Search results for: cyber security strategic

Authors: Jihen Bennaceur, Wissem Zouaghi, Ali Mabrouk

Abstract:

The major aim of cyber threat intelligence (CTI) is to provide sophisticated knowledge about cybersecurity threats to ensure internal and external safeguards against modern cyberattacks. Inaccurate, incomplete, outdated, and invaluable threat intelligence is the main problem. Therefore, data analysis based on AI algorithms is one of the emergent solutions to overcome the threat of information-sharing issues. In this paper, we propose a supervised machine learning-based algorithm to improve threat information sharing by providing a sophisticated classification of cyber threats and data. Extensive simulations investigate the accuracy, precision, recall, f1-score, and support overall to validate the designed algorithm and to compare it with several supervised machine learning algorithms.

Keywords: threat information sharing, supervised learning, data classification, performance evaluation

Procedia PDF Downloads 114

Authors: Mohammad Reza Nafar

Abstract:

In order to get a better understanding of supply chain visibility for creating strategic value, this paper uses a dynamic capability lens to reveal the nature of supply chain visibility. This paper identifies the importance of supply chain visibility in driving supply chain reconfigurability and consequently improving supply chain strategic performance. Empirical evidence shows that visibility has a direct impact on supply chain strategic performance. It also supports that visibility is important for enhancing supply chain reconfigurability, thus creating strategic value in supply chains. Supply chain visibility, therefore, enables firms to reconfigure their supply chain resources for a better competitive advantage. From the perspective of practitioners, the results display several insights into how managers should create strategic value from supply chain visibility. Prominently, managers or decision-makers need to take advantage of supply chain visibility in order to use and recombine resources in a value creation manner.

Keywords: supply chain visibility, strategic performance, competitive advantage, resource mobilization, information system

Procedia PDF Downloads 198

Authors: Andi Intan Purnamasari, Supriyadi, Sulbadana, Aminuddin Kasim

Abstract:

Law functions as social control. Providing arrangements not only for legal certainty, but also in the scope of justice and expediency. The three values ​​achieved by law essentially function to bring comfort to each individual in carrying out daily activities. However, it is undeniable that global conditions have changed the orientation of people's lifestyles. Some people want to ensure their existence in the digital world which is popularly known as the metaverse. Some countries even project their city to be a metaverse city. The order of life is no longer limited to the real space, but also to the cyber world. Not infrequently, legal events that occur in the cyber world also force the law to position its position and even prevent crime in cyberspace. Through this research, conceptually it provides a view of the legal position in crime prevention in the Metaverse world. when the law acts to regulate the situation in the virtual world, of course some people will feel disturbed, this is due to the thought that the virtual world is a world in which an avatar can do things that cannot be done in the real world, or can be called a world without boundaries. Therefore, when the law is present to provide boundaries, of course the concept of the virtual world itself becomes no longer a cyber world that is not limited by space and time, it becomes a new order of life. approach, approach, approach, approach, and approach will certainly be the method used in this research.

Keywords: crime, cyber, metaverse, law

Procedia PDF Downloads 119

Authors: Haydar Teymourlouei

Abstract:

Cybersecurity is one of the greatest challenges society faces in an age revolving around technological development. With cyber-attacks on the continuous rise, the nation needs to understand and learn ways that can prevent such attacks. A major contribution that can change the education system is to implement laboratories and competitions into academia. This method can improve and educate students with more hands-on exercises in a highly motivating setting. Considering the fact that students are the next generation of the nation’s workforce, it is important for students to understand concepts not only through books, but also through actual hands-on experiences in order for them to be prepared for the workforce. An effective cybersecurity education system is critical for creating a strong cyber secure workforce today and for the future. This paper emphasizes the need for awareness and the need for competitions and cybersecurity laboratories to be implemented into the education system.

