Search results for: cyber risk assessment

Authors: Preeda Sansakorn, Min An

Abstract:

In order to be capable of dealing with uncertainties, subjectivities, including vagueness arising in building construction projects, the application of fuzzy reasoning technique based on fuzzy set theory is proposed. This study contributes significantly to the development of a fuzzy reasoning safety risk assessment model for building construction projects that could be employed to assess the risk magnitude of each hazardous event identified during construction, and a third parameter of probability of consequence is incorporated in the model. By using the proposed safety risk analysis methodology, more reliable and less ambiguities, which provide the safety risk management project team for decision-making purposes.

Keywords: safety risk assessment, building construction safety, fuzzy reasoning, construction risk assessment model, building construction projects

Procedia PDF Downloads 465

Authors: Li Qiang, Yang Ze-Ming, Liu Bao-Xu, Jiang Zheng-Wei

Abstract:

With the increasing complexity of cyberspace security, the cyber-attack attribution has become an important challenge of the security protection systems. The difficult points of cyber-attack attribution were forced on the problems of huge data handling and key data missing. According to this situation, this paper presented a reasoning method of cyber-attack attribution based on threat intelligence. The method utilizes the intrusion kill chain model and Bayesian network to build attack chain and evidence chain of cyber-attack on threat intelligence platform through data calculation, analysis and reasoning. Then, we used a number of cyber-attack events which we have observed and analyzed to test the reasoning method and demo system, the result of testing indicates that the reasoning method can provide certain help in cyber-attack attribution.

Keywords: reasoning, Bayesian networks, cyber-attack attribution, Kill Chain, threat intelligence

Procedia PDF Downloads 430

Authors: Mirko Sailio

Abstract:

Border crossing automatization reduces required human resources in handling people crossing borders. As technology replaces and augments the work done by border officers, new cyber threats arise to threaten border security. This research analyses the current cyber threat actors and their capabilities. The analysis is conducted by gathering the threat actor data from a wide range of public sources. A model for a general border automatization system is presented, and its most significant cyber-security attributes are then compared to threat actor activity and capabilities in order to predict priorities in securing such systems. Organized crime and nation-state actors present the clearest threat to border cyber-security, and additional focus is given to their motivations and activities.

Keywords: border automation, cyber-security, threat actors, border cyber-security

Procedia PDF Downloads 182

Authors: Anders Thorsén, Behrooz Sangchoolie, Peter Folkesson, Ted Strandberg

Abstract:

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment in order to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., intelligent distributed grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified in order to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Keywords: intelligent distribution grids, threat analysis, risk assessment, safety, cybersecurity

Procedia PDF Downloads 134

Authors: Phontip Kanlahasuth

Abstract:

This paper presents the environmental safety and occupational health risk assessment of rocket static test by assessing risk level from probability and severity and then appropriately applying the risk control measures. Before the environmental safety and occupational health measures are applied, the serious hazards level is 31%, medium level is 24% and low level is 45%. Once risk control measures are practically implemented, the serious hazard level can be diminished, medium level is 38%, low level is 45% and eliminated level is 17%. It is clearly shown that the environmental safety and occupational health measures can significantly reduce the risk level.

Keywords: rocket static test, hazard, risk, risk assessment, risk analysis, environment, safety, occupational health, acceptable risk, probability, severity, risk level

Procedia PDF Downloads 568

Authors: E. Cenderelli, E. Bruno, G. Iacoviello, A. Lazzini

Abstract:

