State University, 2014. http://rave.ohiolink.edu/etdc/view?acc_num=osu1397500693.
Full text
35
Gaupp, Franziska. "Water security, droughts and the quantification of their risks to agriculture : a global picture in light of climatic change." Thesis, University of Oxford, 2017. https://ora.ox.ac.uk/objects/uuid:a9a1a456-0f3f-4795-8b9d-149cd804aeb0.
Full textAbstract:
As a consequence of climatic change, climate variability is expected to increase and climate extremes to become more frequent. Rising water and food demand are further exacerbating the risks to global water and food security. The variability but also the spatial inter-connectedness in our globalized world make our systems more vulnerable to shocks and disasters. To sustain the global water and food security, more knowledge about risks, especially risks of simultaneous shocks is needed. This thesis maps and quantifies risks to global water and food security from a water-food-climate perspective. It starts on a global scale looking at water security in major river basins and then concentrates on major food producing regions of three important crops. The thesis explores how storage can buffer inter- and intra-regional hydrological variability. A water balance model is developed and used to find hotspots of water shortages and to identify river basins where more investment in infrastructure is needed to improve and sustain water security. Looking at food security, global wheat, maize and soybean breadbaskets are identified and used to estimate risks of simultaneous production shocks. Focusing on wheat, I apply different copula approaches to model joint risks of low yields. It is shown quantitatively that (i) it is important to include spatial dependencies in risks studies and that (ii) inter-regional risk pooling could decrease post-disaster liabilities of governments and international organizations. The last part of the thesis focuses on climate impacts on food production. Relevant climate variables for crop growth in the breadbaskets are identified and joint climate risks are estimated using regular vine copulas. It is shown that so far, only wheat has experienced an increase in simultaneous climate risks. In maize and soybean production regions, positive and negative climate risk changes are offsetting each other on a global scale. Looking at future projections, however, it is shown that under a 1.5 and 2 °C global mean warming, simultaneous climate risks increase for all three crops, especially for maize where the return periods of all five breadbaskets experiencing climate risks decrease from 16 to every second year. The findings of this thesis can inform policy makers, businesses and international organizations about risks to global water and food security resulting from climate variability and extremes. It indicates where policies and infrastructure investments are needed to maintain water security, it can assist in building inter-governmental risk pooling schemes and contribute to current climate policy discussions.
36
Ba, Jing. "Analysis of Security Risks in Mobile Payments : A Case Study Using DNAT." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-119997.
Full textAbstract:
Technology development always makes the life easier and faster thus it also impacts the way we do business in our lives. As the widespread usage of mobile devices in recent years mobile technology has created an environment in which people around the world are getting closer. Recently the popularity of personal mobile devices like Ipad and Iphone leads to the appearance of opportunities to improve payments more fast and efficient. And for the past years various services and applications for mobile payment have been developed by the companies which are eager for the leader positions in the new market. With the development of mobile payment and the important relationship between payment and our lives, a lot of security risks associated with this field should be extensively studied. This thesis aims to analyze the security risks related to the mobile payment. This thesis uses an explorative method to research the stakeholders, critical assets and vulnerabilities within mobile payment by utilizing case studies of Square and Google Wallet. The information gathered from the case studies and security analysis is further analyzed by the dynamic network analysis tool (ORA) in order to discover the security risks. The results of this thesis indicate that accounts and business data are the most critical assets in mobile payment because accounts are the foundation to perform payment transactions. Further, the mobile payment service provider, merchant and consumer are the stakeholders affected most by the security risks. And this thesis concludes that all the stakeholders should be aware of the security risks within the mobile payment environment, and further if service and device providers want to keep continuous business they should make more effort to cooperate with each other to protect the users against these risks.
37
Brandt, Aric. "Feedyard biocontainment, biosecurity, and security risks and practices of central plains feedyards." Thesis, Manhattan, Kan. : Kansas State University, 2007. http://hdl.handle.net/2097/343.
Full text
38
Saleh, Mohamed Saad Morsy. "Analysis of information security risks and protection management requirements for enterprise networks." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5414.
