Search results for: VR cybersecurity training

Authors: Elham Rajabian

Abstract:

The ascent of cybersecurity incidents is a rising threat to most organisations in general, while the impact of the incidents is unique to each of the organizations. It is a need for behavioural sciences to concentrate on employees’ behaviour in order to prepare key security mitigation opinions versus cybersecurity incidents. There are noticeable differences among users of a computer system in terms of complying with security behaviours. We can discuss the people's differences under several subjects such as delaying tactics on something that must be done, the tendency to act without thinking, future thinking about unexpected implications of present-day issues, and risk-taking behaviours in security policies compliance. In this article, we introduce high-profile cyber-attacks and their impacts on weakening cyber resiliency in organizations. We also give attention to human errors that influence network security. Human errors are discussed as a part of psychological matters to enhance compliance with the security policies. The organizational challenges are studied in order to shape a sustainable cyber risks management approach in the related work section. Insiders’ behaviours are viewed as a cyber security gap to draw proper cyber resiliency in section 3. We carry out the best cybersecurity practices by discussing four CIS challenges in section 4. In this regard, we provide a guideline and metrics to measure cyber resilience in organizations in section 5. In the end, we give some recommendations in order to build a cybersecurity culture based on individual behaviours.

Keywords: cyber resilience, human factors, cybersecurity behavior, attitude, usability, security culture

Procedia PDF Downloads 92

Authors: Norshima Humaidi, Saif Hussein Abdallah Alghazo

Abstract:

Cybersecurity threat have become a serious issue recently, and one of the cause is because human error, which is usually constituted by carelessness, ignorance, and failure to practice cybersecurity behaviour adequately. Using a data from a quantitative survey, Partial Least Squares-Structural Equation Modelling (PLS-SEM) analysis was used to determine the factors that affect cybersecurity protective behaviour (CPB). This study adapts cybersecurity protective behaviour model by focusing on two constructs that can enhance CPB: manager’s information security competencies (MISI) and procedural information security countermeasure (PCM) awareness. Theory of leadership competencies were adapted to measure user’s perception towards competencies among security managers/leader in the organization. Confirmatory factor analysis (CFA) testing shows that all the measurement items of each constructs were adequate in their validity individually based on their factor loading value. Moreover, each constructs are valid based on their parameter estimates and statistical significance. The quantitative research findings show that PCM awareness strongly influences CPB compared to MISI. Meanwhile, MISI was significantlyPCM awarenss. This study believes that the research findings can contribute to human behaviour in IS studies and are particularly beneficial to policy makers in improving organizations’ strategic plans in information security, especially in this new era. Most organizations spend time and resources to provide and establish strategic plans of information security; however, if employees are not willing to comply and practice information security behaviour appropriately, then these efforts are in vain.

Keywords: cybersecurity, protection behaviour, information security, information security competencies, countermeasure awareness

Procedia PDF Downloads 94

Authors: Atma Sahu

Abstract:

After 9/11, there will only be cyberwars. The cyberwars increase in intensity the country's cybersecurity workforce's hiring and retention issues. Currently, many organizations have unfilled cybersecurity positions, and to a lesser degree, their cybersecurity teams are understaffed. Therefore, there is a critical need to develop a new program to help meet the market demand for cybersecurity engineers (CYSE) and personnel. Coppin State University in the United States was responsible for developing a cybersecurity engineering BS degree program. The CYSE curriculum design methodology consisted of three parts. First, the ACM Cross-Cutting Concepts standard's pervasive framework helped curriculum designers and students explore connections among the core courses' knowledge areas and reinforce the security mindset conveyed in them. Second, the core course context was created to assist students in resolving security issues in authentic cyber situations involving cyber security systems in various aspects of industrial work while adhering to the NIST standards framework. The last part of the CYSE curriculum design aspect was the institutional student learning outcomes (SLOs) integrated and aligned in content courses, representing more detailed outcomes and emphasizing what learners can do over merely what they know. The CYSE program's core courses express competencies and learning outcomes using action verbs from Bloom's Revised Taxonomy. This aspect of the CYSE BS degree program's design is based on these three pillars: the ACM, NIST, and SLO standards, which all CYSE curriculum designers should know. This unique CYSE curriculum design methodology will address how students and the CYSE program will be assessed and evaluated. It is also critical that educators, program managers, and students understand the importance of staying current in this fast-paced CYSE field.

