Search results for: cybersecurity practices

Authors: Atma Sahu

Abstract:

After 9/11, there will only be cyberwars. The cyberwars increase in intensity the country's cybersecurity workforce's hiring and retention issues. Currently, many organizations have unfilled cybersecurity positions, and to a lesser degree, their cybersecurity teams are understaffed. Therefore, there is a critical need to develop a new program to help meet the market demand for cybersecurity engineers (CYSE) and personnel. Coppin State University in the United States was responsible for developing a cybersecurity engineering BS degree program. The CYSE curriculum design methodology consisted of three parts. First, the ACM Cross-Cutting Concepts standard's pervasive framework helped curriculum designers and students explore connections among the core courses' knowledge areas and reinforce the security mindset conveyed in them. Second, the core course context was created to assist students in resolving security issues in authentic cyber situations involving cyber security systems in various aspects of industrial work while adhering to the NIST standards framework. The last part of the CYSE curriculum design aspect was the institutional student learning outcomes (SLOs) integrated and aligned in content courses, representing more detailed outcomes and emphasizing what learners can do over merely what they know. The CYSE program's core courses express competencies and learning outcomes using action verbs from Bloom's Revised Taxonomy. This aspect of the CYSE BS degree program's design is based on these three pillars: the ACM, NIST, and SLO standards, which all CYSE curriculum designers should know. This unique CYSE curriculum design methodology will address how students and the CYSE program will be assessed and evaluated. It is also critical that educators, program managers, and students understand the importance of staying current in this fast-paced CYSE field.

Keywords: cyber security, cybersecurity engineering, systems engineering, NIST standards, physical systems

Procedia PDF Downloads 58

Authors: Serzhan Ashirov, Dana Nour, Rafat Rob, Khaled Alotaibi

Abstract:

There has been a fast growth in the introduction and use of communications, information, monitoring, and sensing technologies. The new technologies are making their way to the Industrial Control Systems as embedded in products, software applications, IT services, or commissioned to enable integration and automation of increasingly global supply chains. As a result, the lines that separated the physical, digital, and cyber world have diminished due to the vast implementation of the new, disruptive digital technologies. The variety and increased use of these technologies introduce many cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and members of the supply chain operation. US department of energy considers supply chain in the IR4 space to be the weakest link in cybersecurity. The IR4 identified the digitization of the field devices, followed by digitalization that eventually moved through the digital transformation space with little care for the new introduced cybersecurity risks. This paper will examine the best methodologies for securing the electrical substations from cybersecurity attacks due to supply chain risks, and due to digitization effort. SCADA systems are the most vulnerable part of the power system infrastructure due to digitization and due to the weakness and vulnerabilities in the supply chain security. The paper will discuss in details how create a secure supply chain methodology, secure substations, and mitigate the risks due to digitization

Keywords: cybersecurity, supply chain methodology, secure substation, digitization

Procedia PDF Downloads 41

Authors: Nkosingiphile Mbusozayo Zungu

Abstract:

The purpose of the current study is to adopt informetrics methods to analyse the research on phishing from 2012 to 2021 in three selected databases in order to contribute to global cybersecurity through impactful research. The study follows a quantitative research methodology. We opted for the positivist epistemology and objectivist ontology. The analysis focuses on: (i) the productivity of individual authors, institutions, and countries; (ii) the research contributions, using co-authorship as a measure of collaboration; (iii) the altmetrics of selected research contributions; (iv) the citation patterns and research impact of research on phishing; and (v) research contributions by keywords, to discover the concepts that are related to phishing. The preliminary findings favour developed countries in terms of quantity and quality of research in the domain. There are unique research trends and patterns in the developing countries, including those in Africa, that provide opportunities for research development in the domain in the region. This study explores an important research domain by using unexplored method in the region. The study supports the SDG Agenda 2030, such as ending abuse, exploitation, trafficking, and all other forms of violence and torture of children through the use of cyberspace (SDG 16). Further, the results from this study can inform research, teaching, and learning largely in Africa. Invariably, the study contributes to cybersecurity awareness that will mitigate cybersecurity threats against vulnerable communities.