Full textAbstract:
With widespread of harmful attacks against enterprises' electronic services, information security readiness of these enterprises is becoming of increasing importance for establishing the required safe environment for such services. Various approaches are proposed to manage enterprise information security risks and to assess its information security readiness. These approaches are, however, not adequate to manage information security risks, as all required information security components of its structural and procedural dimensions have not considered. In addition, current assessment approaches lack numerical indicators in assessing enterprise information security readiness. Furthermore, there is no standard approach for analysing cost versus benefit in selecting recommended protection measures. This thesis aims at contributing to the knowledge by developing comprehensive Enterprise Information Security Risk Management (EISRM) framework that integrates typical approaches for information security risk management, and incorporates main components of key risk management methodologies. In addition, for supporting phases of the proposed EISRM framework, analytical models for enterprise information security readiness assessment and cost-benefit analysis are developed. The practical evaluation, using the proposed enterprise information security readiness assessment model has been performed depending on a developed investigation form that used to investigate nine enterprises inside Saudi Arabia. The results demonstrate the effectiveness of the model in assessing and comparing enterprises information security readiness at all levels of the model, using numerical indicators and graphical representations. The EISRM framework and the analytical models presented in this research can be used by enterprises as single point of reference for assessing and cost effectively improving their information security readiness.
39
Lever, K. E. "Identifying and mitigating security risks in multi-level systems-of-systems environments." Thesis, Liverpool John Moores University, 2018. http://researchonline.ljmu.ac.uk/8707/.
Full textAbstract:
In recent years, organisations, governments, and cities have taken advantage of the many benefits and automated processes Information and Communication Technology (ICT) offers, evolving their existing systems and infrastructures into highly connected and complex Systems-of-Systems (SoS). These infrastructures endeavour to increase robustness and offer some resilience against single points of failure. The Internet, Wireless Sensor Networks, the Internet of Things, critical infrastructures, the human body, etc., can all be broadly categorised as SoS, as they encompass a wide range of differing systems that collaborate to fulfil objectives that the distinct systems could not fulfil on their own. ICT constructed SoS face the same dangers, limitations, and challenges as those of traditional cyber based networks, and while monitoring the security of small networks can be difficult, the dynamic nature, size, and complexity of SoS makes securing these infrastructures more taxing. Solutions that attempt to identify risks, vulnerabilities, and model the topologies of SoS have failed to evolve at the same pace as SoS adoption. This has resulted in attacks against these infrastructures gaining prevalence, as unidentified vulnerabilities and exploits provide unguarded opportunities for attackers to exploit. In addition, the new collaborative relations introduce new cyber interdependencies, unforeseen cascading failures, and increase complexity. This thesis presents an innovative approach to identifying, mitigating risks, and securing SoS environments. Our security framework incorporates a number of novel techniques, which allows us to calculate the security level of the entire SoS infrastructure using vulnerability analysis, node property aspects, topology data, and other factors, and to improve and mitigate risks without adding additional resources into the SoS infrastructure. Other risk factors we examine include risks associated with different properties, and the likelihood of violating access control requirements. Extending the principals of the framework, we also apply the approach to multi-level SoS, in order to improve both SoS security and the overall robustness of the network. In addition, the identified risks, vulnerabilities, and interdependent links are modelled by extending network modelling and attack graph generation methods. The proposed SeCurity Risk Analysis and Mitigation Framework and principal techniques have been researched, developed, implemented, and then evaluated via numerous experiments and case studies. The subsequent results accomplished ascertain that the framework can successfully observe SoS and produce an accurate security level for the entire SoS in all instances, visualising identified vulnerabilities, interdependencies, high risk nodes, data access violations, and security grades in a series of reports and undirected graphs. The framework’s evolutionary approach to mitigating risks and the robustness function which can determine the appropriateness of the SoS, revealed promising results, with the framework and principal techniques identifying SoS topologies, and quantifying their associated security levels. Distinguishing SoS that are either optimally structured (in terms of communication security), or cannot be evolved as the applied processes would negatively impede the security and robustness of the SoS. Likewise, the framework is capable via evolvement methods of identifying SoS communication configurations that improve communication security and assure data as it traverses across an unsecure and unencrypted SoS. Reporting enhanced SoS configurations that mitigate risks in a series of undirected graphs and reports that visualise and detail the SoS topology and its vulnerabilities. These reported candidates and optimal solutions improve the security and SoS robustness, and will support the maintenance of acceptable and tolerable low centrality factors, should these recommended configurations be applied to the evaluated SoS infrastructure.