Keywords: cyber security, cybersecurity engineering, systems engineering, NIST standards, physical systems

Procedia PDF Downloads 82

Authors: Serzhan Ashirov, Dana Nour, Rafat Rob, Khaled Alotaibi

Abstract:

There has been a fast growth in the introduction and use of communications, information, monitoring, and sensing technologies. The new technologies are making their way to the Industrial Control Systems as embedded in products, software applications, IT services, or commissioned to enable integration and automation of increasingly global supply chains. As a result, the lines that separated the physical, digital, and cyber world have diminished due to the vast implementation of the new, disruptive digital technologies. The variety and increased use of these technologies introduce many cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and members of the supply chain operation. US department of energy considers supply chain in the IR4 space to be the weakest link in cybersecurity. The IR4 identified the digitization of the field devices, followed by digitalization that eventually moved through the digital transformation space with little care for the new introduced cybersecurity risks. This paper will examine the best methodologies for securing the electrical substations from cybersecurity attacks due to supply chain risks, and due to digitization effort. SCADA systems are the most vulnerable part of the power system infrastructure due to digitization and due to the weakness and vulnerabilities in the supply chain security. The paper will discuss in details how create a secure supply chain methodology, secure substations, and mitigate the risks due to digitization

Keywords: cybersecurity, supply chain methodology, secure substation, digitization

Procedia PDF Downloads 58

Authors: Ahmad Alqatan

Abstract:

Purpose: The purpose of this study is to analyze how the adoption of cloud accounting systems influences the governance practices and performance of boards of directors in MENA countries. The research aims to identify the benefits and challenges associated with cloud accounting and its role in improving board efficiency and oversight. Methodology: This research employs a mixed-method approach, combining quantitative surveys and qualitative interviews with board members and financial officers from a diverse range of companies in the MENA region. The quantitative data is analyzed to determine patterns and correlations, while qualitative insights provide a deeper understanding of the contextual factors influencing cloud accounting adoption and its impacts. Findings: The findings indicate that cloud accounting significantly enhances the decision-making capabilities of boards by providing real-time financial information and facilitating better communication among board members. Companies using cloud accounting reports improved financial oversight and more timely and accurate financial reporting. However, the research also identifies challenges such as cybersecurity concerns, resistance to change, and the need for ongoing training and support. Practical Implications: The study suggests that MENA companies can benefit from investing in cloud accounting technologies to improve board governance and strategic decision-making. It highlights the importance of addressing cybersecurity issues and providing adequate training for board members to maximize the advantages of cloud accounting. Originality: This research contributes to the limited literature on cloud accounting in the MENA region, offering valuable insights for policymakers, business leaders, and academics. It underscores the transformative potential of cloud accounting for enhancing board performance and corporate governance in emerging markets.

Keywords: cloud accounting, board of directors, MENA region, corporate governance, financial transparency, real-time data, decision-making, cybersecurity, technology adoption

Procedia PDF Downloads 20

Authors: Nathaniel Evans, Jessica Boersma, Kenneth Kass

Abstract:

With technology and STEM fields growing every day, there is a significant projected shortfall in qualified cybersecurity workers. As such, it is essential to develop a cybersecurity curriculum that builds skills and cultivates interest in cybersecurity early on. With new jobs being created every day and an already significant gap in the job market, it is vital that educators are pro-active in introducing a cybersecurity curriculum where students are able to learn new skills and engage in an age-appropriate cyber curriculum. Within this growing world of cybersecurity, students should engage in age-appropriate technology and cybersecurity curriculum, starting with elementary school (k-5), extending through high school, and ultimately into college. Such practice will provide students with the confidence, skills, and, ultimately, the opportunity to work in the burgeoning information security field. This paper examines educational methods, pedagogical practices, current cybersecurity curricula, and other educational resources and conducts analysis for false assumptions and developmental appropriateness. It also examines and identifies common mistakes with current cyber curriculum and lessons and discuss strategies for improvement. Throughout the lessons that were reviewed, many common mistakes continued to pop up. These mistakes included age appropriateness, technology resources that were available, and consistency of student’s skill levels. Many of these lessons were written for the wrong grade levels. The ones written for the elementary level all had activities that assumed that every student in the class could read at grade level and also had background knowledge of the cyber activity at hand, which is not always the case. Another major mistake was that these lessons assumed that all schools had any kind of technology resource available to them. Some schools are 1:1, and others are only allotted three computers in their classroom where the students have to share. While coming up with a cyber-curriculum, it has to be kept in mind that not all schools are the same, not every classroom is the same. There are many students who are not reading at their grade level or have not had exposure to the digital world. We need to start slow and ease children into the cyber world. Once they have a better understanding, it will be easier to move forward with these lessons and get the students engaged. With a better understanding of common mistakes that are being made, a more robust curriculum and lessons can be created that no only spark a student’s interest in this much-needed career field but encourage learning while keeping our students safe from cyber-attacks.