Keywords: phishing, cybersecurity, informetrics, information security

Procedia PDF Downloads 83

Authors: Tarek Saadawi, Rosario Gennaro, Jonathan Akeley

Abstract:

There is rapidly growing demand for professionals to fill positions in Cybersecurity. This is recognized as a national priority both by government agencies and the private sector. Cybersecurity is a very wide technical area which encompasses all measures that can be taken in an electronic system to prevent criminal or unauthorized use of data and resources. This requires defending computers, servers, networks, and their users from any kind of malicious attacks. The need to address this challenge has been recognized globally but is particularly acute in the New York metropolitan area, home to some of the largest financial institutions in the world, which are prime targets of cyberattacks. In New York State alone, there are currently around 57,000 jobs in the Cybersecurity industry, with more than 23,000 unfilled positions. The Cybersecurity Program at City College is a collaboration between the Departments of Computer Science and Electrical Engineering. In Fall 2020, The City College of New York matriculated its first students in theCybersecurity Master of Science program. The program was designed to fill gaps in the previous offerings and evolved out ofan established partnership with Facebook on Cybersecurity Education. City College has designed a program where courses, curricula, syllabi, materials, labs, etc., are developed in cooperation and coordination with industry whenever possible, ensuring that students graduating from the program will have the necessary background to seamlessly segue into industry jobs. The Cybersecurity Program has created multiple pathways for prospective students to obtain the necessary prerequisites to apply in order to build a more diverse student population. The program can also be pursued on a part-time basis which makes it available to working professionals. Since City College’s Cybersecurity M.S. program was established to equip students with the advanced technical skills needed to thrive in a high-demand, rapidly-evolving field, it incorporates a range of pedagogical formats. From its outset, the Cybersecurity program has sought to provide both the theoretical foundations necessary for meaningful work in the field along with labs and applied learning projects aligned with skillsets required by industry. The efforts have involved collaboration with outside organizations and with visiting professors designing new courses on topics such as Adversarial AI, Data Privacy, Secure Cloud Computing, and blockchain. Although the program was initially designed with a single asynchronous course in the curriculum with the rest of the classes designed to be offered in-person, the advent of the COVID-19 pandemic necessitated a move to fullyonline learning. The shift to online learning has provided lessons for future development by providing examples of some inherent advantages to the medium in addition to its drawbacks. This talk will address the structure of the newly-implemented Cybersecurity Master’s Program and discuss the innovations, challenges, and possible future directions.

Keywords: cybersecurity, new york, city college, graduate degree, master of science

Procedia PDF Downloads 116

Authors: Samuel Owoade, Zainab Idowu, Idris Ajibade, Abel Uzoka

Abstract:

Cloud computing adoption continues to soar, with 83% of enterprise workloads estimated to be in the cloud by 2022. However, this rapid migration raises security concerns, needing strong security management solutions to safeguard sensitive data and essential applications. This paper investigates the critical role of technical project managers in orchestrating security management initiatives for cloud environments, evaluating their responsibilities, challenges, and best practices for assuring the resilience and integrity of cloud infrastructures. Drawing from a comprehensive review of industry reports and interviews with cloud security experts, this research highlights the multifaceted landscape of security management in cloud environments. Despite the rapid adoption of cloud services, only 25% of organizations have matured their cloud security practices, indicating a pressing need for effective management strategies. This paper proposes a strategy framework adapted to the demands of technical project managers, outlining the important components of effective cloud security management. Notably, 76% of firms identify misconfiguration as a major source of cloud security incidents, underlining the significance of proactive risk assessment and constant monitoring. Furthermore, the study emphasizes the importance of technical project managers in facilitating cross-functional collaboration, bridging the gap between cybersecurity professionals, cloud architects, compliance officers, and IT operations teams. With 68% of firms seeing difficulties integrating security policies into their cloud systems, effective communication and collaboration are critical to success. Case studies from industry leaders illustrate the practical use of security management projects in cloud settings. These examples demonstrate the importance of technical project managers in using their expertise to address obstacles and generate meaningful outcomes, with 92% of firms reporting improved security practices after implementing proactive security management tactics. In conclusion, this research underscores the critical role of technical project managers in safeguarding cloud environments against evolving threats. By embracing their role as guardians of the cloud realm, project managers can mitigate risks, optimize resource utilization, and uphold the trust and integrity of cloud infrastructures in an era of digital transformation.