40
Feldbaume, Harley. "The HIV-AIDS national security nexus : a history of risks and benefits." Thesis, London School of Hygiene and Tropical Medicine (University of London), 2009. http://researchonline.lshtm.ac.uk/682417/.
Full textAbstract:
The links between HIV/AIDS and national security have played a major and under recognized role in impacting efforts to fight the pandemic. To date, critical studies of the HIV/AIDS - national security nexus have been limited. Using 27 semi-structured interview and extensive literature review, this thesis creates the first global history of the nexus, from 1985-2007. This long-timeframe analysis allows a novel examination of the risks and benefits of this politically potent linkage, an assessment of the role of global health actors in the nexus, and a testing of the published conceptual frameworks that seek to explain the relationship between global health and national security. This thesis examines the history of the HIV/AIDS - national security nexus in three parts. First, the early and beneficial securitizations of the epidemic in Uganda and Thailand are examined. Two other events, the U. S. and USSR intelligence community interest in HIV/AIDS and the likely spread of HIV/AIDS by the United Nations peacekeeping mission in Cambodia, illustrate hazards of the nexus and complete this section. Second, the factors and events that led to the securitization of HIV/AIDS at the United Nations Security Council and within the U. S. are evaluated. Third, the consequences of securitization are considered, including the impact on global priority and funding, Security Council Resolution 1308, the U. S. President's Emergency Plan for AIDS Relief, and military HIV/AIDS programs. This thesis finds that where policymakers have framed HIV/AIDS as a direct threat to national security and prioritized the disease, clear benefits in fighting the epidemic have resulted. However the role of global health actors in these political events has been limited, and hazards of the nexus include the classification of public health data and the divergent interests of the global health and national security communities
41
de, Groot Caroline Sofie. "Security risks of climate change : Climate change induced conflicts in western Kenya." Thesis, Uppsala universitet, Statsvetenskapliga institutionen, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-364947.
Full textAbstract:
The purpose of this paper is to examine links between climate change and conflicts. The report aims to produce relevant insights on the security risks posed by climate change in the rural pastoral area Sarambei in western Kenya. The research was conducted in spring 2018 and founded by an MFS-scholarship from Swedish International Development Cooperation Agency (SIDA). The research examines the hypothesis that climate change is increasing the risk of insecurity. Through qualitative methods twenty respondents living in Sarambei and five experts were interviewed. The main finding of the study is that climate change is happening, affecting the people in Sarambei and are creating conflicts through water scarcity. However, it is difficult to say that climate change is the only source for these conflicts, but instead emerges from the interaction of multiple factors.
42
Mancini, Guilio M. "Education and Security: Design and Evaluation Tools for Deliberate Disease Risks Mitigation." Thesis, University of Bradford, 2016. http://hdl.handle.net/10454/15740.
Full textAbstract:
This thesis addresses the role of education to mitigate the risks of deliberate disease, including biological weapons. Specifically, it aims to analyse how education was constructed as a potential instrument to mitigate specific security risks; if and how education could impact on risks; and how effectiveness of education as a risk mitigation measure could be improved. The research framework combines concepts of security, risk and education within a general constructionist approach. Securitization is used to analyse attempts to construct education as a tool to mitigate specific security risks; risk assessment is used to identify and characterize risk scenarios and potential for risks mitigation; and instructional design and evaluation models are used for the design and evaluation of education. The thesis contends that education has been constructed as a mitigation tool for what were presented as urgent security risks of deliberate disease. Nine attempted securitization moves are identified and assessed. Improved competences identified in four thematic areas, and built with education, can mitigate risks in specific scenarios via impacting factors that primarily influence risk likelihood. The thesis presents several examples of achieved learning objectives, and tools that can be useful to evaluate behavioural and risk impacts, though empirical results on these levels here are still scarce. Design and evaluation tools, illustrated through a large amount of original and pre-existing data from a range of countries and contexts, are presented that can improve effectiveness of education as a deliberate disease risks mitigation measure.