Keywords: assumptions, cybersecurity, k-12, teacher

Procedia PDF Downloads 161

Authors: Gaurav Kumar Sinha

Abstract:

The oil and gas industry is a critical component of the global economy, relying heavily on industrial control systems (ICS) to manage and monitor operations. However, these systems are increasingly becoming targets for cyber-attacks, posing significant risks to operational continuity, safety, and environmental integrity. This paper explores comprehensive cybersecurity strategies for protecting oil and gas industrial control systems. It delves into the unique vulnerabilities of ICS in this sector, including outdated legacy systems, integration with IT networks, and the increased connectivity brought by the Industrial Internet of Things (IIoT). We propose a multi-layered defense approach that includes the implementation of robust network security protocols, regular system updates and patch management, advanced threat detection and response mechanisms, and stringent access control measures. We illustrate the effectiveness of these strategies in mitigating cyber risks and ensuring the resilient and secure operation of oil and gas industrial control systems. The findings underscore the necessity for a proactive and adaptive cybersecurity framework to safeguard critical infrastructure in the face of evolving cyber threats.

Keywords: cybersecurity, industrial control systems, oil and gas, cyber-attacks, network security, IoT, threat detection, system updates, patch management, access control, cybersecurity awareness, critical infrastructure, resilience, cyber threats, legacy systems, IT integration, multi-layered defense, operational continuity, safety, environmental integrity

Procedia PDF Downloads 35

Authors: Anetta Bacsa-Bán

Abstract:

The training of vocational education teachers in Hungary was a special training system before the Bologna system, but under the influence of the Bologna system, the structure and content of the training changed significantly. The training of vocational teachers, including engineering teachers and vocational trainers, is considerably different when compared to the training of public education teachers. This study aims to present these differences and peculiarities, problems and issues of the training as well as to outline the possibilities of further development. During the study, the following methods were implemented: empirical research among students and graduates of vocational teacher training, as well as analysis of the relevant literature. The study summarizes the research and theoretical results related to vocational education and training (VET) teacher training over the past 15 years, with the aim of developing the training and mapping new directions in the field.

Keywords: vocational teacher, technical instructors, technical vocational instructors, theoretical aspects

Procedia PDF Downloads 251

Authors: Nkosingiphile Mbusozayo Zungu

Abstract:

The purpose of the current study is to adopt informetrics methods to analyse the research on phishing from 2012 to 2021 in three selected databases in order to contribute to global cybersecurity through impactful research. The study follows a quantitative research methodology. We opted for the positivist epistemology and objectivist ontology. The analysis focuses on: (i) the productivity of individual authors, institutions, and countries; (ii) the research contributions, using co-authorship as a measure of collaboration; (iii) the altmetrics of selected research contributions; (iv) the citation patterns and research impact of research on phishing; and (v) research contributions by keywords, to discover the concepts that are related to phishing. The preliminary findings favour developed countries in terms of quantity and quality of research in the domain. There are unique research trends and patterns in the developing countries, including those in Africa, that provide opportunities for research development in the domain in the region. This study explores an important research domain by using unexplored method in the region. The study supports the SDG Agenda 2030, such as ending abuse, exploitation, trafficking, and all other forms of violence and torture of children through the use of cyberspace (SDG 16). Further, the results from this study can inform research, teaching, and learning largely in Africa. Invariably, the study contributes to cybersecurity awareness that will mitigate cybersecurity threats against vulnerable communities.

Keywords: phishing, cybersecurity, informetrics, information security

Procedia PDF Downloads 108

Authors: F. Nameni, H. Poursadra

Abstract:

The present study investigated resistance and progressive training alters the expression of chaperone proteins. These proteins function to maintain homeostasis, facilitate repair from injury, and provide protection. Nineteen training female in 2 groups taking part in the intervention volunteered to give blood samples. Levels of chaperone proteins were measured in response to resistance and progressive training. Hsp 70 levels were increased immediately after 2 h progressive training but decreased after resistance training. The data showed that human skeletal muscle responds to the stress of a single period of progressive training by up-regulating and resistance training by down-regulating expression of HSP70. Physical exercise can elevate core temperature and muscle temperatures and the expression pattern of HSP70 due to training status may be attributed to adaptive mechanisms.