The financial sector is exposed to the risk of cyber-attacks like any other industrial sector. Furthermore, the topic of CybeRisk (cyber risk) has become particularly relevant given that Information Technology (IT) attacks have increased drastically in recent years, and cannot be stopped by single organizations requiring a response at international and national level. IT risk is never a matter purely for the IT manager, although he clearly plays a key role. A bank's risk management function requires a thorough understanding of the evolving risks as well as the tools and practical techniques available to address them. Upon the request of European and national legislation regarding CybeRisk in the financial system, banks are therefore called upon to strengthen the operational model for CybeRisk management. This will require an important change with a more intense collaboration with the structures that deal with information security for the development of an ad hoc system for the evaluation and control of this type of risk. The aim of the work is to propose a framework for the management and control of CybeRisk that will bridge the gap in the literature regarding the understanding and consideration of CybeRisk as an integral part of business management. The IT function has a strong relevance in the management of CybeRisk, which is perceived mainly as operational risk, but with a positive tendency on the part of risk management to the identification of CybeRisk assessment methods that are increasingly complete, quantitative and able to better describe the possible impacts on the business. The paper provides answers to the research questions: Is it possible to define a CybeRisk governance structure able to support the comparison between risk and security? How can the relationships between IT assets be integrated into a cyberisk assessment framework to guarantee a system of protection and risks control? From a methodological point of view, this research uses a case study approach. The choice of “Monte dei Paschi di Siena” was determined by the specific features of one of Italy’s biggest lenders. It is chosen to use an intensive research strategy: an in-depth study of reality. The case study methodology is an empirical approach to explore a complex and current phenomenon that develops over time. The use of cases has also the advantage of allowing the deepening of aspects concerning the "how" and "why" of contemporary events, on which the scholar has little control. The research bases on quantitative data and qualitative information obtained through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk, IT and compliance managers, and those responsible for internal audit function and anti-money laundering. The added value of the paper can be seen in the development of a framework based on a mapping of IT assets from which it is possible to identify their relationships for purposes of a more effective management and control of cyber risk.

Keywords: bank, CybeRisk, information technology, risk management

Procedia PDF Downloads 224

Authors: Sandija Zeverte-Rivza, Irina Pilvere, Baiba Rivza

Abstract:

The use of renewable energy sources incl. biogas has become topical in accordance with the increasing demand for energy, decrease of fossil energy resources and the efforts to reduce greenhouse gas emissions as well as to increase energy independence from the territories where fossil energy resources are available. As the technologies of biogas production from agricultural biomass develop, risk assessment and risk management become necessary for farms producing such a renewable energy. The need for risk assessments has become particularly topical when discussions on changing the biogas policy in the EU take place, which may influence the development of the sector in the future, as well as the operation of existing biogas facilities and their income level. The current article describes results of the risk assessment for farms producing biomass from agriculture biomass in Latvia, the risk assessment system included 24 risks, that affect the whole biogas production process and the obtained results showed the high significance of political and production risks.

Keywords: biogas production, risks, risk assessment, biosystems engineering

Procedia PDF Downloads 392

Authors: Uche A. Nnawulezi

Abstract:

The evolving global environment has as of late seen formative difficulties bordering on cyber crime and its attendant effects. This paper looks at what constitutes an offense of cyber crime under the tenets of International Law as no nation can lay bona-fide claim in managing cyber crime as a criminal phenomenon. Therefore, there has been a plethora of ideological, conceptual and mental propositions of policies aimed at domesticating cyber crimes – an international crime. These policies were as a result of parochial consideration and social foundations which negate the spirit of internationally accepted procedures. The study also noted that the non-domestication of cyber crime laws by most countries has led to an increase in cyber crimes and its attendant effects have remained unabated. The author has pointed out emerging international rules as a panacea for a sustainable cyber crime-free society. The paper relied on documentary evidence and hence scooped much of the data from secondary sources such as text books, journals, articles and periodicals and more so, opinion papers, emanating from international criminal court. It concludes that the necessary recommendations made in this paper, if fully adopted, shall go a long way in maintaining a cyber crime-free society. Ultimately, the domestic and international law mechanisms capable of dealing with cyber crime offenses should be expanded and be made proactive in order to deal with the demands of modern day challenges.

Keywords: criminology, cyber crime, domestic law, international law

Procedia PDF Downloads 171

Authors: Qing Cao

Abstract:

Generally speaking, China has a relatively high level of intellectual property (IP) infringement. Risk assessment is indispensable in the strategic planning process. To complement the current literature in international business, the paper sheds the light on how to assess IP risk for foreign companies in planning market entry to China. Evaluating internal and external IP environment, proposed in the paper, consists of external analysis, internal analysis and further internal analysis. Through position the company’s IP environment, the risk assessment approach enables the foreign companies to either build the corresponding IP strategies or abort the entry plan beforehand to minimize the IP risks.