Keywords: awareness, competition, cybersecurity, laboratories, workforce

Procedia PDF Downloads 307

Authors: P. Řehoř, D. Holátová, V. Doležalová

Abstract:

Paper deals with analysis of strategic management methods in non-profit making organization in the Czech Republic. Strategic management represents an aggregate of methods and approaches that can be applied for managing organizations - in this article the organizations which associate owners and keepers of non-state forest properties. Authors use these methods of strategic management: analysis of stakeholders, SWOT analysis and questionnaire inquiries. The questionnaire was distributed electronically via e-mail. In October 2013 we obtained data from a total of 84 questionnaires. Based on the results the authors recommend the using of confrontation strategy which improves the competitiveness of non-profit making organizations.

Keywords: strategic management, non-profit making organization, strategy analysis, SWOT analysis, strategy, competitiveness

Procedia PDF Downloads 456

Authors: Shailendra Natraj, Kristin Paetzold, B. R. Katzy

Abstract:

The significant role of technology in strategic business decisions has created the need for executives who understand technology and recognize profitable applications to products, services and processes. The role of CTO’s is very complex within technology-based firms, which stretches from the technology aspects to the strategic goal and vision of the firm. Often the roles of CTOs scales from as functional leaders, strategic leaders or supera- functional leaders. In most of the companies the roles are unclear and fuzzy. We in our research are trying to explore each of the orientation and link between leadership types (functional, strategic and super functional) of CTOs, responsibilities, credibility and strategic and conceptual responsibilities. Approach: We conducted a comprehensive literature review with the available databank sources. Results: From the conducted literature review we could identify that most of the research work conducted so far were mainly distributed between roles and responsibilities of CTOs. The available sources pointed were limited to roles of CTOs as functional leaders. Contribution: In our findings based on the literature review, we could identify that apart from the conducted research what so far has not been focused yet are (a) The leadership types (mainly) strategic and super-functional leaders) of CTOs, (b) the responsibilities and credibility of CTOs and (c) the strategic and conceptual responsibilities of CTOs.

Keywords: CTO, chief technology officer, strategy, technology leaders

Procedia PDF Downloads 474

Authors: Yosr Ghozzi

Abstract:

The Cyber-Physical Systems terminology has been well received by the industrial community and specifically appropriated in educational settings. Indeed, our latest educational activities are based on the development of experimental platforms on an industrial scale. In fact, we built a collaborative learning model because of an international market study that led us to place ourselves at the heart of this technology. To align with these findings, a competency-based approach study was conducted, and program content was revised by reflecting the projectbased approach. Thus, this article deals with the development of educational devices according to a generated curriculum and specific educational activities while respecting the repository of skills adopted from what constitutes the educational cyber-physical production systems and the laboratories that are compliant and adapted to them. The implementation of these platforms was systematically carried out in the school's workshops spaces. The objective has been twofold, both research and teaching for the students in mechatronics and logistics of the electromechanical department. We act as trainers and industrial experts to involve students in the implementation of possible extension systems around multidisciplinary projects and reconnect with industrial projects for better professional integration.

Keywords: education 4.0, competency-based learning, teaching factory, project-based learning, cyber-physical systems, industry 4.0

Procedia PDF Downloads 68

Authors: Nipuli Gajanayake

Abstract:

The Russian military role beyond its national frontier has become a debatable hot topic in the international political arena. It’s advanced, and strategic responses in combating regional and international security problems have always been a factor to debate and criticize. Under such critical circumstances, Russia is attentive to play its military role according to the provisions of the Military Doctrine of the Russian Federation. Most importantly, the legal basis of the doctrine has also consisted with the generally recognized principles and norms of international law. Therefore, Russian international military assistances are pledged to accomplish international peace and security. The expansion of Russian military participation in the United Nations Peacekeeping operations, and military- political, and technical cooperation have largely evident the great effort of Russia in maintaining and restoring international peace and security. Moreover, the conflict management diplomacy and the development of dialogue with nation states to confront military risks and threats can also identify as a part of preserving international peace and security. In addition, Russia strives to strengthen the system of collective security with regional and international organizations through the legal framework of the Collective Security Treaty Organization (CSTO). Maintaining cooperative ties with the Commonwealth of Independent States (CIS), the Organization for Security and Cooperation in Europe (OSCE) and the Shanghai Cooperation Organization (SCO) have highlighted the Russian deliberation on maintaining regional peace and security. Nevertheless, the extension of cordial relations with nation states and providing of military assistances during tensions and conflicts on their territories can also underscore as Russians commitments on maintaining international peace and security. Observing and recognizing the disparity between the West portrayed terms like ‘illegal Russian interventions’ and the comprehensive reality behind the ‘Russian military assistances’ are important to understand. However, a lopsided vision or a perspective towards the Russian international military role would not present a clear understanding about its valued and also dedicated hard work on maintaining international peace and security.