Keywords: resistance training, heat shock proteins, leukocytes, Hsp 70

Procedia PDF Downloads 452

Authors: Liu Haitao, Wang Hengyong

Abstract:

This paper attempts to kayak, Zhaoqing City, the annual training program for young men, the deconstruction and analysis, describe the characteristics of their training load, Young people to extract the key issues for training kayak, kayak training young people to clarify in Zhaoqing City, and the cause of the bottlenecks. On one hand, scientifically arranging for the coaches to adjust training load and provide the basis for periodic structure, for young people to provide practical reference kayak athletes. On the other hand, through their training load research, enrich the theoretical system kayak training project for junior kayak athletes to provide a theoretical basis.

Keywords: juniors, kayak, training programs, full year

Procedia PDF Downloads 583

Authors: K. Thawichai, R. Pornthep

Abstract:

The purpose of this study was to compare the effects of a four week training period of combined plyometric and resistance training or resistance training alone on muscle strength and sprint performance in wheelchair racing athletes. The participants were sixteen healthy male wheelchair racing athletes of the Thai national team. All participants were randomly assignments into two groups in the plyometric and resistance training group (n = 8) performed plyometric exercises followed by resistance training, whereas the resistance training group (n = 8) performed static stretching and the same resistance training program. At baseline and after training all participants were tested on 1-RM bench press for muscle strength and 100-m cycling sprint performance. The results of this study show that the plyometric and resistance training group made significantly greater improvements in overall muscle strength and sprint performance than the resistance training group following training. In conclusion, these findings suggest that the addition of a four week plyometric and resistance training program more beneficial than resistance training alone on muscle strength and sprint performance in wheelchair racing athletes.

Keywords: plyometric, resistance training, strength, sprint, wheelchair athletes

Procedia PDF Downloads 530

Authors: Comfort Aina

Abstract:

Modern English, as we all know it to be a foreign language to many, will require training and re-training on the path of the teacher and learners alike. As a teacher, you cannot give that which you do not have. Teachers, many of whom are non-native speakers, are required to be competent in solving problems occurring in the teaching and learning processes. They should be conscious of up to date information about new approaches, methods, techniques as well as they should be capable in the use of information and communication technology (ICT) and, of course, should work on the improvement of their language components and competence. For teachers to be successful in these goals, they need to be encouraged and motivated. So, for EFL teachers to be successful, they are enrolled to in-service teacher training, ICT training, some of the training they undergo and the benefits accrued to it will be the focus of the paper.

Keywords: training, management, method, english language, EFL teachers

Procedia PDF Downloads 108

Authors: Oussedik Lydia, Zaouani-Denoux Souâd

Abstract:

In an economic context characterized by intense competition and the impact of new technologies, companies have a constant need to adapt to the environment and the changes imposed. This situation leads companies to take training actions to develop employees’ required skills. Further, training is considered as a strategic lever for the company's growth. Accordingly, an increasing number of companies are adopting training to ensure continuous employees qualification. Thus, the aim of this research is to understand the process of training engineering occurring in the context of a company's continuous training, which will help to identify the gaps that can hinder or promote the development of employees' knowledge and skills. The research methodology is based on a mixed-method approach. Interviews and questionnaires are implemented to collect qualitative and quantitative data. The study results can help managers to identify gaps at each stage of training design. Finally, the research findings provide important information to help design a training plan to support the development of employees' knowledge and performance.

Keywords: training engineering, training needs, training plan, competences, continuing training, perception

Procedia PDF Downloads 132

Authors: Olalekan Bamidele Aruleba

Abstract:

This research assessed the impact of manpower training and development in the construction industry. The aim is to determine the effect of training and development on employees for effective organizational growth in the construction industry to identify the training method for each category of employee in the construction industry, challenges to training and development of workers in the construction industry and impact of manpower training and development on employees and employers. Data for the study were obtained through a well-structured questionnaire administered to building professionals in Nigeria construction firm. Eighty (80) questionnaires were distributed among building professionals in three selected local governments within Ondo State and sixty-four (64) were returned. Data collected were analysed using descriptive statistics and ranking. Findings of the study revealed that in house training and in-service training methods were preferred by most construction industry. It concluded that the attitude of top management and lack of fund was seen as the significant challenges militating against training of employees. The study recommended that manpower training and development must be sustained by all stakeholders in the industry in order to improve workers' productivity; the organization should adopt the right method in training each category of employees and carry out the need assessment for training to avoid training wrong employees.

