Narrow Results

In the new generation of power grids, the smart grid (SG) integrates sophisticated characteristics, including situation awareness, two-way communication, and distributed energy supplies. Integrated SG uses various operational metrics, including devices with sensors, meters, and renewable power sources. There are several challenges when securely disposing and storing electricity data acquired from an SG. It is vulnerable to cyberattacks due to its digitization and integration of an increasing number of links. Issues with latency, security, privacy, and excessive bandwidth consumption will arise when this enormous amount of data is transmitted directly to the cloud. Edge computing (EC) solves this problem by moving data processing to the network’s periphery, close to the embedded devices. With improved data processing speeds, a more responsive and resilient grid may be achieved, instantly responding to energy demand and supply changes. EC reduces the volume of sensitive data sent to central servers, reducing potential security breaches. Data may be better protected from intrusions by being analyzed locally and only pertinent information transferred to the cloud. Thus, a blockchain is an intriguing SG paradigm solution with many benefits. The SG’s decentralization and improved cybersecurity have prompted a lot of work into using blockchain technology; since it is well-known that data saved in the blockchain is immutable, it is crucial to find foolproof ways to verify data are accurate and comply with high-quality standards before storing it in the blockchain. A practical solution for storing precise power data that enables the safe execution of adaptable transactions is a Cloud-Edge Fusion Blockchain model for the smart grid (CEFBM-SG). Consequently, the SG’s dependability, resilience, and scalability will be improved as the number of distributed energy sources (DERs) connected to it increases. Utilizing the idea of computing at the edge to enhance responsiveness and dependability. Executed security analyses and performance evaluations demonstrate CEFBM-SG’s exceptional security and efficiency.

Supplementing the literature on information sharing between firms, the paper seeks to understand information sharing between hackers and how firms defend against increasingly sophisticated hackers. Each hacker seeks financial gain, mutually beneficial information exchange, and reputation gain. The two hackers’ attack and the firm’s defense are inverse U shaped in each other. A hacker shifts from attack to information sharing when attack is costly or the firm’s defense is cheap. The first hacker’s information sharing increases as both hackers focus increasingly on reputation gain. The two hackers largely increase their information sharing, with two exceptions. The second hacker’s attack is deterred by the first hacker’s reputation gain. The firm’s defense against the second hacker increases in the second hacker’s unit cost, decreases in the second hacker’s information sharing effectiveness and utilization of joint sharing, and also decreases in both hackers’ reputation gain. Policy and managerial implications are provided.

One firm defends proactively or retroactively against a first hacker, and thereafter against a second hacker, in four four-period games. The hackers share information for financial gain, mutual advantage, and reputation. The first hacker’s attack and information sharing are strategic substitutes. When the firm is proactive in period 1, the first hacker’s information sharing decreases as the second hacker’s attack cost increases. The deterring effort in eight corner solutions is proportional to the deterred player’s valuation and inverse proportional to the deterred player’s unit effort cost. When the first hacker exerts higher effort and shares more information, lower defense by the firm is sufficient to deter the second hacker. When the firm is deterred by the first hacker, the first hacker attacks less and shares more information than in the interior solution. For the first hacker and the firm, both players commonly prefer the disadvantaged player to move first. The exception is that the firm prefers to deter the first disadvantaged hacker when the two hackers benefit substantially from information sharing, reputation gain, or the second player is advantaged. The results contrast with the literature where the advantaged player commonly prefers to move first, with conflicting sequence preferences.

Cloud security in finance is considered as the key importance, taking account of the aspect of critical data stored over cloud spaces within organizations all around the globe. They are chiefly relying on cloud computing to accelerate their business profitability and scale up their business processes with enhanced productivity coming through flexible work environments offered in cloud-run working systems. Hence, there is a prerequisite to contemplate cloud security in the entire financial service sector. Moreover, the main issue challenged by privacy and security is the presence of diverse chances to attack the sensitive data by cloud operators, which leads to double the user’s anxiety on the stored data. For solving this problem, the main intent of this paper is to develop an intelligent privacy preservation approach for data stored in the cloud sector, mainly the financial data. The proposed privacy preservation model involves two main phases: (a) data sanitization and (b) data restoration. In the sanitization process, the sensitive data is hidden, which prevents sensitive information from leaking on the cloud side. Further, the normal as well as the sensitive data is stored in a cloud environment. For the sanitization process, a key should be generated that depends on the new meta-heuristic algorithm called crossover improved-lion algorithm (CI-LA), which is inspired by the lion’s unique social behavior. During data restoration, the same key should be used for effectively restoring the original data. Here, the optimal key generation is done in such a way that the objective model involves the degree of modification, hiding rate, and information preservation rate, which effectively enhance the cyber security performance in the cloud.