Keywords: cloud security, security management, technical project management, cybersecurity, cloud infrastructure, risk management, compliance

Procedia PDF Downloads 20

Authors: Dora Martins, Susana Silva, Cândida Silva

Abstract:

Human Resources Management (HRM) has been recognized by academics and practitioners as an important element in organizations. Therefore, this paper explores the best practices of HRM and seeks to understand the level of participation in the development of these practices by human resources managers in the hospitality industry and compare it with other industries. Thus, the study compared the HRM practices of companies in the hospitality sector with HRM practices of companies in other sectors, and identifies the main differences between their HRM practices. The results show that the most frequent HRM practices in all companies, independently of its sector of activity, are hiring and training. When comparing hospitality sector with other sectors of activity, some differences were noticed, namely in the adoption of the practices of communication and information sharing, and of recruitment and selection. According to these results, the paper discusses the major theoretical and practical implications. Suggestions for future research are also presented.

Keywords: exploratory study, human resources management practices, human resources manager, hospitality companies, Portuguese companies

Procedia PDF Downloads 452

Authors: Joanna Konstantinou

Abstract:

Due to the pandemic, we have recently witnessed an explosion of HR Tech offering a variety of solutions for digital transformation, as well as a large number of HR practices implemented by professionals both in data science and occupational psychology. The aim of this study is to explore the impact of these practices and their effectiveness and to develop an understanding of digital leadership. The study will be based on semi-structured interviews using qualitative research methods and tools.

Keywords: HR practices, digital trasformation, pandemic, digital leadership

Procedia PDF Downloads 170

Authors: Eugene Wong, Felix Chan, Linsey Chen, Joey Cheung

Abstract:

The widespread use of technologies and cyber/digital means for complex maritime operations have led to a sharp rise in global cyber-attacks. They have generated an increasing number of liability disputes, insurance claims, and legal proceedings. An array of antiquated case law, regulations, international conventions, and obsolete contractual clauses drafted in the pre-technology era have become grossly inadequate in addressing the contemporary challenges. This paper offers a critique of the ambiguity of cybersecurity liabilities under the obligation of seaworthiness entailed in the Hague-Visby Rules, which apply either by law in a large number of jurisdictions or by express incorporation into the shipping documents. This paper also evaluates the legal and technological criteria for assessing whether a vessel is properly equipped with the latest offshore technologies for navigation and cargo delivery operations. Examples include computer applications, networks and servers, enterprise systems, global positioning systems, and data centers. A critical analysis of the carriers’ obligations to exercise due diligence in preventing or mitigating cyber-attacks is also conducted in this paper. It is hoped that the present study will offer original and crucial insights to policymakers, regulators, carriers, cargo interests, and insurance underwriters closely involved in dispute prevention and resolution arising from cybersecurity liabilities.

Keywords: seaworthiness, cybersecurity, liabilities, risks, maritime, transport

Procedia PDF Downloads 112

Authors: Noureddine Mohtaram, Jeremy Patrix, Jerome Verny

Abstract:

As an enormous number of online services have been developed into web applications, security problems based on web applications are becoming more serious now. Most intrusion detection systems rely on each request to find the cyber-attack rather than on user behavior, and these systems can only protect web applications against known vulnerabilities rather than certain zero-day attacks. In order to detect new attacks, we analyze the HTTP protocols of web servers to divide them into two categories: normal attacks and malicious attacks. On the other hand, the quality of the results obtained by deep learning (DL) in various areas of big data has given an important motivation to apply it to cybersecurity. Deep learning for attack detection in cybersecurity has the potential to be a robust tool from small transformations to new attacks due to its capability to extract more high-level features. This research aims to take a new approach, deep learning to cybersecurity, to classify these two categories to eliminate attacks and protect web servers of the defense sector which encounters different web traffic compared to other sectors (such as e-commerce, web app, etc.). The result shows that by using a machine learning method, a higher accuracy rate, and a lower false alarm detection rate can be achieved.