Keywords: construction, development, manpower, training

Procedia PDF Downloads 223

Authors: Tarek Saadawi, Rosario Gennaro, Jonathan Akeley

Abstract:

There is rapidly growing demand for professionals to fill positions in Cybersecurity. This is recognized as a national priority both by government agencies and the private sector. Cybersecurity is a very wide technical area which encompasses all measures that can be taken in an electronic system to prevent criminal or unauthorized use of data and resources. This requires defending computers, servers, networks, and their users from any kind of malicious attacks. The need to address this challenge has been recognized globally but is particularly acute in the New York metropolitan area, home to some of the largest financial institutions in the world, which are prime targets of cyberattacks. In New York State alone, there are currently around 57,000 jobs in the Cybersecurity industry, with more than 23,000 unfilled positions. The Cybersecurity Program at City College is a collaboration between the Departments of Computer Science and Electrical Engineering. In Fall 2020, The City College of New York matriculated its first students in theCybersecurity Master of Science program. The program was designed to fill gaps in the previous offerings and evolved out ofan established partnership with Facebook on Cybersecurity Education. City College has designed a program where courses, curricula, syllabi, materials, labs, etc., are developed in cooperation and coordination with industry whenever possible, ensuring that students graduating from the program will have the necessary background to seamlessly segue into industry jobs. The Cybersecurity Program has created multiple pathways for prospective students to obtain the necessary prerequisites to apply in order to build a more diverse student population. The program can also be pursued on a part-time basis which makes it available to working professionals. Since City College’s Cybersecurity M.S. program was established to equip students with the advanced technical skills needed to thrive in a high-demand, rapidly-evolving field, it incorporates a range of pedagogical formats. From its outset, the Cybersecurity program has sought to provide both the theoretical foundations necessary for meaningful work in the field along with labs and applied learning projects aligned with skillsets required by industry. The efforts have involved collaboration with outside organizations and with visiting professors designing new courses on topics such as Adversarial AI, Data Privacy, Secure Cloud Computing, and blockchain. Although the program was initially designed with a single asynchronous course in the curriculum with the rest of the classes designed to be offered in-person, the advent of the COVID-19 pandemic necessitated a move to fullyonline learning. The shift to online learning has provided lessons for future development by providing examples of some inherent advantages to the medium in addition to its drawbacks. This talk will address the structure of the newly-implemented Cybersecurity Master’s Program and discuss the innovations, challenges, and possible future directions.

Keywords: cybersecurity, new york, city college, graduate degree, master of science

Procedia PDF Downloads 142

Authors: L. Pigon, S. Kot, J. K. Grabara

Abstract:

Nowadays, with organizations facing the challenges of increasing competitiveness, human capital accumulated by the organization is one of the elements that strongly differentiate between companies. Efficient management in the competition area requires to manage the competencies of their employees to be suitable to the market fluctuations. The aim of the paper was to determine how employee training to improve their competencies is verified. The survey was conducted among 37 respondents involved in selection of training providers and training programs in their enterprises. The results showed that all organizations use training survey as a basic method for evaluation of training effectiveness. Depending on the training contents and organization, the questionnaires contain various questions. Most of these surveys are composed of the three basic blocks: the trainer's assessment, the evaluation of the training contents, the assessment of the materials and the place of the organisation. None of the organization surveys conducted regular job-related observations or examined the attitudes of the training participants.

Keywords: human capital, competencies, training effectiveness, sale department

Procedia PDF Downloads 168

Authors: T. Sakai, A. Aikawa

Abstract:

This study defined 'gratitude skills training' as a social skills training which would become a new intervention method about gratitude intervention. The purpose of this study was to confirm the intervention effect of gratitude skills training on the reduction of loneliness. The participants in this study were university students (n = 36). A waiting list control design was used, in which the participants were assigned either to a training group (n = 18) or a waiting list control group (n = 18); the latter group took the same training after the first group had been trained. The two-week gratitude skills training comprised of three sessions (50 minutes per each of sessions). In the three sessions, the guidebook and the homework developed in this study were used. Results showed that gratitude skills training improved the participants’ gratitude skills. The results also indicated the intervention effect of gratitude skills training on the reduction of loneliness during the follow-up after three weeks. This study suggests that gratitude skills training can reduce loneliness. The gratitude skills training has a possibility of becoming a new treatment to reduce loneliness.