Keywords: intellectual property, IP environment, risk assessment

Procedia PDF Downloads 540

Authors: Charles Amoatey

Abstract:

The issue of risk in the mining industry is a global phenomenon and the Ghanaian mining industry is not exempted. The main purpose of this study is to identify the critical risk factors affecting the mining industry. The study takes an integrated view of the mining industry by examining the contribution of various risk factors to mining project failure in Ghana. A questionnaire survey was conducted to solicit the critical risk factors from key mining practitioners. About 80 respondents from 11 mining firms participated in the survey. The study identified 22 risk factors contributing to mining project failure in Ghana. The five most critical risk factors based on both probability of occurrence and impact were: (1) unstable commodity prices, (2) inflation/exchange rate, (3) land degradation, (4) high cost of living and (5) government bureaucracy for obtaining licenses. Furthermore, the study found that risk assessment in the mining sector has a direct link with mining project sustainability. Mitigation measures for addressing the identified risk factors were discussed. The key findings emphasize the need for a comprehensive risk management culture in the entire mining industry.

Keywords: risk, assessment, mining, Ghana

Procedia PDF Downloads 430

Authors: Spyridon Plakoudas

Abstract:

After the capture of Al-Raqqah and the defeat of the short-lived Islamic Caliphate in 2017, everyone predicted the end of ISIS. However, ISIS proved far more resilient than initially thought. The militant group quickly regrouped from its defeat and started a low-intensity guerrilla campaign in central Iraq (near Kirkuk and Mosul) and north-eastern Syria (near Deir ez-Zorr). At the same time, ISIS doubled down on its cyber-campaign; actually, ISIS is as active on the cyber-domain as during the peak of its power in 2015. This paper, a spin-off paper from a co-authored book on the Syrian Civil War (due to be published by Rowman and Littlefield), intends to examine how ISIS operates in the cyber-domain and how this "Cyber-Caliphate" under re-construction is associated with its post-2017 strategy. This paper will draw on the discipline of War Studies (with an emphasis on Cyber-Security and Insurgency / Counter-Insurgency) and will benefit from the insights of interviewed experts on the field (e.g., Hassan Hasssan). This paper will explain how the successful operation of ISIS in the cyber-space preserves the myth of the “caliphate” amongst its worldwide followers (against the odds) and sustains the group’s ongoing insurgency in Syria and Iraq; in addition, this paper will suggest how this cyber-threat can be countered best.

Keywords: ISIS, cyber-jihad, Syrian Civil War, cyber-terrorism, insurgency and counter-insurgency

Procedia PDF Downloads 110

Authors: Mohammadreza Ashouria, Majid Motamedzadeb

Abstract:

Rapid Entire Body Assessment (REBA) and Quick Exposure Check (QEC) are two general methods to assess the risk factors of work-related musculoskeletal disorders (WMSDs). This study aimed to compare ergonomic risk assessment outputs from QEC and REBA in terms of agreement in distribution of postural loading scores based on analysis of working postures. This cross-sectional study was conducted in an engine oil company in which 40 jobs were studied. A trained occupational health practitioner observed all jobs. Job information was collected to ensure the completion of ergonomic risk assessment tools, including QEC, and REBA. The result revealed that there was a significant correlation between final scores (r=0.731) and the action levels (r =0.893) of two applied methods. Comparison between the action levels and final scores of two methods showed that there was no significant difference among working departments. Most of the studied postures acquired low and moderate risk level in QEC assessment (low risk=20%, moderate risk=50% and High risk=30%) and in REBA assessment (low risk=15%, moderate risk=60% and high risk=25%).There is a significant correlation between two methods. They have a strong correlation in identifying risky jobs and determining the potential risk for incidence of WMSDs. Therefore, there is a possibility for researchers to apply interchangeably both methods, for postural risk assessment in appropriate working environments.

Keywords: observational method, QEC, REBA, musculoskeletal disorders

Procedia PDF Downloads 347

Authors: Auwal Nata'ala

Abstract:

The Information and Communication Technology (ICT) has had impacts in almost every area human endeavor. From business, industries, banks to none profit organizations. ICT has simplified business process such as sorting, summarizing, coding, updating and generating a report in a real-time processing mode. However, the use of these ICT facilities such as computer and internet has also brought unintended consequences of criminal activities such as spamming, credit card frauds, ATM frauds, phishing, identity theft, denial of services and other related cyber crimes. This study sought to examined cyber-crime and its impact on the banking institution in Nigeria. It also examined the existing policy framework and assessed the success of the institutional countermeasures in combating cyber crime in the banking industry. This paper X-ray’s cyber crimes, policies issues and provides insight from a Nigeria perspective.