Information security awareness can play an important role in facing cyber-attacks by intruders. The main goal of this paper is to analyse the information security awareness among academic staff, researchers, undergraduate students and employee within educational environments in the Middle East in an attempt to understand the level of awareness of information security, the associated risks and overall impact on the institutions. The results reveal that the participants do not have the requisite knowledge and understanding of the importance of information security principles and their practical application in their day-to-day work. This situation can however be corrected through comprehensive awareness and training programs as well as adopting all the necessary safety measures at all levels of the institution to ensure that the students, academic staff and employees are trustworthy, technology savvy and keep their data safe. Without such training programs and awareness, there will be negative consequences on IT systems and their application usage, as well as on users’ personal security now and in the future. From the weaknesses identified in this survey, some essential recommendations are put forward to remedy the situation.

This study investigates the impact of cyber-security incidents on audit fees. Using a sample of 5,687 firms, we find that (i) breached firms are charged 12% higher audit fees, and (ii) firms operating in the same industry of a breached firm are charged 5% higher fees. Finally, using a difference-in-difference regression on a propensity score matched sample, we provide evidence suggesting that auditors do not revise their audit risk assessment following a breach. Overall, these results suggest that the increase in audit fees in the year of a breach is only temporary, and that auditors include cyber-security risk in their audit risk assessment even before an incident occurs. Higher cyber-security risk is ultimately reflected in higher audit fees paid by auditees.

As the strategic importance of cyber security increases, the question of how to foster a stable cyber order compatible with the current international order is one of the most urgent issues for the international community. International cyber governance and strategic cyber stability maintenance have thus become two emerging fields in international studies. Generally, there are three states of stability in cyberspace: stable, delicately stable, and unstable. To promote the study of cyber order and enhance rational decision-making, it is necessary to adopt a cyclic perspective and fully explore the transition of cyberspace among the three states. International cyber governance is mainly about managing the cycle of transition of cyberspace and designing robust institutions to prevent instability; in these institutions, international norms, rules, and law will be made as essential guidance for cyber behavior of individual countries. As existing human knowledge and theoretical frameworks are the basis of studies on cyber strategic stability, it is imperative that effective dialogue and joint research among all international stakeholders be conducted on issues of their common concern. This helps to shape the strategic thinking and policy deliberation of individual countries on cyberspace and foster an international order that is conducive to cyber strategic stability.

The economic security of middle powers across the world is being challenged by great power rivalry and, more recently, Russia’s invasion of Ukraine. One of the largest trade and investment countries globally, South Korea is amongst the middle powers most affected by these developments. In this context, South Korea needs to finetune its economic security strategy. One way of doing so is by diversifying its economic relations. In this respect, India, a fellow middle power and also one of the biggest economies in the world, is a key partner. Supply chains, trade, investment and human capital have all been benefiting from strengthening links between South Korea and India, and will be key moving forward as the former seeks to further boost its economic security. Indeed, South Korea and India have been strengthening their links in the intertwined areas of maritime security, cyber security, and economic security in recent years. This suggests that economic security is part of broader security cooperation between the two partners.

The financial industry has undergone a digital transition over the past decades, with the emergence of FinTech, a portmanteau of “financial” and “technology.” This rapidly growing concept has transformed how individuals, businesses and institutions access financial services. It has reshaped the financial landscape through internet connectivity, spearheaded by internet giants. FinTech has disrupted traditional financial industries with a wide array of business applications, ranging from mobile payments to online insurance, digital financing and wealth management. Technologies in finance continue to evolve, with the application of blockchain, artificial intelligence (AI) and the Internet of Things (IoT) continuing to transform the landscape of the financial industry. Against this backdrop, this chapter provides a comprehensive overview of FinTech, offering valuable insights for future research. It begins with a summary of the definitions of FinTech, providing historical context and exploring the key drivers behind its evolutionary journey. The chapter also delves into the major segments of FinTech based on its core business functions while shedding light on the dynamic challenges and inherent risks associated with its rapid growth. This chapter not only serves as a reference for understanding the FinTech phenomenon but also contributes to discussions on its potential economic implications and offers insights into potential research directions in the evolving financial industry.

The world is facing an era in which technology has a crucial impact on the growth of businesses. It is claimed that in 2020 20 billion devices will be connected to the internet, therefore, data is crucial for employees, customers and organisations. The implementation of the European General Data Protection Regulation (GDPR) gives the owner better control of their personal data. Consequently, organisations must be prepared to face cutting-edge threats to security in order to protect individuals against potential harm caused by unauthorized access to their data. Bring Your Own Device (BYOD) is a policy which provides some flexibility within organisations, and which results in better commitment in employees. This chapter analyses the impact of GDPR in BYOD architectures and proposes the integration of a multi-layer policy with an Information Governance Framework to ensure data privacy, focusing on the human factor when protecting personal devices.