Keywords: anomaly detection, HTTP protocol, logs, cyber attack, deep learning

Procedia PDF Downloads 179

Authors: M. Mutemwa

Abstract:

A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and incident response. SOCs are critical when determining an organization’s cybersecurity posture because they can be used to detect, analyze and report on various malicious activities. For most organizations, a SOC is not part of the initial design and implementation of the Information Technology (IT) environment but rather an afterthought. As a result, it is not natively a plug and play component; therefore, there are integration challenges when a SOC is introduced into an organization. A SOC is an independent hub that needs to be integrated with existing procedures, policies and IT systems of an organization such as the service desk, ticket logging system, reporting, etc. This paper discussed the challenges of integrating a newly developed SOC to an organization’s existing IT environment. Firstly, the paper begins by looking at what data sources should be incorporated into the Security Information and Event Management (SIEM) such as which host machines, servers, network end points, software, applications, web servers, etc. for security posture monitoring. That is which systems need to be monitored first and the order by which the rest of the systems follow. Secondly, the paper also describes how to integrate the organization’s ticket logging system with the SOC SIEM. That is how the cybersecurity related incidents should be logged by both analysts and non-technical employees of an organization. Also the priority matrix for incident types and notifications of incidents. Thirdly, the paper looks at how to communicate awareness campaigns from the SOC and also how to report on incidents that are found inside the SOC. Lastly, the paper looks at how to show value for the large investments that are poured into designing, building and running a SOC.

Keywords: cybersecurity operation centre, incident response, priority matrix, procedures and policies

Procedia PDF Downloads 125

Authors: Alma Orucevic-Alagic, Martin Höst

Abstract:

Open source communities have demonstrated that complex and enterprise grade software can be produced, supported, and maintained by self-organizing groups of developers using primarily electronic form of communication. Due to the inherent nature of open source development, a specific set of open source software development practices has evolved. While there is an ongoing research on the topic of applicability of open source development practices within a company setting, still little is known about their benefits and challenges. The objective of this research is to understand if and to what degree open source development practices observed within a mature open source community are aligned with development practices within a large software and hardware company setting. For the purpose of this case study a set of open source development practices that are present in a mature open source community has been identified. Then, development practices of a large, international, hardware and software company based in Sweden were assessed and compared to the identified open source community practices. It is shown that there are many similarities between a mature open source community and a large company setting in regard to software development practices. We also identify practices that exist in open source communities and that are not standard within a company setting, but whose implementation can result in an improved software development efficiency within the company setting.

Keywords: development practices, open source software, innersource, closed open source

Procedia PDF Downloads 519

Authors: Jilly John

Abstract:

The paper reports one of the study conducted to explore the dimensions of child rearing practice and effects of power difference among parents on child rearing practices adopted in the families. The first objective investigated dimensions of child rearing practices (a) overprotection (b) disciplinarian, (c) esteem building, (d) normal, (e) harsh (f) ridicule, and (g) rejection. The second objective investigated difference among father and mother on child rearing practices. The results of the study revealed that dimensions of child rearing practices are crucial variables which resulted in form of major deviations in distribution of parents in the seven dimensions. Analysis of objective two revealed that harsh and ridicule dimensions of child rearing practices are significantly different among father and mother. The dimensions are also different when the parents are employed and according to the type of families. Thus the results of the study present the possibility of changed child rearing practices among Indian families in relation to prevalent sociodemographic changes and indicate the necessity to re-examine culture-based explanations on child rearing practices.