Keywords: cyber crimes, e-banking, policies, ICT

Procedia PDF Downloads 395

Authors: Hyeon-Kyo Lim, Sang-Hun Byun

Abstract:

Risk assessment is carried out in most industrial plants for accident prevention, but there exists insufficient data for statistical decision making. It is commonly said that risk can be expressed as a product of consequence and likelihood of a corresponding hazard factor. Eventually, therefore, risk assessment involves human decision making which cannot be objective per se. This study was carried out to comprehend perceptive characteristics of human beings in industrial plants. Subjects were shown a set of illustrations describing scenes of industrial plants, and were asked to assess the risk of each scene with not only linguistic variables but also numeric scores in the aspect of consequence and likelihood. After that, their responses were formulated as fuzzy membership functions, and compared with those of university students who had no experience of industrial works. The results showed that risk level of industrial workers were lower than those of any other groups, which implied that the workers might generally have a tendency to neglect more hazard factors in their work fields.

Keywords: fuzzy, hazard, linguistic variable, risk assessment

Procedia PDF Downloads 241

Authors: Maithem Al-Saadi, Min An

Abstract:

During airport planning and design stages, the major issues of capacity and safety in construction and operation of an airport need to be taken into consideration. The airside of an airport is a major and critical infrastructure that usually consists of runway(s), taxiway system, and apron(s) etc., which have to be designed according to the international standards and recommendations, and local limitations to accommodate the forecasted demands. However, in many cases, airport airsides are suffering from unexpected risks that occurred during airport operations. Therefore, safety risk assessment should be applied in the planning and design of airsides to cope with the probability of risks and their consequences, and to make decisions to reduce the risks to as low as reasonably practicable (ALARP) based on safety risk assessment. This paper presents a combination approach of Failure Modes, Effect, and Criticality Analysis (FMECA), Fuzzy Reasoning Approach (FRA), and Fuzzy Analytic Hierarchy Process (FAHP) to develop a risk analysis model for safety risk assessment. An illustrated example is used to the demonstrate risk assessment process on how the design of an airside in an airport can be analysed by using the proposed safety design risk assessment model.

Keywords: airport airside planning and design, design for safety, fuzzy reasoning approach, fuzzy AHP, risk assessment

Procedia PDF Downloads 349

Authors: Yatin Wadhawan, Clifford Neuman, Anas Al Majali

Abstract:

In this paper, we evaluate the resilience of the smart grid system in the presence of multiple cyber-physical attacks on its distinct functional components. We discuss attack-defense scenarios and their effect on smart grid resilience. Through contingency simulations in the Network and PowerWorld Simulator, we analyze multiple cyber-physical attacks that propagate from the cyber domain to power systems and discuss how such attacks destabilize the underlying power grid. The analysis of such simulations helps system administrators develop more resilient systems and improves the response of the system in the presence of cyber-physical attacks.

Keywords: smart grid, gas pipeline, cyber- physical attack, security, resilience

Procedia PDF Downloads 291

Authors: Mohammad Nazri Mustafa, Pedram Hatami Abdullah, M. Fakhrur Razi Ahmad Faizul

Abstract:

With the issuance of Malaysian National Annex 2017 as a part of MS EN 1998-1:2015, the seismic mapping of Malaysian Peninsular including Sabah and Sarawak has undergone some changes in terms of the Peak Ground Acceleration (PGA) value. The revision to the PGA has raised a concern on the safety of oil and gas onshore structures as these structures were not designed to accommodate the new PGA values which are much higher than the previous values used in the original design. In view of the high numbers of structures and buildings to be re-assessed, a risk assessment methodology has been developed to prioritize and rank the assets in terms of their criticality against the new seismic loading. To-date such risk assessment method for oil and gas onshore structures is lacking, and it is the main intention of this technical paper to share the risk assessment methodology and risk elements scoring finalized via Delphi Method. The finalized methodology and the values used to rank the risk elements have been established based on years of relevant experience on the subject matter and based on a series of rigorous discussions with professionals in the industry. The risk scoring is mapped against the risk matrix (i.e., the LOF versus COF) and hence, the overall risk for the assets can be obtained. The overall risk can be used to prioritize and optimize integrity assessment, repair and strengthening work against the new seismic mapping of the country.