Cyber security is the term used to describe the processes and technologies designed to protect computers, networks, data and programs from unauthorized access, damage or attack. Many businesses pay lots of attention to security concerns. For these reasons this research has been undertaken. Ad-hoc networks are crucial enablers of next-generation communications. Such networks can be formed and reconfigured dynamically and they can be mobile, standalone or internetworked with other networks. Mobile Ad-hoc Networks (MANETs) are established by a group of autonomous nodes that communicate with each other by establishing a multi-hop radio network and maintaining connectivity in an infrastructure-less manner. The security of the connections between devices and networks is crucial. The important challenges of supporting multimedia applications in an ad-hoc network are the security issues. In this chapter, a new and efficient media-aware security framework will be designed for facilitating various multimedia applications in ad-hoc networks over the Internet.

There is an acknowledged global shortage in qualified and skilled cyber security practitioners, so much so that governments, employers and educational establishments are developing new routes and opportunities to encourage interest and applications from demographics that would not normally apply for cyber security roles. These demographics include women, young children and people on the autistic spectrum. The potential employment of people from this last demographic — people on the Autistic Spectrum — in cyber security roles will be the focus of this research. Two areas are of interest, the ethical considerations in employing people on the Autistic Spectrum and the identification of a strategy to support the employee and employer relationship. Both are discussed here. In Europe the shortfall is expected to be in the region of 350,000 employees by the year 2020 and in the United States the number is expected to be 1.2 million by the same date. This research looks at how specific autistic traits and strengths can be matched to cyber security vacancies and discusses ethical considerations and a potential support process. A qualitative research methodology was used to identify suitable traits and potential cyber security vacancies. Ethical principles and a proposed support process are put forward to allow potential employers and autistic employees to engage in equitable employment opportunities. The autistic demographic does indeed offer skilled and capable resources to help fill cyber security vacancies; however, work is needed to allow both sides to benefit from the opportunities.

The study of ethics in cyber security often raises more questions than it answers. A student may ask the question, “Why should I study ethics in cyber security?” As research becomes specialized and technical skill sets appreciate in value, ethical questions become more important to ask.

This chapter reviews the ethical aspects of cyber security. Ethics, in general, underscores various studies in which right is distinct from wrong. The understanding of these delineations evokes various ethical issues in cyber security, such as the morality of human behavior, policies, laws, and social structures. Considering theories of consequentialism and deontology, ethical analyses of cyber security, information privacy and ethics, and privacy issues in the digital age are performed through the use of relevant ethically-driven cyber security case studies.

This chapter presents the General Data Protection Regulation (GDPR) approved for the European Union, which has consequences not only for all the stakeholders of the information technology industry, but also for all of those engaged in industrial or commercial activities in the European Union.

The concepts and principles of the GDPR are presented and discussed as well as the implications of this regulation in data protection and in organisational cyber security practices. The financial implications for companies are discussed and an overview of the history of recent fines and recent trends is presented.

Conclusions are drawn on the importance of compliance and a recommendation is made that organisations choose to hire the services of multidisciplinary companies specialized in GDPR compliance.

After every cyber breach, security experts can be found castigating users for lacking “cyber hygiene”—the term used to describe all manner of best practices that would have protected them. Whenever pressed on what cyber hygiene really means, experts resort to conceptual analogies, explaining cyber hygiene in terms of personal hygiene. But is this conceptual leap justified? Is cyber hygiene really analogous to personal hygiene? This is an important question, not just for informing better theory, but also because many practice suggestions, even solutions, are inspired by such thinking. The paper examines the roots of the cyber hygiene concept, and the conceptual similarities and differences between cyber and personal hygiene. The paper then presents a definition of cyber hygiene that is empirically focused on users’ awareness, knowledge, technical capacity, and enactment of cyber security practices. The paper culminates with a presentation of the Cyber Hygiene Inventory (CHI), a multi-item and multidimensional index for measuring user cyber hygiene, and presents examples of how the CHI can be implemented for assessing awareness-knowledge gaps among users and for tracking the effectiveness of awareness training efforts within organizations.

Cyber aggression came about as a result of advances in information communication technology and the aggressive usage of the technology in real life. Nowadays, cyber aggression can take on many forms and faces. However, the main focus of this research is on violent online acts such as bullying and stalking. This qualitative research carried out to explore the concept of cyber aggression and its existence in Saudi Arabia. In-depth interviews were conducted with Saudi social media users to collect understanding and meanings of cyber aggression. A proposed model was generated to describe cyber aggression in Saudi Arabian social media sphere. The results showed that there is a level of acceptance to some cyber aggression acts due to a number of factors including lack of understanding, lack of help and support, societal and traditional influences, and other related aspects that would affect the level of cyber security in social media. This research is a valuable source for educators and researchers who focus on cyber security, cyber psychology, and cyber aggression in social media.