Keywords: gratitude skills, loneliness, social skills training, well-being

Procedia PDF Downloads 194

Authors: Nuray Gökçek Karaca, Berrin Gökçek

Abstract:

Employers occupational safety and health training obligations are regulated in 89/391/EEC Framework Directive and also in 6331 numbered Occupational Health and Safety Law in Turkey. The main objective of this research is to determine and evaluate the employers’ occupational health and safety training obligations in Framework Directive in comparison with the 6331 numbered Occupational Health and Safety Law and to examine training principles in Turkey. For this purpose, employers’ occupational health and safety training obligations examined in Framework Directive and Occupational Health and Safety Law. This study carried out through comparative scanning model and literature model. The research data were collected through European Agency and ministry legislations. As a result, employers’ occupational health and safety training obligations in the 6331 numbered Occupational Health and Safety Law are compatible with the 89/391/EEC numbered Framework Directive and training principles are determined by in different ways like the trained workers, training issues, training period, training time, and trainers. In this study, employers’ training obligations are evaluated in detail.

Keywords: directive, occupational health and safety, training, work accidences

Procedia PDF Downloads 341

Authors: Eugene Wong, Felix Chan, Linsey Chen, Joey Cheung

Abstract:

The widespread use of technologies and cyber/digital means for complex maritime operations have led to a sharp rise in global cyber-attacks. They have generated an increasing number of liability disputes, insurance claims, and legal proceedings. An array of antiquated case law, regulations, international conventions, and obsolete contractual clauses drafted in the pre-technology era have become grossly inadequate in addressing the contemporary challenges. This paper offers a critique of the ambiguity of cybersecurity liabilities under the obligation of seaworthiness entailed in the Hague-Visby Rules, which apply either by law in a large number of jurisdictions or by express incorporation into the shipping documents. This paper also evaluates the legal and technological criteria for assessing whether a vessel is properly equipped with the latest offshore technologies for navigation and cargo delivery operations. Examples include computer applications, networks and servers, enterprise systems, global positioning systems, and data centers. A critical analysis of the carriers’ obligations to exercise due diligence in preventing or mitigating cyber-attacks is also conducted in this paper. It is hoped that the present study will offer original and crucial insights to policymakers, regulators, carriers, cargo interests, and insurance underwriters closely involved in dispute prevention and resolution arising from cybersecurity liabilities.

Keywords: seaworthiness, cybersecurity, liabilities, risks, maritime, transport

Procedia PDF Downloads 133

Authors: Sagir Abubakar

Abstract:

Organization must move along with the employees, because organization should adapt itself to the changing environment. The paper examines the effect of training and development on employee performance. Training and development has an important role in improve the performance, skills and attitude of employee in an organization. Training and development will also help an employee to do his present job or to prepare him for a higher position with increased responsibilities. The paper analyses the employee performance towards training and development conducted in some selected banks within Bauchi metropolis. Review of related literature was done on, training, training objectives, methods and development and its method. A census survey was carried out using staff of GTB and Skye Banks Bauchi branch where a total of 40 questionnaires were administered personally by the researcher and there were 100% responses. Correlation analysis was adopted for the analysis of data collected. The study concludes that 95% of respondents agreed that training and development are vital for both employee and organizations performance. They also suggest that training and development should be made compulsory for all categories of employee in an organization. Training and Development programmes are necessary in any organization for improving the quality of work of the employee.

Keywords: training, development, employee, performance, banks

Procedia PDF Downloads 462

Authors: Gampel Alexander, Mazzuchi Thomas, Sarkani Shahram

Abstract:

The cybersecurity landscape is constantly evolving, and organizations must adapt to the changing threat environment to protect their assets. The implementation of the NIST Risk Management Framework (RMF) has become critical in ensuring the security and safety of industrial control and automation systems. However, cybersecurity professionals are facing challenges in implementing RMF, leading to systems operating without authorization and being non-compliant with regulations. The current approach to RMF implementation based on business practices is limited and insufficient, leaving organizations vulnerable to cyberattacks resulting in the loss of personal consumer data and critical infrastructure details. To address these challenges, this research proposes a Model-Based Systems Engineering (MBSE) approach to implementing cybersecurity controls and assessing risk through the RMF process. The study emphasizes the need to shift to a modeling approach, which can streamline the RMF process and eliminate bloated structures that make it difficult to receive an Authorization-To-Operate (ATO). The study focuses on the practical application of MBSE in industrial control and automation systems to improve the security and safety of operations. It is concluded that MBSE can be used to solve the implementation challenges of the NIST RMF process and improve the security of industrial control and automation systems. The research suggests that MBSE provides a more effective and efficient method for implementing cybersecurity controls and assessing risk through the RMF process. The future work for this research involves exploring the broader applicability of MBSE in different industries and domains. The study suggests that the MBSE approach can be applied to other domains beyond industrial control and automation systems.