Keywords: collective security, diplomacy, international military role of Russia, international peace and security

Procedia PDF Downloads 272

Authors: Bahman Ghaderi, Hedayat Hosseini, Parviz Kafche

Abstract:

The role of knowledge management processes in achieving the strategic goals of organizations is crucial. To this end, understanding the relationship between knowledge management processes and different aspects of strategic thinking (followed by long-term organizational planning) should be considered. This research examines the relationship between each of the five knowledge management processes (creation, storage, transfer, audit, and deployment) with each dimension of strategic thinking (vision, creativity, thinking, communication and analysis) in one of the major sectors of the food industry in Iran. In this research, knowledge management and its dimensions (knowledge acquisition, knowledge storage, knowledge transfer, knowledge auditing, and finally knowledge utilization) as independent variables and strategic thinking and its dimensions (creativity, systematic thinking, vision, strategic analysis, and strategic communication) are considered as the dependent variable. The statistical population of this study consisted of 245 managers and employees of Minoo Food Industrial Group in Tehran. In this study, a simple random sampling method was used, and data were collected by a questionnaire designed by the research team. Data were analyzed using SPSS 21 software. LISERL software is also used for calculating and drawing models and graphs. Among the factors investigated in the present study, knowledge storage with 0.78 had the most effect, and knowledge transfer with 0.62 had the least effect on knowledge management and thus on strategic thinking.

Keywords: knowledge management, strategic thinking, knowledge management processes, food industry

Procedia PDF Downloads 141

Authors: Michał Witas

Abstract:

This paper presents a technical approach to analysis of security of SCADA systems. Main goal of the paper is to make SCADA administrators aware of risks resulting from SCADA systems usage and to familiarize with methods that can be adopt to existing or planned system, to increase overall system security level. Because SCADA based systems become a industrial standard, more attention should be paid to the security of that systems. Industrial Control Systems (ICS) like SCADA are responsible for controlling crucial aspects of wide range of industrial processes. In pair with that responsibility, goes a lot of money that can be earned or lost – this fact is main reason of increased interest of attackers. Additionally ICS are often responsible for maintaining resources strategic from the point of view of national economy, like electricity (including nuclear power plants), heating, water resources or military facilities, so they can be targets of terrorist cybernetic attacks. Without proper risk analysis and management, vulnerabilities resulting from the usage of SCADA can be easily exploited by potential attacker. Paper is based mostly on own experience in systems security, gathered during academic studies and professional work in international company. As title suggests, it will cover only basics of topic, because every of points mentioned in the document can be base for additional research and papers.

Keywords: denial of service, SCADA, security policy, distributed network

Procedia PDF Downloads 343

Authors: Juha Kettunen

Abstract:

The study analyzes the quality and the size of the strategic network of higher education institutions and the concept of fitness for purpose in quality assurance. It also analyses the transaction costs of networking that have consequences on the number of members in the network. Empirical evidence is presented from the Consortium on Applied Research and Professional Education, which is a European strategic network of six higher education institutions. The results of the study support the argument that the number of members in the strategic network should be relatively small to provide high-quality results. The practical importance is that networking has been able to promote international research and development projects. The results of this study are important for those who want to design and improve international networks in higher education.