Keywords: methodology, PGA, risk, seismic

Procedia PDF Downloads 134

Authors: Ulas Cinar, Omer Faruk Ugurlu, Selcuk Cebi

Abstract:

Occupational safety risk management is the most important element of a safe working environment. Effective risk management can only be possible with accurate analysis and evaluations. Scoring-based risk assessment methods offer considerable ease of application as they convert linguistic expressions into numerical results. It can also be easily adapted to any field. Contrary to all these advantages, important problems in scoring-based methods are frequently discussed. Effective measurability is one of the most critical problems. Existing methods allow experts to choose a score equivalent to each parameter. Therefore, experts prefer the score of the most likely outcome for risk. However, all other possible consequences are neglected. Assessments of the existing methods express the most probable level of risk, not the real risk of the enterprises. In this study, it is aimed to develop a method that will present a more comprehensive evaluation compared to the existing methods by evaluating the probability and severity scores, all sub-parameters, and potential results, and a new scoring-based method is proposed in the literature.

Keywords: occupational health and safety, risk assessment, scoring based risk assessment method, underground mining, weighted risk scores

Procedia PDF Downloads 122

Authors: Thitaporn Thoopputra, Tipaporn Pongmesa, Shuchuen Li

Abstract:

Aims: To evaluate the application of non-invasive diabetes risk assessment tool in community pharmacy setting. Methods: Thai diabetes risk score was applied to assess individuals at risk of developing type 2 diabetes. Interactive computer-based risk screening (IT) and paper-based risk screening (PT) tools were applied. Participants aged over 25 years with no known diabetes were recruited in six participating pharmacies. Results: A total of 187 clients, mean aged (+SD) was 48.6 (+10.9) years. 35% were at high risk. The mean value of willingness-to-pay for the service fee in IT group was significantly higher than PT group (p=0.013). No significant difference observed for the satisfaction between groups. Conclusions: Non-invasive risk assessment tool, whether paper-based or computerized-based can be applied in community pharmacy to support the enhancing role of pharmacists in chronic disease management. Long term follow up is needed to determine the impact of its application in clinical, humanistic and economic outcomes.

Keywords: community pharmacy, intervention, prevention, risk assessment, type 2 diabetes

Procedia PDF Downloads 490

Authors: A. Swetha

Abstract:

This study aims to prioritize and explore critical risks in construction project assessment, employing the Weighted Average Index method and Principal Component Analysis (PCA). Through extensive literature review and expert interviews, project assessment risk factors were identified across Budget and Cost Management Risk, Schedule and Time Management Risk, Scope and Planning Risk, Safety and Regulatory Compliance Risk, Resource Management Risk, Communication and Stakeholder Management Risk, and Environmental and Sustainability Risk domains. A questionnaire was distributed to stakeholders involved in construction activities in Hyderabad, India, with 180 completed responses analyzed using the Weighted Average Index method to prioritize risk factors. Subsequently, PCA was used to understand relationships between these factors and uncover underlying patterns. Results highlighted dependencies on critical resources, inadequate risk assessment, cash flow constraints, and safety concerns as top priorities, while factors like currency exchange rate fluctuations and delayed information dissemination ranked lower but remained significant. These insights offer valuable guidance for stakeholders to mitigate risks effectively and enhance project outcomes. By adopting systematic risk assessment and management approaches, construction projects in Hyderabad and beyond can navigate challenges more efficiently, ensuring long-term viability and resilience.

Keywords: construction project assessment risk factor, risk prioritization, weighted average index, principal component analysis, project risk factors

Procedia PDF Downloads 10

Authors: Uzoma Igboji

Abstract:

Cybercrimes involves crimes committed on the internet using the computer as a tool or targeted victim. In Nigeria today, there are many varieties of crimes that are committed on the internet daily, some are directed to the computers while the others are directed to the computer users. Cyber terrorism, identity theft, internet chat room, piracy and hacking are identified as types of cyber crimes. Usually, these crimes are perpetrated in forms of like sending of fraudulent and bogus financial proposals from cyber crimes to innocent internet users. The increasing rates of cyber crimes have become strong threats to the society, organizations and country’s reputation, E-commerce growth, denial of innocent Nigerian opportunity abroad and reduced productivity. This study identified some of the causes of cybercrimes to include urbanization, high rate of unemployment, corruption, easy accessibility to internet and weak implementation of cyber crimes in Nigeria. Therefore, internet users should inculcate the habit of continuously updating their knowledge about the ever changing ICTs through this, they can be well informed about the current trends in cybercrimes and how the cybercrimes carryout their dubious activities. Thus, how they can devise means of protecting their information from cyber criminals. Internet users should be security conscious at all times .Recommendations were proposed on how these crimes can be minimized if not completely eradicated.