Keywords: child rearing practices, dimensions of child rearing, difference among parents, Indian families

Procedia PDF Downloads 375

Authors: Suwaiba Sabiu Bako, Yaw Debrah

Abstract:

In spite of the extensive literature available on the human resource management (HRM) systems and practices of multinational companies (MNCs) from developed countries, there are gaps concerning emerging countries’ multinational companies’ (EMNCs) HRM systems and practices. This study examines the transfer of HRM practices in Nigerian subsidiaries of MNCs from South Africa. It reveals that South MNCs hybridise their recruitment and selection processes and localise their compensation and employee relations. It also proves that performance appraisal, talent management and code of conduct practices are largely transferred to subsidiaries with minimal adaptation.

Keywords: EMNCs, HRM practices, HRM systems, Nigeria, South Africa

Procedia PDF Downloads 71

Authors: Jabulani Sibanda, Clemence Chikiwa

Abstract:

This paper traces diverse language practices representative of equally diverse conceptions of language. To be dynamic with languaging practices, one needs to appreciate nuanced languaging practices, their challenges, prospects, and opportunities. The paper presents what we envision as three major conceptions of language that give impetus to diverse language practices. It examines theoretical models of the bilingual mental lexicon and how they inform language practices. The paper explores classroom languaging practices that have been promulgated and experimented with. The paper advocates the deployment of multisensory semiotic systems to complement linguistic classroom communication and the acknowledgement of learners’ linguistic and semiotic resources as valid in the learning enterprise. It recommends the enactment of specific clauses on language in education policies and curriculum documents that empower classroom interactants to exercise discretion in languaging practices.

Keywords: languaging, monolingual, multilingual, semiotic and linguistic repertoire

Procedia PDF Downloads 40

Authors: Jabulani Sibanda, Clemence Chikiwa

Abstract:

This paper traces diverse language practices representative of equally diverse conceptions of language. To be dynamic with languaging practices, one needs to appreciate nuanced languaging practices, their challenges, prospects, and opportunities. The paper presents what we envision as three major conceptions of language that give impetus to diverse language practices. It examines theoretical models of the bilingual mental lexicon and how they inform language practices. The paper explores classroom languaging practices that have been promulgated and experimented with. The paper advocates the deployment of multisensory semiotic systems to complement linguistic classroom communication and the acknowledgement of learners’ linguistic and semiotic resources as valid in the learning enterprise. It recommends the enactment of specific clauses on language in education policies and curriculum documents that empower classroom interactants to exercise discretion in languaging practices.

Keywords: languaging, monolingual, multilingual, semiotic and linguistic repertoire

Procedia PDF Downloads 33

Authors: Ana C. Sanchez

Abstract:

This paper will discuss some of the bilingual practices of Heritage Spanish speakers caused by living within two cultures and two languages, Spanish, the heritage language, and English, the dominant language. When two languages remain in contact for long periods, such as the case of Spanish and English, it is common that both languages can be affected by bilingual practices such as Spanglish, code-switching, borrowing, anglicisms and calques. Examples of these translingual practices will be provided, as well as HS speaker’s linguistic dialects, and the challenges they encounter with the standard variety used in the Spanish classroom.

Keywords: heritage, practices, Spanish, speakers translingual

Procedia PDF Downloads 174

Authors: Asma Dill

Abstract:

The aim of this study is to explore the role of HRM practices in SMEs success. The role of HRM practices in large enterprises is relatively known, on the other hand, small and medium enterprises (SMEs) companies have not been greatly studied in relation to the HRM practices in the past. Although, there is a lack of literature and empirical research in this area, several studies in the recent years emphasized on the importance of the HRM practices for the success of the SMEs. This study finds out relationship of HRM practices and SMESs performances. The objective is to analyze significant impacts of HRM practices (training, performance appraisal, compensation and employee development) on SMEs success, to determine whether SMEs recognize the importance of HRM practices in their businesses. To carry out this research a survey research strategy was followed. The sample frame for this study consisted of firms that belong to the services and commerce sector, employing at least 50 employees. The final research sample consisted of questionnaires. Descriptive statistical methods have been used during quantitative analysis to explore the relations. The findings of the study revealed that HRM practices have a significant influence on the performance of SMEs, and the better the HRM practice, the higher the performance of the SMEs. HRM practices, including, training, compensation, performance appraisal and employee development, have been found to be significantly and positively related to business success. Outcome of the study will provide useful guidelines to the business organizations. This study contributes to knowledge by providing insights on the impact of HRM practices on SMEs performance.