Keywords: higher education, network, research and development, strategic management

Procedia PDF Downloads 306

Authors: Oludare Isaac Abiodun, Esther Omolara Abiodun

Abstract:

The purpose of this paper is to demonstrate that cyberterrorism is existing and poses a threat to computer security and national security. Nowadays, people have become excitedly dependent upon computers, phones, the Internet, and the Internet of things systems to share information, communicate, conduct a search, etc. However, these network systems are at risk from a different source that is known and unknown. These network systems risk being caused by some malicious individuals, groups, organizations, or governments, they take advantage of vulnerabilities in the computer system to hawk sensitive information from people, organizations, or governments. In doing so, they are engaging themselves in computer threats, crime, and terrorism, thereby making the use of computers insecure for others. The threat of cyberterrorism is of various forms and ranges from one country to another country. These threats include disrupting communications and information, stealing data, destroying data, leaking, and breaching data, interfering with messages and networks, and in some cases, demanding financial rewards for stolen data. Hence, this study identifies many ways that cyberterrorists utilize the Internet as a tool to advance their malicious mission, which negatively affects computer security and safety. One could identify causes for disparate anomaly behaviors and the theoretical, ideological, and current forms of the likelihood of cyberterrorism. Therefore, for a countermeasure, this paper proposes the use of previous and current computer security models as found in the literature to help in countering cyberterrorism

Keywords: cyberterrorism, computer security, information, internet, terrorism, threat, digital forensic solution

Procedia PDF Downloads 68

Authors: Joseph Udofia, Isaac Olufadewa

Abstract:

Everyday, the size of Electronic Health Records data keeps increasing as new patients visit health practitioner and returning patients fulfil their appointments. As these data grow, so is their susceptibility to cyber-attacks from criminals waiting to exploit this data. In the US, the damages for cyberattacks were estimated at $8 billion (2018), $11.5 billion (2019) and $20 billion (2021). These attacks usually involve the exposure of PII. Health data is considered PII, and its exposure carry significant impact. To this end, an enhancement of Health Policy and Standards in relation to data security, especially among patients and their clinical providers, is critical to ensure ethical practices, confidentiality, and trust in the healthcare system. As Clinical accelerators and applications that contain user data are used, it is expedient to have a review and revamp of policies like the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Fast Healthcare Interoperability Resources (FHIR), all aimed to ensure data protection and security in healthcare. FHIR caters for healthcare data interoperability, FHIR caters to healthcare data interoperability, as data is being shared across different systems from customers to health insurance and care providers. The astronomical cost of implementation has deterred players in the space from ensuring compliance, leading to susceptibility to data exfiltration and data loss on the security accuracy of protected health information (PHI). Though HIPAA hones in on the security accuracy of protected health information (PHI) and PCI DSS on the security of payment card data, they intersect with the shared goal of protecting sensitive information in line with industry standards. With advancements in tech and the emergence of new technology, it is necessary to revamp these policies to address the complexity and ambiguity, cost barrier, and ever-increasing threats in cyberspace. Healthcare data in the wrong hands is a recipe for disaster, and we must enhance its protection and security to protect the mental health of the current and future generations.

Keywords: cloud security, healthcare, cybersecurity, policy and standard

Procedia PDF Downloads 45

Authors: Amna Khaliq

Abstract:

This research project centers on Canadian business leaders’ phenomenological online education expansion by navigating the challenges faced by strategic leaders concerning the expansion of online education in the Canadian higher education sector from a business perspective. The study identifies the problems and opportunities of faculty members’ transition from traditional face-to-face to online instruction, particularly in the context of technology-enhanced learning (TEL), and their influence on the growth strategies of Canadian educational institutions. It explores strategic leaders’ approaches and the impact of emerging technologies to assist with developing and executing business strategies to expand online education in Canada. As online education has gained prominence in the country, this research addresses a relevant business problem for educational institutions. The research employs a phenomenological approach in the qualitative research design to conduct this investigation. The study interviews eighteen faculty members engaged in online education in Canada. The interview data is analyzed to answer the three research questions for strategic leaders to expand online education with higher education institutions in Canada. The recommendations include 1) data privacy, infrastructure, security, and technology, 2) support and training for student engagement, 3) accessibility and inclusion, and 4) collaboration among institutions associated with expanding online education.