Keywords: cyber-crimes, cyber-terrorism, cyber-criminals, Nigeria

Procedia PDF Downloads 508

Authors: Mohammed E. Mansour, Tamador M. A. Elhassan, Nahid A. Ibrahim, Awatif A. Ahmed, Manal A. Abdalla

Abstract:

Rift valley fever (RVF) is mosquito-borne disease. RVF is transboundary zoonotic disease. It has socioeconomic and public health importance. This paper describes qualitative risk of the RVF vaccine production. RVF is endemic in the Sudan. It has been reported in Sudan due to abundance of Ades Eqytie. Thus, there is huge effort to control it. Vaccination practices had significant role to control and manage RVF. The risk assessment explains the likelihood of a risk as likely. Thus, insecticides and repellents synergize the effort of the vaccination.

Keywords: qualitative analysis, risk assessment, rift valley fever vaccine, quality control

Procedia PDF Downloads 489

Authors: Elham Rajabian

Abstract:

The ascent of cybersecurity incidents is a rising threat to most organisations in general, while the impact of the incidents is unique to each of the organizations. It is a need for behavioural sciences to concentrate on employees’ behaviour in order to prepare key security mitigation opinions versus cybersecurity incidents. There are noticeable differences among users of a computer system in terms of complying with security behaviours. We can discuss the people's differences under several subjects such as delaying tactics on something that must be done, the tendency to act without thinking, future thinking about unexpected implications of present-day issues, and risk-taking behaviours in security policies compliance. In this article, we introduce high-profile cyber-attacks and their impacts on weakening cyber resiliency in organizations. We also give attention to human errors that influence network security. Human errors are discussed as a part of psychological matters to enhance compliance with the security policies. The organizational challenges are studied in order to shape a sustainable cyber risks management approach in the related work section. Insiders’ behaviours are viewed as a cyber security gap to draw proper cyber resiliency in section 3. We carry out the best cybersecurity practices by discussing four CIS challenges in section 4. In this regard, we provide a guideline and metrics to measure cyber resilience in organizations in section 5. In the end, we give some recommendations in order to build a cybersecurity culture based on individual behaviours.

Keywords: cyber resilience, human factors, cybersecurity behavior, attitude, usability, security culture

Procedia PDF Downloads 78

Authors: Jonathan W. Z. Lim, Vrizlynn L. L. Thing

Abstract:

Cybercrimes are on the rise, in part due to technological advancements, as well as increased avenues of exploitation. Sophisticated threat actors are leveraging on such advancements to execute their malicious intentions. The increase in cybercrimes is prevalent, and it seems unlikely that they can be easily eradicated. A more serious concern is that the community may come to accept the notion that this will become the trend. As such, the key question revolves around how we can reduce cybercrime in this evolving landscape. In our paper, we propose to build a systematic framework through the lens of a cyber threat actor. We explore the motivation factors behind the crimes and the crime stages of the threat actors. We then formulate intervention plans so as to discourage the act of committing malicious cyber activities and also aim to integrate ex-cyber offenders back into society.

Keywords: crime motivations, crime prevention, cybercrime, ex-cyber criminals

Procedia PDF Downloads 119

Authors: Eke Chidi Idi

Abstract:

School violence is a global phenomenon that affects one of the core institutions of modern society to some degree across many countries, and on a global scale. Within this context, this study explores the impact of parental control on perpetrators of cyber bullying as a form of school-based violence in high schools in uMgungundlovu district of KwaZulu-Natal province in South Africa. Insights for this study were drawn from 18 in-depth interviews and two (2) focus group forums. The key themes that emerged from the findings include: (1) Parents are ignorant of their children involvement in cyber-crimes (2) Parents cannot adequately monitor what their children do on their cell phones (3) Female learners are the most affected as victims of cyber-crime.