Keywords: authorization-to-operate (ATO), industrial control systems (ICS), model-based system’s engineering (MBSE), risk management framework (RMF)

Procedia PDF Downloads 88

Authors: Halit Arslan, Ismail Sahin, Ahmet Oguz Akturk, Ismail Celik

Abstract:

Today, the means of following the developments in the area of science and technology is to keep up with the pace of the advancements in this area. As is in every profession, apart from their personal efforts, the training of teachers in the period after they start their careers is only possible through in-service training. The aim of the present study is to determine the views of Information Technologies (IT) teachers regarding the in-service training courses organized by the Ministry of National Education. In this study, in which quantitative research methods and techniques were employed, the views of 196 IT teachers were collected by using the “Views on In-service Training” questionnaire developed by the authors of the paper. Independent groups t-test was used to determine whether the views of IT teachers regarding in-service training differed depending on gender, age and professional seniority. One-way analysis of variance (ANOVA) was used to investigate whether the views of IT teachers regarding in-service training differed depending on the number of in-service training courses they joined and the type of in-service training course they wanted to take. According to the findings obtained in the study, the views of IT teachers on in-service training did not show a significant difference depending on gender and age, whereas those views differed depending on professional seniority, the number of in-service training courses they joined and the type of in-service training course they wanted to take.

Keywords: in-service training, IT teachers, professional development, personal development

Procedia PDF Downloads 409

Authors: Noureddine Mohtaram, Jeremy Patrix, Jerome Verny

Abstract:

As an enormous number of online services have been developed into web applications, security problems based on web applications are becoming more serious now. Most intrusion detection systems rely on each request to find the cyber-attack rather than on user behavior, and these systems can only protect web applications against known vulnerabilities rather than certain zero-day attacks. In order to detect new attacks, we analyze the HTTP protocols of web servers to divide them into two categories: normal attacks and malicious attacks. On the other hand, the quality of the results obtained by deep learning (DL) in various areas of big data has given an important motivation to apply it to cybersecurity. Deep learning for attack detection in cybersecurity has the potential to be a robust tool from small transformations to new attacks due to its capability to extract more high-level features. This research aims to take a new approach, deep learning to cybersecurity, to classify these two categories to eliminate attacks and protect web servers of the defense sector which encounters different web traffic compared to other sectors (such as e-commerce, web app, etc.). The result shows that by using a machine learning method, a higher accuracy rate, and a lower false alarm detection rate can be achieved.

Keywords: anomaly detection, HTTP protocol, logs, cyber attack, deep learning

Procedia PDF Downloads 205

Authors: M. Mutemwa

Abstract:

A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and incident response. SOCs are critical when determining an organization’s cybersecurity posture because they can be used to detect, analyze and report on various malicious activities. For most organizations, a SOC is not part of the initial design and implementation of the Information Technology (IT) environment but rather an afterthought. As a result, it is not natively a plug and play component; therefore, there are integration challenges when a SOC is introduced into an organization. A SOC is an independent hub that needs to be integrated with existing procedures, policies and IT systems of an organization such as the service desk, ticket logging system, reporting, etc. This paper discussed the challenges of integrating a newly developed SOC to an organization’s existing IT environment. Firstly, the paper begins by looking at what data sources should be incorporated into the Security Information and Event Management (SIEM) such as which host machines, servers, network end points, software, applications, web servers, etc. for security posture monitoring. That is which systems need to be monitored first and the order by which the rest of the systems follow. Secondly, the paper also describes how to integrate the organization’s ticket logging system with the SOC SIEM. That is how the cybersecurity related incidents should be logged by both analysts and non-technical employees of an organization. Also the priority matrix for incident types and notifications of incidents. Thirdly, the paper looks at how to communicate awareness campaigns from the SOC and also how to report on incidents that are found inside the SOC. Lastly, the paper looks at how to show value for the large investments that are poured into designing, building and running a SOC.

Keywords: cybersecurity operation centre, incident response, priority matrix, procedures and policies

Procedia PDF Downloads 151

Authors: S. Werrlich, E. Eichstetter, K. Nitsche, G. Notni

Abstract:

Augmented Reality (AR) is a strong growing research topic in different training domains such as medicine, sports, military, education and industrial use cases like assembly and maintenance tasks. AR claims to improve the efficiency and skill-transfer of training tasks. This paper gives a comprehensive overview of evaluations using AR for assembly and maintenance training tasks published between 1992 and 2017. We search in a structured way in four different online databases and get 862 results. We select 17 relevant articles focusing on evaluating AR-based training applications for assembly and maintenance tasks. This paper also indicates design guidelines which are necessary for creating a successful application for an AR-based training. We also present five scientific limitations in the field of AR-based training for assembly tasks. Finally, we show our approach to solve current research problems using Design Science Research (DSR).