Keywords: strategic leadership, Canada, education, technology

Procedia PDF Downloads 31

Authors: Jayantha Withanaarachchi, Sujeeva Setunge, Sara Moridpour

Abstract:

Gaps in strategic thinking and planning lead to critical transport infrastructure resilience. These gaps in strategic transport and land use development planning have an impact on communities and cities. Natural and man-induced disasters can be catastrophic to communities. After a disaster, many types of critical infrastructure, including transport infrastructure gets un-usable or gets damaged. This paper examines strategic thinking behind the resilience and protection of Critical Transport Infrastructure (CI) within transport networks by investigating the impact of disasters such as bushfires, hurricanes and earthquakes. A detailed analysis of three case studies have been conducted to identify the gaps in strategic transport planning and strategic decision making processes required to mitigate the impacts of disasters. Case studies will be analysed to identify existing gaps in road design, transport planning and decision making. This paper examines the effect of road designing, transport corridors and decision making during transport planning stages and how it impacts transport infrastructure as well as community resilience. A set of recommendations to overcome the shortcomings of existing strategic planning and designing process are presented. This research paper reviews transport infrastructure planning issues and presents the common approach suitable for future strategic thinking and planning which could be adopted in practices.

Keywords: community resilience, decision making , infrastructure resilience, strategic transport planning, transport infrastructure

Procedia PDF Downloads 253

Authors: Zhao Liu, Kang Cao

Abstract:

Strategic spatial planning, which is taken as an effective and competitive way for the governors of the city to improve the development and management level of a city, has been blooming in recent years all over the world. In the context of globalization and informatization, strategic spatial planning must transfer its focus on three different levels: global, regional and urban. Internal and external changes in environmental conditions lead to new advances in strategic planning both theoretically and practically. However, such advances or changes respond differently to cities on account of different dynamic mechanisms. This article aims at two cities of Tianjin in China and Melbourne in Australia, through a comparative study on strategic planning, to explore the differentiation of mechanisms in urban planning. By comparison and exploration, the purpose of this article is to exhibit two different planning worlds, western and Chinese, in a new way. The article can be divided into four parts. The first part outlines strategic planning transformations in the new era on three levels, generally analysing the internal and external environmental factors of today. The second part indicates the concepts of strategic planning theoretically, demonstrating briefly its development background and process in western and China, respectively. The third part takes Tianjin and Melbourne urban strategic spatial planning as examples to mainly carry on the contrast research from the aspects of strategic planning mode, competitive mechanism, contents, strategy implementation and management. It is expected to summarize the differences and similarities of the two plans, meanwhile, to explore the inherent factors or mechanisms probably spatial, material, political and etc., which affect cities in the course of urban planning. The final part is a summary of general mechanisms of planning from the perspective of strategic spatial planning.

Keywords: differentiation, strategic planning, Melbourne, Australia, Tianjin, China

Procedia PDF Downloads 492

Authors: Karin Megheșan, Alexandra Popescu, Teodora Dobre

Abstract:

In the past few years, the Russian Federation has become a central point on the security agenda of the most important international actors, due to its reloaded aggressiveness of foreign policy. Vladimir Putin, the actual president of the Russian Federation, has proven that Russia can and has the willingness to become the powerful actor that used to be during the Cold War. Russia’s new behavior on the international scene showed that Russia has not only expansionist (where expansionist is not only in terms of territory but also of ideology) intentions, but also the necessary resources, to build an empire that may have the power to counterbalance the influence of the United States and stop the expansion of the North-Atlantic Treaty Organization in an equation understood of multipolar Russian view. But in order to do this, there is necessary to follow a well-established plan or policy. Thus, the aim of the paper is to discuss how has the foreign policy of the Russian Federation evolved under the influence of the military and security strategies of the Russian nation, to briefly examine some of the factors that sculpture Russian foreign policy and behavior, in order to reshape a Russian (Soviet) profile so far considered antiquated. Our approach is an argument in favor of the analyses of the recent evolutions embedded in the course of history. In this context, the paper will include analytical thoughts about the Russian foreign policy and the latest strategic documents (security strategy and military doctrine) adopted by the Putin administration, with the purpose to highlight the main direction of action followed by all these documents together. The paper concludes that the military component is to be found in all these strategic documents, as well as at the core of Russian national interest, aspect that proves that Russia is still the adept of the traditional realist paradigm, reshaped in a Russian theory of the multipolar world.