Keywords: school, violence, parental control, cyber bullying

Procedia PDF Downloads 137

Authors: Atousa Khodadadyan, Gabe Mythen, Hirbod Assa, Beverley Bishop

Abstract:

Risk assessment and the knowledge provided through this process is a crucial part of any decision-making process in the management of risks and uncertainties. Failure in assessment of risks can cause inadequacy in the entire process of risk management, which in turn can lead to failure in achieving organisational objectives as well as having significant damaging consequences on populations affected by the potential risks being assessed. The choice of tools and techniques in risk assessment can influence the degree and scope of decision-making and subsequently the risk response strategy. There are various available qualitative and quantitative tools and techniques that are deployed within the broad process of risk assessment. The sheer diversity of tools and techniques available to practitioners makes it difficult for organisations to consistently employ the most appropriate methods. This tools and techniques adaptation is rendered more difficult in public risk regulation organisations due to the sensitive and complex nature of their activities. This is particularly the case in areas relating to the environment, food, and human health and safety, when organisational goals are tied up with societal, political and individuals’ goals at national and international levels. Hence, recognising, analysing and evaluating different decision support tools and techniques employed in assessing risks in public risk management organisations was considered. This research is part of a mixed method study which aimed to examine the perception of risk assessment and the extent to which organisations practise risk assessment’ tools and techniques. The study adopted a semi-structured questionnaire with qualitative and quantitative data analysis to include a range of public risk regulation organisations from the UK, Germany, France, Belgium and the Netherlands. The results indicated the public risk management organisations mainly use diverse tools and techniques in the risk assessment process. The primary hazard analysis; brainstorming; hazard analysis and critical control points were described as the most practiced risk identification techniques. Within qualitative and quantitative risk analysis, the participants named the expert judgement, risk probability and impact assessment, sensitivity analysis and data gathering and representation as the most practised techniques.

Keywords: decision-making, public risk management organisations, risk assessment, tools and techniques

Procedia PDF Downloads 263

Authors: Mohsen Shirani, Micaela Demichela

Abstract:

During the last decades, a number of food crises such as Bovine Spongiform Encephalopathy (BSE), Mad-Cow disease, Dioxin in chicken food, Food-and-Mouth Disease (FMD), have certainly inflicted the reliability of the food industry. Consequently, the trend in applying different scientific methods of risk assessment in food safety has obtained more attentions in the academic and practice. However, lack of practical approach considering entire food supply chain is tangible in the academic literature. In this regard, this paper aims to apply risk assessment tool (FMEA) with integration of Human Factor along the entire supply chain of food production and test the method in a case study of Diary production, and analyze its results.

Keywords: FMEA, food supply chain, risk assessment, human factor

Procedia PDF Downloads 418

Authors: Mireille Elhajj, Washington Ochieng, Deeph Chana

Abstract:

The challenges of the rapid growth in the demand for transport has traditionally been seen within the context of the problems of congestion, air quality, climate change, safety, and affordability. However, there are increasing threats including those related to crime such as cyber-attacks that threaten the security of the transport of people and goods. To the best of the authors’ knowledge, this paper presents for the first time, a comprehensive framework for the assessment of the current and future security issues of multi-modal transport systems. The approach or method proposed is based on a structured framework starting with a detailed specification of the transport asset map (transport system architecture), followed by the identification of vulnerabilities. The asset map and vulnerabilities are used to identify the various approaches for exploitation of the vulnerabilities, leading to the creation of a set of threat scenarios. The threat scenarios are then transformed into risks and their categories, and include insights for their mitigation. The consideration of the mitigation space is holistic and includes the formulation of appropriate policies and tactics and/or technical interventions. The quality of the framework is ensured through a structured and logical process that identifies the stakeholders, reviews the relevant documents including policies and identifies gaps, incorporates targeted surveys to augment the reviews, and uses subject matter experts for validation. The approach to categorising security risks is an extension of the current methods that are typically employed. Specifically, the partitioning of risks into either physical or cyber categories is too limited for developing mitigation policies and tactics/interventions for transport systems where an interplay between physical and cyber processes is very often the norm. This interplay is rapidly taking on increasing significance for security as the emergence of cyber-physical technologies, are shaping the future of all transport modes. Examples include: Connected Autonomous Vehicles (CAVs) in road transport; the European Rail Traffic Management System (ERTMS) in rail transport; Automatic Identification System (AIS) in maritime transport; advanced Communications, Navigation and Surveillance (CNS) technologies in air transport; and the Internet of Things (IoT). The framework adopts a risk categorisation scheme that considers risks as falling within the following threat→impact relationships: Physical→Physical, Cyber→Cyber, Cyber→Physical, and Physical→Cyber). Thus the framework enables a more complete risk picture to be developed for today’s transport systems and, more importantly, is readily extendable to account for emerging trends in the sector that will define future transport systems. The framework facilitates the audit and retro-fitting of mitigations in current transport operations and the analysis of security management options for the next generation of Transport enabling strategic aspirations such as systems with security-by-design and co-design of safety and security to be achieved. An initial application of the framework to transport systems has shown that intra-modal consideration of security measures is sub-optimal and that a holistic and multi-modal approach that also addresses the intersections/transition points of such networks is required as their vulnerability is high. This is in-line with traveler-centric transport service provision, widely accepted as the future of mobility services. In summary, a risk-based framework is proposed for use by the stakeholders to comprehensively and holistically assess the security of transport systems. It requires a detailed understanding of the transport architecture to enable a detailed vulnerabilities analysis to be undertaken, creates threat scenarios and transforms them into risks which form the basis for the formulation of interventions.

