Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
134,451
result(s) for
"security risk"
Sort by:
Cybersecurity Risk Management Framework for Blockchain Identity Management Systems in Health IoT
Blockchain (BC) has recently paved the way for developing Decentralized Identity Management (IdM) systems for different information systems. Researchers widely use it to develop decentralized IdM systems for the Health Internet of Things (HIoT). HIoT is considered a vulnerable system that produces and processes sensitive data. BC-based IdM systems have the potential to be more secure and privacy-aware than centralized IdM systems. However, many studies have shown potential security risks to using BC. A Systematic Literature Review (SLR) conducted by the authors on BC-based IdM systems in HIoT systems showed a lack of comprehensive security and risk management frameworks for BC-based IdM systems in HIoT. Conducting a further SLR focusing on risk management and supplemented by Grey Literature (GL), in this paper, a security taxonomy, security framework, and cybersecurity risk management framework for the HIoT BC-IdM systems are identified and proposed. The cybersecurity risk management framework will significantly assist developers, researchers, and organizations in developing a secure BC-based IdM to ensure HIoT users’ data privacy and security.
Journal Article
Risk Management and ISO 31000
Risk management is a primary concern for any organisation. Its significance has only increased since the start of the COVID-19 pandemic. Organisations need to prepare for all types of threats, both probable (a server breaking down) and improbable (the office being flooded), to ensure that their operations can survive and adapt to continue with BAU (business as usual) in the face of a disaster. Yet risk management isn't solely about preventing negative outcomes, it is also about an organisation taking a known risk to uncover new opportunities to improve the organisation. For example, the transition of employees to remote working could risk an organisation's security as an employee could connect their laptop to an unsecure Wi-Fi connection. However, as demonstrated in the pandemic, remote working helped protect employees as the risk of infecting one another with COVID-19 was reduced. Read this pocket guide to understand how: * Risk-based management can prepare your organisation for future threats and therefore help the success of a BCP (business continuity plan); * To identify whether the opportunities gained from a 'risky' decision can outweigh the perceived threat; * The principles of ISO 31000 can help your organisation develop a framework for its approach to risk management; * The guidelines of ISO 31000 can be interwoven with controls in other standards such as ISO 27001 and ISO 9001; and * The organisation must continually review its approach to risk management to stay prepared for the latest threats.
eBook
Rethinking risk in national security : lessons of the financial crisis for risk management
This book examines the role of risk management in the recent financial crises and applies the lessons learned to the national security realm. It rethinks the way risk contributes to strategy, with insights relevant to practitioners and scholars in national security as well as business. Over the past few years, the concept of risk has become one of the most commonly discussed issues in national security planning. And yet the experiences of the 2007-2008 financial crises demonstrated critical limitations in institutional efforts to control risk. The most elaborate and complex risk procedures could not cure skewed incentives, cognitive biases, groupthink, and a dozen other human factors that led companies to take excessive risk. By embracing risk management, the national security enterprise may be turning to a discipline just as it has been discredited.
Book
Information security implications of using NLP in IT outsourcing: a Diffusion of Innovation theory perspective
Information technology outsourcing (ITO) is a USD multi-trillion industry. There is growing competition among ITO service providers to improve their service deliveries. Natural language processing (NLP) is a technique, which can be leveraged to gain a competitive advantage in the ITO industry. This paper explores the information security implications of using NLP in ITO. First, it explores the use of NLP to enhance information security risk management (ISRM) in ITO. Then, it delves into the information security risks (ISRs) that may arise from the use of NLP in ITO. Finally, it proposes possible ISRM approaches to address those ISRs in ITO from the use of NLP. The study follows a qualitative approach using the case study method. Nine participants from three organisations (an ITO client, service provider and sub-contractor) engaged in an ITO relationship in the ICT industry were interviewed through a semi-structured questionnaire. The research findings were verified through a focus group. Case study scenarios are provided for a clear understanding of the findings. To the best of our knowledge, it is the first study to investigate the information security implications of the use of NLP in ITO.
Journal Article
Tribe of hackers : cybersecurity advice from the best hackers in the world
\"Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World (9781119643371) was previously published as Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World (9781793464187). While this version features a new cover design and introduction, the remaining content is the same as the prior release and should not be considered a new or updated product. Looking for real-world advice from leading cybersecurity experts? You ve found your tribe. Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World is your guide to joining the ranks of hundreds of thousands of cybersecurity professionals around the world. Whether you re just joining the industry, climbing the corporate ladder, or considering consulting, Tribe of Hackers offers the practical know-how, industry perspectives, and technical insight you need to succeed in the rapidly growing information security market. This unique guide includes inspiring interviews from 70 security experts, including Lesley Carhart, Ming Chow, Bruce Potter, Robert M. Lee, and Jayson E. Street. Get the scoop on the biggest cybersecurity myths and misconceptions about security Learn what qualities and credentials you need to advance in the cybersecurity field Uncover which life hacks are worth your while Understand how social media and the Internet of Things has changed cybersecurity Discover what it takes to make the move from the corporate world to your own cybersecurity venture Find your favorite hackers online and continue the conversation Tribe of Hackers is a must-have resource for security professionals who are looking to advance their careers, gain a fresh perspective, and get serious about cybersecurity with thought-provoking insights from the world s most noteworthy hackers and influential security specialists.\" -- ONIX annotation.
Book
Measuring the adoption of Enterprise Security Risk Management in Kenya’s higher education using the ASIS ESRM Maturity Model
Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.
Journal Article
How to measure anything in cybersecurity risk
\"A ground shaking exposé on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current \"risk management\" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. Discover the shortcomings of cybersecurity's \"best practices\" Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques\"-- Provided by publisher.
Book
Security Risk Level Prediction of Carbofuran Pesticide Residues in Chinese Vegetables Based on Deep Learning
The supervision of security risk level of carbofuran pesticide residues can guarantee the food quality and security of residents effectively. In order to predict the potential key risk vegetables and regions, this paper constructs a security risk assessment model, combined with the k-means++ algorithm, to establish the risk security level. Then the evaluation index value of the security risk model is predicted to determine the security risk level based on the deep learning model. The model consists of a convolutional neural network (CNN) and a long short-term memory network (LSTM) optimized by an arithmetic optimization algorithm (AOA), namely, CNN-AOA-LSTM. In this paper, a comparative experiment is conducted on a small sample data set of independently constructed security risk assessment indicators. Experimental results show that the accuracy of the CNN-AOA-LSTM prediction model based on attention mechanism is 6.12% to 18.99% higher than several commonly used deep neural network models (gated recurrent unit, LSTM, and recurrent neural networks). The prediction model proposed in this paper provides scientific reference to establish the priority order of supervision, and provides forward-looking supervision for the government.
Journal Article