Keywords: hybrid warfare, military component, military doctrine, Russian foreign policy, security strategy

Procedia PDF Downloads 271

Authors: Ari S. Prabowo, Nia Febriyanti, Haryono B. Santosa

Abstract:

Security function that is called as Physical Protection Systems (PPS) has functions to detect, delay and response. Physical Protection Systems (PPS) in Detection and Radiation Measurement Laboratory needs to be improved continually by using internal resources. The nuclear security culture provides some potentials to support this research. The study starts by identifying the security function’s weaknesses and its strengths of security culture as a purpose. Secondly, the strengths of security culture are implemented in the laboratory management. Finally, a simulation was done to measure its effectiveness. Some changes were happened in laboratory personnel behaviors and procedures. All became more prudent. The results showed a good influence of nuclear security culture in laboratory security functions.

Keywords: laboratory, physical protection system, security culture, security function

Procedia PDF Downloads 145

Authors: Amir Ali Fatoorchi

Abstract:

Regardless of the advantage of LoT devices, they have limitations like storage, compute, and security problems. In recent years, a lot of Blockchain-based research in IoT published and presented. In this paper, we present the Security issues of LoT. IoT has three levels of security issues: Low-level, Intermediate-level, and High-level. We survey and compare blockchain-based solutions for high-level security issues and show how the underlying technology of bitcoin and Ethereum could solve IoT problems.

Keywords: Blockchain, security, data security, IoT

Procedia PDF Downloads 178

Authors: Byung-Ik Kim, Hong-Koo Kang, Tae-Jin Lee, Hae-Ryong Park

Abstract:

Cyber terrors against specific enterprises or countries have been increasing recently. Such attacks against specific targets are called advanced persistent threat (APT), and they are giving rise to serious social problems. The malicious behaviors of APT attacks mostly affect websites and penetrate enterprise networks to perform malevolent acts. Although many enterprises invest heavily in security to defend against such APT threats, they recognize the APT attacks only after the latter are already in action. This paper discusses the characteristics of APT attacks at each step as well as the strengths and weaknesses of existing malicious code detection technologies to check their suitability for detecting APT attacks. It then proposes a network-based malicious behavior detection algorithm to protect the enterprise or national networks.

Keywords: Advanced Persistent Threat (APT), malware, network security, network packet, exploit kits

Procedia PDF Downloads 336

Authors: K. M. Anusha, R. Krishnaveni

Abstract:

Crossing a decade of the 21st century, the paradigm of human resources can be seen evolving with the strategic gene induced into it. There seems to be a radical shift descending as the corporate sector calls on its HR team to become strategic rather than administrative. This transferal eventually requires the metrics employed by these HR teams not to be just operationally reactive but to be aligned to an evidence-based strategic thinking. Realizing the growing need for a prescriptive metric model for effective HR analytics, this study has designed a conceptual framework for a basic metric model that can assist IT-HRM professionals to transition to a practice of evidence-based decision-making to enhance organizational performance.

Keywords: metric model, evidence based HR, HR analytics, strategic HR practices, IT sector

Procedia PDF Downloads 373

Authors: Shahab Khan, Damiya Saghir

Abstract:

With the advent of space technology, a new era began where space, considered the new ‘High ground,’ is used for a variety of commercial (communications, weather and navigational information, Earth resources monitoring and imagery) and military applications (surveillance, tracking, reconnaissance and espionage of adversaries). With the ever-evolving geo-political environment, where now the US foreseeing India as a counterbalance to China’s economic and military rise, significant growth in strategic collaboration between US and India has been witnessed, particularly in the space domain. This is creating a strategic imbalance in South Asia with implications for all regional countries. This research explores the present and future of Indo-US strategic collaboration in the space domain with envisaged effects and challenges for countries in the South Asian region.