Keywords: mitigations, risk, transport, security, vulnerabilities

Procedia PDF Downloads 144

Authors: Salima Smiti, Ines Gasmi, Makram Soui

Abstract:

Credit risk is the most important issue for financial institutions. Its assessment becomes an important task used to predict defaulter customers and classify customers as good or bad payers. To this objective, numerous techniques have been applied for credit risk assessment. However, to our knowledge, several evaluation techniques are black-box models such as neural networks, SVM, etc. They generate applicants’ classes without any explanation. In this paper, we propose to assess credit risk using rules classification method. Our output is a set of rules which describe and explain the decision. To this end, we will compare seven classification algorithms (JRip, Decision Table, OneR, ZeroR, Fuzzy Rule, PART and Genetic programming (GP)) where the goal is to find the best rules satisfying many criteria: accuracy, sensitivity, and specificity. The obtained results confirm the efficiency of the GP algorithm for German and Australian datasets compared to other rule-based techniques to predict the credit risk.

Keywords: credit risk assessment, classification algorithms, data mining, rule extraction

Procedia PDF Downloads 159

Authors: S. Cowley, M. Lawrance, D. Bick, R. McCord

Abstract:

Technology that automates manual handling (musculoskeletal disorder or MSD) risk assessments is increasingly available to ergonomists, engineers, generalist health and safety practitioners alike. The risk assessment process is generally based on the use of wearable motion sensors that capture information about worker movements for real-time or for posthoc analysis. Traditionally, MSD risk assessment is undertaken with the assistance of a checklist such as that from the SafeWork Australia code of practice, the expert assessor observing the task and ideally engaging with the worker in a discussion about the detail. Automation enables the non-expert to complete assessments and does not always require the assessor to be there. This clearly has cost and time benefits for the practitioner but is it an improvement on the assessment by the human. Human risk assessments draw on the knowledge and expertise of the assessor but, like all risk assessments, are highly subjective. The complexity of the checklists and models used in the process can be off-putting and sometimes will lead to the assessment becoming the focus and the end rather than a means to an end; the focus on risk control is lost. Automated risk assessment handles the complexity of the assessment for the assessor and delivers a simple risk score that enables decision-making regarding risk control. Being machine-based, they are objective and will deliver the same each time they assess an identical task. However, the WHS professional needs to know that this emergent technology asks the right questions and delivers the right answers. Whether it improves the risk assessment process and results or simply distances the professional from the task and the worker. They need clarity as to whether automation of manual task risk analysis and reporting leads to risk control or to a focus on the worker. Critically, they need evidence as to whether automation in this area of hazard management leads to better risk control or just a bigger collection of assessments. Practitioner experienced determinants of this automated manual task risk analysis and reporting being a benefit or distraction will address an understanding of emergent risk assessment technology, its use and things to consider when making decisions about adopting and applying these technologies.

Keywords: automated, manual-handling, risk-assessment, machine-based

Procedia PDF Downloads 101