Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
125,207
result(s) for
"SECURITY RISK"
Sort by:
Cybersecurity Risk Management Framework for Blockchain Identity Management Systems in Health IoT
Blockchain (BC) has recently paved the way for developing Decentralized Identity Management (IdM) systems for different information systems. Researchers widely use it to develop decentralized IdM systems for the Health Internet of Things (HIoT). HIoT is considered a vulnerable system that produces and processes sensitive data. BC-based IdM systems have the potential to be more secure and privacy-aware than centralized IdM systems. However, many studies have shown potential security risks to using BC. A Systematic Literature Review (SLR) conducted by the authors on BC-based IdM systems in HIoT systems showed a lack of comprehensive security and risk management frameworks for BC-based IdM systems in HIoT. Conducting a further SLR focusing on risk management and supplemented by Grey Literature (GL), in this paper, a security taxonomy, security framework, and cybersecurity risk management framework for the HIoT BC-IdM systems are identified and proposed. The cybersecurity risk management framework will significantly assist developers, researchers, and organizations in developing a secure BC-based IdM to ensure HIoT users’ data privacy and security.
Journal Article
Information security implications of using NLP in IT outsourcing: a Diffusion of Innovation theory perspective
Information technology outsourcing (ITO) is a USD multi-trillion industry. There is growing competition among ITO service providers to improve their service deliveries. Natural language processing (NLP) is a technique, which can be leveraged to gain a competitive advantage in the ITO industry. This paper explores the information security implications of using NLP in ITO. First, it explores the use of NLP to enhance information security risk management (ISRM) in ITO. Then, it delves into the information security risks (ISRs) that may arise from the use of NLP in ITO. Finally, it proposes possible ISRM approaches to address those ISRs in ITO from the use of NLP. The study follows a qualitative approach using the case study method. Nine participants from three organisations (an ITO client, service provider and sub-contractor) engaged in an ITO relationship in the ICT industry were interviewed through a semi-structured questionnaire. The research findings were verified through a focus group. Case study scenarios are provided for a clear understanding of the findings. To the best of our knowledge, it is the first study to investigate the information security implications of the use of NLP in ITO.
Journal Article
Rethinking risk in national security : lessons of the financial crisis for risk management
This book examines the role of risk management in the recent financial crises and applies the lessons learned to the national security realm. It rethinks the way risk contributes to strategy, with insights relevant to practitioners and scholars in national security as well as business. Over the past few years, the concept of risk has become one of the most commonly discussed issues in national security planning. And yet the experiences of the 2007-2008 financial crises demonstrated critical limitations in institutional efforts to control risk. The most elaborate and complex risk procedures could not cure skewed incentives, cognitive biases, groupthink, and a dozen other human factors that led companies to take excessive risk. By embracing risk management, the national security enterprise may be turning to a discipline just as it has been discredited.
Book
Measuring the adoption of Enterprise Security Risk Management in Kenya’s higher education using the ASIS ESRM Maturity Model
Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.
Journal Article
Tribe of hackers : cybersecurity advice from the best hackers in the world
\"Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World (9781119643371) was previously published as Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World (9781793464187). While this version features a new cover design and introduction, the remaining content is the same as the prior release and should not be considered a new or updated product. Looking for real-world advice from leading cybersecurity experts? You ve found your tribe. Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World is your guide to joining the ranks of hundreds of thousands of cybersecurity professionals around the world. Whether you re just joining the industry, climbing the corporate ladder, or considering consulting, Tribe of Hackers offers the practical know-how, industry perspectives, and technical insight you need to succeed in the rapidly growing information security market. This unique guide includes inspiring interviews from 70 security experts, including Lesley Carhart, Ming Chow, Bruce Potter, Robert M. Lee, and Jayson E. Street. Get the scoop on the biggest cybersecurity myths and misconceptions about security Learn what qualities and credentials you need to advance in the cybersecurity field Uncover which life hacks are worth your while Understand how social media and the Internet of Things has changed cybersecurity Discover what it takes to make the move from the corporate world to your own cybersecurity venture Find your favorite hackers online and continue the conversation Tribe of Hackers is a must-have resource for security professionals who are looking to advance their careers, gain a fresh perspective, and get serious about cybersecurity with thought-provoking insights from the world s most noteworthy hackers and influential security specialists.\" -- ONIX annotation.
Book
Security Risk Level Prediction of Carbofuran Pesticide Residues in Chinese Vegetables Based on Deep Learning
The supervision of security risk level of carbofuran pesticide residues can guarantee the food quality and security of residents effectively. In order to predict the potential key risk vegetables and regions, this paper constructs a security risk assessment model, combined with the k-means++ algorithm, to establish the risk security level. Then the evaluation index value of the security risk model is predicted to determine the security risk level based on the deep learning model. The model consists of a convolutional neural network (CNN) and a long short-term memory network (LSTM) optimized by an arithmetic optimization algorithm (AOA), namely, CNN-AOA-LSTM. In this paper, a comparative experiment is conducted on a small sample data set of independently constructed security risk assessment indicators. Experimental results show that the accuracy of the CNN-AOA-LSTM prediction model based on attention mechanism is 6.12% to 18.99% higher than several commonly used deep neural network models (gated recurrent unit, LSTM, and recurrent neural networks). The prediction model proposed in this paper provides scientific reference to establish the priority order of supervision, and provides forward-looking supervision for the government.
Journal Article
How to measure anything in cybersecurity risk
\"A ground shaking exposé on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current \"risk management\" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. Discover the shortcomings of cybersecurity's \"best practices\" Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques\"-- Provided by publisher.
Book
Work Experience as a Factor in Cyber-Security Risk Awareness: A Survey Study with University Students
The emergence of the COVID-19 pandemic in early 2020 has transformed how individuals work and learn and how they can apply cyber-security requirements in their, mostly remote, environments. This transformation also affected the university student population; some needed to adjust to new remote work settings, and all needed to adjust to the new remote study environment. In this online research study, we surveyed a large number of university students (n = 798) to understand their expectations in terms of support and help for this new remote work and study environment. We also asked students to report on their practices regarding remote location and Wi-Fi security settings, smart home device usage, BYOD (bring your own device) and personal device usage and social engineering threats, which can all lead to compromised security. A key aspect of our work is a comparison between the practices of students having work experience with the practices of students having no such additional experience. We identified that both the expectations and the level of cyber-security awareness differ significantly between the two student populations and that cyber-security awareness is increased by work experience. Work experience students are more aware of the cyber-security risks associated with a remote environment, and a higher portion of them know the dedicated employee whom they can contact in the event of incidents. We present the organizational security practices through the lens of employees with initial work experience, contributing to a topic that has so far received only limited attention from researchers. We provide recommendations for remote study settings and also for remote work environments, especially where the existing research literature survey results differ from the findings of our survey.
Journal Article