Keywords: space, satellites, Indo-US strategic agreements in space domain, balance of power in South Asian region

Procedia PDF Downloads 84

Authors: Loide Sambo

Abstract:

Achieving energy security has, in the past few decades, become one of the main goals in the security agenda of every country around the world. For Southern African Countries (SAC) the aim is not different, yet these countries face a particular challenge in the pursuit of their energy security. More than just secure enough energy sources to fuel their industrial and societal needs, SAC have as well to ensure that they trade their rich energy resources to the global market in a way that promotes and safeguards their economic development objectives. Considering the relevance of this issue to the SAC, the present paper explores the possibility of these countries to achieve energy security through regional cooperation, under the Southern Africa Development Community (SADC) platform. It discusses the challenges and opportunities for advancing energy security in this region through cooperation. After analyzing the data through the documentary analysis method, it was found that regional cooperation among SAC to improve energy security is not effective since cooperation in the region is still very susceptible to a plethora of challenges, such as political instability, lack of development of infrastructure and expertise, lack of good governance, lack of sense of cohesiveness, and most important lack of political commitment. It was also found that significant commitment on regional cooperation had been centered on the electricity sub-sector due to the region’s huge electricity deficit. Thus less commitment is dedicated to the development and policy harmonization of the other sub-sectors such as the one of natural gas and oil, for instance. Hence, it is recommended that the leadership of the SAC is fully committed to cooperate and harmonize the policies, the strategic plans, as well as the infrastructure concerning to all the natural energy resources and its respective sub-sectors. This would provide the SAC significant leverage to negotiate for the energy market access, ensuring that the region’s energy commodities are traded, while the countries themselves retain enough energy to sustain their economic growth and development, improving, therefore, their energy security.

Keywords: regional cooperation, energy security, economic development, political commitment

Procedia PDF Downloads 229

Authors: Abenezer Nigussie

Abstract:

Strategic control practice is a critical exercise, as it provides a sturdy influence towards firms or production partners to achieve the full implementation of effective predetermined plans. The importance of strategic control in a company is often measured by observing the relationship between strategic management and organizational performance. The conventional philosophy of strategic control in academia and the industry places significant emphasis on the ability to plan and execute initiatives. In contrast, the same emphasis on strategic management has received less attention in the housing industry. Although the pressures of project performance can often obscure the wider social, economic, and professional context in which strategic management is undertaken, it is these broad contextual areas that make strategic control a vital issue for construction businesses. Rapidly changing social and technological issues are creating an informed environment that will appear very different in the coming decades from what is experienced in today’s companies. Construction project activity is not adequately led by strategic management tools; projects are mostly executed through simple plans and schedules. The issues that this thesis addresses and solves involve the successful accompaniment of the construction project process through these strategic management tools. The second important aspect is an evaluation of project activity, which is mostly done through simple economic and technical valuation. However, during this research, effective strategic management tools are evaluated and suggested for the assessment of project activities. The research introduces a study of the current strategic management practices of construction companies and also presents the concept of strategic management and the areas that companies need to address to compete in the global market. A summary of an industry survey is documented along with the historical research that prompted the investigation of these topics with a focus on the implementation of tools. Strategic management is a concept that concerns making decisions and taking corrective actions to achieve the future goals and objectives of a company. The objective of this paper is to review the practice of strategic management in construction companies. Questionnaires were distributed to major construction companies listed under categories of each project capable of specifying the complete expression of strategic management tools. Findings of the research showed that the majority of development companies practice strategic management tools in the process and implementation of each tool.