43
Saleh, Mohamed S. M. "Analysis of Information Security Risks and Protection Management Requirements for Enterprise Networks." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5414.
Full textAbstract:
With widespread of harmful attacks against enterprises¿ electronic services, information security readiness of these enterprises is becoming of increasing importance for establishing the required safe environment for such services. Various approaches are proposed to manage enterprise information security risks and to assess its information security readiness. These approaches are, however, not adequate to manage information security risks, as all required information security components of its structural and procedural dimensions have not considered. In addition, current assessment approaches lack numerical indicators in assessing enterprise information security readiness. Furthermore, there is no standard approach for analysing cost versus benefit in selecting recommended protection measures.
This thesis aims at contributing to the knowledge by developing comprehensive Enterprise Information Security Risk Management (EISRM) framework that integrates typical approaches for information security risk management, and incorporates main components of key risk management methodologies. In addition, for supporting phases of the proposed EISRM framework, analytical models for enterprise information security readiness assessment and cost-benefit analysis are developed.
The practical evaluation, using the proposed enterprise information security readiness assessment model has been performed depending on a developed investigation form that used to investigate nine enterprises inside Saudi Arabia. The results demonstrate the effectiveness of the model in assessing and comparing enterprises information security readiness at all levels of the model, using numerical indicators and graphical representations. The EISRM framework and the analytical models presented in this research can be used by enterprises as single point of reference for assessing and cost effectively improving their information security readiness.
44
Nunes, Sérgio Rodrigues. "Value focused assessment of cyber risks to gain benefits from security investments." Doctoral thesis, Instituto Superior de Economia e Gestão, 2018. http://hdl.handle.net/10400.5/15874.
Full textAbstract:
Doutoramento em GestãoCom a multiplicação de dispositivos tecnológicos e com as suas complexas interacções, os ciber riscos não param de crescer. As entidades supervisoras estabelecem novos requisitos para forçar organizações a gerir os ciber riscos. Mesmo com estas crescentes ameaças e requisitos, decisões para a mitigação de ciber riscos continuam a não ser bem aceites pelas partes interessadas e os benefícios dos investimentos em segurança permanecem imperceptíveis para a gestão de topo. Esta investigação analisa o ciclo de vida da gestão de ciber risco identificando objectivos de mitigação de ciber risco, capturados de especialistas da área, prioritizando esses objectivos para criar um modelo de decisão para auxiliar gestores de risco tendo em conta vários cenários reais, desenvolvendo um conjunto de princípios de gestão de risco que possibilitam o estabelecimento de uma base para a estratégia de ciber risco aplicável e adaptável às organizações e finalmente a avaliação dos benefícios dos investimentos em segurança para mitigação dos ciber riscos seguindo uma abordagem de melhoria contínua. Duas frameworks teóricas são integradas para endereçar o ciclo de vida completo da gestão de ciber risco: o pensamento focado em valor guia o processo de decisão e a gestão de benefícios assegura que os benefícios para o negócio são realizados durante a implementação do projecto, depois de tomada a decisão para investir numa solução de segurança para mitigação do ciber risco.