Keywords: assembly, augmented reality, survey, training

Procedia PDF Downloads 271

Authors: Joshua Ikpimi, Dimeji Abe, Nonso Okoye, Gideon Ikpimi, Prince Idemudia

Abstract:

Training programmes are integral parts of development for employees to develop themselves and also to develop the organisation. Lack of training and inadequate training adversely affect the productivity in any organisation. Lack of training in the water sector can impair development and improper management of water. Training programs are given to water professionals, especially in a developing country like South Africa, to perform well in their day to day activities. The aim of this study was to evaluate the current training program in place for water professionals at KwaZulu Natal province of South Africa. The objectives were to determine the training programs that are suitable for their job descriptions and to determine the gaps with the training programs and to make recommendations on ways to improve the training programs. This study is a quantitative study which enabled an evaluation of training programs for KwaZulu Natal water professionals. The sample population was 120 professionals across all the cities and towns in KwaZulu Natal province. The water professionals were evaluated using structured questionnaire distributed to the respondents from September to December 2017. The data was analysed using R software. The study found that province has training programs that are valuable for their water professionals. However, involvement of some professionals in administrative activities was hindered by some inappropriate training. Many areas of improvement are suggested to the province in training its water professionals. Training was found to improve performance, commitment, motivation and staff retention of water professionals in the province.

Keywords: KwaZulu Natal, performance, training, water

Procedia PDF Downloads 183

Authors: Csilla Paksi-Petró

Abstract:

The Hungarian national public administration training system providing continuous, lifelong further training to some ten thousand executives in public administration was launched in 2014, adding skills and competency development to the previous training solutions, which had a mainly legal and professional approach. The executive training system is being continuously developed since tackling the existing qualitative, and quantitative challenges calls for the introduction of novel, innovative solutions. With a gap-filling character, this study presents, in brief, the last eight years of system of executive training in public administration, supported by the outcomes of the author's empirical research, makes suggestions for the possible directions of its further development. Through this article, the reader may obtain an overview of the current Hungarian civil service further training system, its institution system, the method of its application, its target groups, its results, and its development prospects. By reading the article, the reader will get acquainted with the good practices of the Hungarian civil service further training system.

Keywords: coaching, e-learning, executive development, further-training

Procedia PDF Downloads 118

Authors: Ebtesam Shadadi, Rasha Ibrahim, Essam Ghadafi

Abstract:

Phishing poses a significant threat as a cybercrime by tricking end users into revealing their confidential and sensitive information. Attackers often manipulate victims to achieve their malicious goals. The increasing prevalence of Phishing has led to extensive research on this issue, including studies focusing on phishing attempts in healthcare institutions in the Kingdom of Saudi Arabia. This paper explores the importance of analyzing phishing attacks, specifically focusing on those targeting the healthcare industry. The study delves into the tactics, obstacles, and remedies associated with these attacks, all while considering the implications for Saudi Vision 2030.

Keywords: phishing, cybersecurity, cyber threat, social engineering, vision 2030

Procedia PDF Downloads 53

Authors: Oussedik Lydia, Zaouani-Denoux Souâd

Abstract:

Given the evolution of professions, training is becoming a solution to meet the current requirements of the labor market. Notably, the amount of money invested in training activities is considerable and continuously increasing globally. The justification of this investment becomes an obligation for those responsible for training. Therefore, the impact of training can be measured by the degree to which the knowledge, skills, and attitudes acquired through training are transferred to the workplace. Further, knowledge transfer is fundamental because the objective of any training is to be close to a professional environment in order to improve the productivity of participants. Hence, the need to better understand the knowledge transfer process in order to determine the factors that may influence it. The objective of this research is to understand the process of knowledge transfer that can occur between two contexts: professional training and the workplace, which will provide further insight to identify the environmental factors that can hinder or promote it. By examining participants' perceptions of the training and work contexts, this qualitative approach seeks to understand the knowledge transfer process that occurs between the two contexts. It also aims to identify the factors that influence it. The results will help managers identify environmental factors in the training and work context that may impact knowledge transfer. These results can be used to promote the knowledge transfer process and the performance of the trainees.

Keywords: knowledge transfer, professional training, professional training in agriculture, training context, professional context

Procedia PDF Downloads 162