Keywords: strategic management, management, analysis, project management

Procedia PDF Downloads 34

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: secure software development, software development, software security, systematic literature review

Procedia PDF Downloads 340

Authors: Zain Khalid

Abstract:

The paper outlines the trends of cyber financial crimes and frauds – approximating upto – in Pakistan after the enactment of The Prevention of Electronic Crimes Act in 2016. The paper elaborates on the newer methods that fraudsters have adopted after tighter preventive and counter measures were employed in Pakistan partly as a result of following the international finance related commitments, particularly the FATF regulations. The paper adopts case studies methods to highlight various aspects of the financial frauds and crimes committed and later investigated jointly by Pakistan’s one of the federal law enforcement agencies, the Federal Investigation Agency, and Mobilink Microfinance Bank , Pakistan’s premier microfinance bank. It additionally enriches the data through expert interviews – with crime investigators and the experts to carry out an in-depth analysis of the various factors involving the crime. This paper emphasizes the structural and situational factors that shape up the cyber financial crimes in Pakistan vis-à-vis digital illiteracy and lack of awareness among the users of financial services. This paper, thus, on the basis of findings and expert interviews, suggests policy reforms to reduce the instances of the financial crimes, especially in the remotest areas of the country.

Keywords: financial crimes, cyber crimes, digital literacy, terrorism financing, banking sector

Procedia PDF Downloads 54

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: cyber security, shared responsibility, IIOT, threat modelling

Procedia PDF Downloads 43

Authors: Brian Connett, Bryan O'Halloran

Abstract:

Systems assets within critical infrastructures were seemingly safe from the exploitation or attack by nefarious cyberspace actors. Now, critical infrastructure is a target and the resources to exploit the cyber physical systems exist. These resources are characterized in terms of patience, stealth, replication-ability and extraordinary robustness. System owners are obligated to maintain a high level of protection measures. The difficulty lies in knowing when to fortify a critical infrastructure against an impending attack. Models currently exist that demonstrate the value of knowing the attacker’s capabilities in the cyber realm and the strength of the target. The shortcomings of these models are that they are not designed to respond to the inherent fast timing of an attack, an impetus that can be derived based on open-source reporting, common knowledge of exploits of and the physical architecture of the infrastructure. A useful model will inform systems owners how to align infrastructure architecture in a manner that is responsive to the capability, willingness and timing of the attacker. This research group has used an existing theoretical model for estimating parameters, and through analysis, to develop a decision tool for would-be target owners. The continuation of the research develops further this model by estimating the variable parameters. Understanding these parameter estimations will uniquely position the decision maker to posture having revealed the vulnerabilities of an attacker’s, persistence and stealth. This research explores different approaches to improve on current attacker-defender models that focus on cyber threats. An existing foundational model takes the point of view of an attacker who must decide what cyber resource to use and when to use it to exploit a system vulnerability. It is valuable for estimating parameters for the model, and through analysis, develop a decision tool for would-be target owners.

Keywords: critical infrastructure, cyber physical systems, modeling, exploitation

Procedia PDF Downloads 167

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 135

Authors: Modesta E. Ezema, Chikwendu V. Alabekee, Victoria N. Ishiwu, Ifeyinwa NwosuArize, Chinedu I. Nwoye

Abstract:

The advent of wireless networking in computing technology cannot be overemphasized, it opened up easy accessibility to information resources, networking made easier and brought internet accessibility to our doorsteps, but despite all these, some mishap came in with it that is causing mayhem in today ‘s overall information security. The cyber criminals will always compromise the integrity of a message that is not encrypted or that is encrypted with a weak algorithm.In other to correct the mayhem, this study focuses on cryptosystem and cryptography. This ensures end to end crypt messaging. The study of various cryptographic algorithms, as well as the techniques and applications of the cryptography for efficiency, were all considered in the work., present and future applications of cryptography were dealt with as well as Quantum Cryptography was exposed as the current and the future area in the development of cryptography. An empirical study was conducted to collect data from network users.

Keywords: algorithm, cryptography, cryptosystem, network

Procedia PDF Downloads 316