With the multiplication of technological devices and their multiple complex interactions, the cyber risks keep increasing. Supervision entities establish new compliance requirements to force organizations to manage cyber risks. Despite these growing threats and requirements, decisions in cyber risk minimization continue not to be accepted by stakeholders and the business benefits of security investments remain unnoticed to top management. This research analyzes the cyber risk management lifecycle by identifying cyber risk mitigation objectives captured from subject matter experts, prioritizing those objectives in a cyber risk management decision model to help risk managers in the decision process by taking into account multiple real scenarios, developing the baseline of cyber risk management principles to form a cyber risk strategy applicable and adaptable to current organizations and finally evaluating the business benefits of security investments to mitigate cyber risks in a continuous improvement approach. Two theoretical frameworks are combined to address the full cyber risk management lifecycle: value focused thinking guides the decision process and benefits management ensures that business benefits are realized during project implementation, after the decision is taken to invest in a security solution to mitigate cyber risk.
info:eu-repo/semantics/publishedVersion
45
Townshend, William Roger. "From new world order to superpower accommodations : political realism and Russian-European security: security risks, objectives and strategies." Thesis, Lancaster University, 1999. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.322341.
Full text
46
Malec, Mieczyslaw. "Security perception : within and beyond the traditional approach /." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Jun%5FMalec.pdf.
Full textAbstract:
Thesis (M.A. in National Security Affairs)--Naval Postgraduate School, June 2003.Thesis advisor(s): Jeffrey Knopf, Boris Keyser. Includes bibliographical references (p. 69-73). Also available online.
47
Bengtsson, Tobias. "Citizen Perception of Private Security Guards in Malmö." Thesis, Malmö högskola, Fakulteten för hälsa och samhälle (HS), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-25592.
Full textAbstract:
Trots en markant ökning av vaktpersonal i privat regi under de senaste decennierna finns det inte mycket empirisk forskning om allmänhetens uppfattning av väktare. I detta arbete undersöks malmöbornas tillit till och tillfredställelse med väktare och syftet med studien är att får en inblick i allmänhetens inställning till vaktpersonal. Enkäter delades ut i Malmö med frågor angående upplevd tillit till väktare, tillfredställelse med väktare samt frågor om respondenternas uppfattning av väktares professionalitet, ansvarskyldighet, framställning och artighet. Urvalet bestod av 78 respondenter och resultaten tyder på att den allmänna uppfattningen av vaktpersonal är mer positiv än negativ. Upplevd professionalitet hos väktare påverkade tillit till väktare och upplevd artighet hos väktare påverkade tillfredställelse med väktare. Hur man upplevt väktares beteende vid personlig kontakt visade sig påverka uppfattningen av både tillit till och tillfredställelse med vaktpersonal. Studier om allmänhetens uppfattning av vaktpersonal kan användas i utbildande syfte för vaktbolag för att påverka väktares beteende och agerande mot allmänheten. Ökad kännedom av allmänhetens inställning till vaktpersonal är även relevant för politiker i deras ställningstagande av framtida reglering av den privata säkerhetsindustrin.Despite the rapid increase in private security guards in recent decades, little is known about citizens’ perception of security guards. In this paper citizens’ trust and satisfaction with security guards is assessed. The aim of the study is to get an insight into citizens’ perception of private security guards in Malmö. Paper and pencil surveys were distributed in Malmö with questions regarding perceived trust and satisfaction with security guards and about security guards’ professionalism, accountability, imagery, and civility. The sample consisted of 78 respondents and the findings suggest that the overall perception of security guards was more positive than negative, however, the results were largely mixed. Perceived professionalism predicted satisfaction with security guards and perceived civility predicted trust in security guards. Also, security guard behavior while interacting with the public was a strong predictor of both trust and satisfaction with security personnel. Results from this study and similar studies can be used by private security organizations to educate staff in order to improve the public perception of security guards. It may also be useful for policy makers in order to make more educated decisions about future regulation of the private security industry.
48
Lages, Nadine Cathérine [Verfasser]. "Risk Perception and Behavior Related to Changing Health Risks / Nadine Cathérine Lages." Konstanz : KOPS Universität Konstanz, 2021. http://nbn-resolving.de/urn:nbn:de:bsz:352-2-1jreaj87dwsce3.
Full text
49
Jung, Jeyong. "A study of cyber security management within South Korean businesses : an examination of risks and cybercrime involving industrial security." Thesis, University of Portsmouth, 2018. https://researchportal.port.ac.uk/portal/en/theses/a-study-of-cyber-security-management-within-south-korean-businesses(4f6f8a10-c31a-4eec-b092-2b38ac8815d9).html.
Full textAbstract:
This study aims to empirically explore and evaluate the current state of cyber security management for small and medium-sized businesses in South Korea. As academic discourse relating to the cyber security management of businesses is relatively new, there is a clear lack of literature relating to this discipline. This study, therefore, looks to address this issue by taking an exploratory approach to the subject. Based on various sources in the UK, this study used the UK’s cyber security framework as a conceptual model against which conditions in South Korea were examined. Drawing on a mixed methods approach, this study employed three research methods: documentary research, quantitative questionnaires, and qualitative interviews. In the quantitative phase, current situations of the businesses in relation to cyber security were assessed and differences by business sectors and sizes were identified. In the qualitative phase, five themes were identified. Findings from the quantitative and qualitative research were triangulated with the existing literature, including the qualitative results describing the empirical field of enquiry, to present a holistic picture of cyber security management of South Korean businesses. It was revealed that small and medium-sized businesses did not have a structural mechanism to prevent or mitigate risks at the pre-breach stage. Rather, they focused on responses at the post-breach stage. This finding demonstrated that small and medium-sized businesses were not prepared for the risks and threats from a preventative point of view. In addition, management of cyber security in businesses was not an isolated mechanism, but affected by external influences and initiatives. However, small and medium-sized businesses relied more upon private organisations than public organisations, which indicates that there was an insufficient role of public sector organisations in protecting small and medium-sized businesses. In conclusion, this research has proposed an integrated cyber security risk management model. The framework was based on the argument that cyber security management relates to three elements: risk assessment, organisational behaviours and external factors. It is here that the biggest gains can be made if businesses manage cyber security in a holistic manner and if national leadership is strengthened in the Korean cyber security governance. This empirical research has made a contribution to knowledge in relevant studies by presenting a comprehensive landscape of cyber security management of businesses.
50
Narayanan, Anu. "The Emerging Smart Grid: Opportunities for Increased System Reliability and Potential Security Risks." Research Showcase @ CMU, 2012. http://repository.cmu.edu/dissertations/138.
Full textAbstract:
The drive to make the aging electric grid more efficient, reliable, and clean has been at the heart of the “smart grid” mission. Additionally, provisions of the 2007 Energy Independence and Security Act (EISA) and the 2009 American Recovery and Reinvestment Act (ARRA) have led to smart grid investments in the United States. Smart grid upgrades have included the installation of new technologies at all levels of the electric power delivery system. At the distribution system level modernization has included upgrades to communication systems, distribution automation, local control and protection systems, and advanced metering infrastructure (AMI).
Chapter 2 of this thesis aims to use elements of the emerging smart grid at the distribution system level to alleviate the effects of a widespread and long-duration power blackout. Despite continuing efforts to make the electric grid robust, some risk remains of widespread and extended power outages caused by extreme weather, human error, or premeditated terrorist attack. Chapter 2 applies the concept of survivability to the case of ensuring the continued provision of a subset of socially critical services during such blackouts. A load cycling based methodology is proposed, and an associated economic analysis indicates that the cost of implementing the proposed scheme constitutes less than 1% of median annual household income for a range of assumed outage probabilities, distributed generation resource availabilities, and financing options. While the technical elements of proposed scheme are largely feasible, a few policy changes are identified as necessary for successful implementation of the scheme.
The latter half of this thesis focuses on one potential security risk posed by the large-scale deployment of smart meters. Smart meters constitute one component of advanced metering infrastructure (AMI), a key element of the smart grid. Chapter 3 describes a few documented smart meter hacking strategies and motivates the following question: What, if any, are the implications of smart meter hacking for the bulk power grid? To help answer this question Chapter 4 focuses on one specific attack type with the potential for causing widespread disruption to electric service – the cycling of a large number of consumer loads using the remote connect/disconnect switch on several smart meters. Results from simulations performed on two IEEE test networks (the 9 and 39-bus dynamic test cases) indicate that it is improbable that the mere toggling of customer loads could destabilize the bulk power grid because the fraction of system load that needs to be cycled to induce instability is likely to be prohibitively large.