Keywords: compensation, employee performance, HRM practices, training

Procedia PDF Downloads 150

Authors: Waqas Ali, Nadeem Majeed

Abstract:

Requirement engineering is an essence of software development life cycle. The more time we spend on requirement engineering, higher the probability of success. Effective requirement engineering ensures and predicts successful software product. This paper presents the adaptation of requirement engineering practices in small and medium size companies of Pakistan. The study is conducted by questionnaires to show how much of requirement engineering models and practices are followed in Pakistan.

Keywords: requirement engineering, Pakistan, models, practices, organizations

Procedia PDF Downloads 688

Authors: Azita Ramezani, Atousa Ramezani

Abstract:

In the ever-escalating landscape of windows malware the necessity for pioneering defense strategies turns into undeniable this study introduces an avant-garde approach fusing the capabilities of clustering random forests and support vector machines SVM to combat the intricate web of cyber threats our fusion model triumphs with a staggering accuracy of 98.67 and an equally formidable f1 score of 98.68 a testament to its effectiveness in the realm of windows malware defense by deciphering the intricate patterns within malicious code our model not only raises the bar for detection precision but also redefines the paradigm of cybersecurity preparedness this breakthrough underscores the potential embedded in the fusion of diverse analytical methodologies and signals a paradigm shift in fortifying against the relentless evolution of windows malicious threats as we traverse through the dynamic cybersecurity terrain this research serves as a beacon illuminating the path toward a resilient future where innovative fusion models stand at the forefront of cyber threat defense.

Keywords: fusion models, cyber threat defense, windows malware, clustering, random forests, support vector machines (SVM), accuracy, f1-score, cybersecurity, malicious code detection

Procedia PDF Downloads 37

Authors: K. C. Iyer, Yogita Manan Bindal, Sumit Kumar Bakshi

Abstract:

Disputes and litigation are becoming inherent to the construction industry in India, and despite construction being one of the major drivers of growth, there have not been many reforms in the government construction contracts. Many of the disputes arising from the government contracts, can be avoided by the proper drafting of contracts and their administration. This study aims to 1) identify the best practices in the construction contract as reviewed from the research papers and additional literature on contract management, 2) obtain perspectives from the industry experts on the implementation of these best practices with regards to likely challenges and relative benefits for implementing the best practices in construction contracts. The best practices for disputes arising due to delay events have been identified through extensive literature survey. The industry perspective is gathered by way of a questionnaire survey to understand the applicability of the identified best practices, the benefits that are likely to be obtained and the challenges that are likely to be faced in the implementation of these practices. The study concludes with the recommended best practices that can be implemented based on the perspectives obtained from the survey. The findings of the study can be used by the industry professionals while drafting construction contracts with a view to avoid disputes related to delay events.

Keywords: best practices, construction contract, delay, dispute avoidance

Procedia PDF Downloads 160

Authors: Rubaiyat Jahan, Nasreen Sultana Mitu

Abstract:

This paper examines the theoretical construct of transformative practices, and reports some evidence of transformative practices from a couple of Bangladeshi English teachers. The idea of transformative practices calls for teachers’ capabilities to invest their intellectual labor in teaching with an assumption that along with the academic advancement of the learners, it aims for the personal transformation for both the learners as well for themselves. Following an ethnographic research approach, data for this study were collected through in-depth interviews, informal talks and classroom observations for a period of one year. In relevance to the English classroom of the Bangladeshi context, from this study, references of transformative practices have been underlined from the participant teachers’ views on English language teaching as well as from their actual practices. According to data of this research, some evidence of transformative practices in the form of critical language awareness and personal theories of practices emerge from the participants’ articulation of the beliefs on teaching; and from the participant teachers’ classroom practices evidence of self-directed acts of teaching, self-directed acts of professional development, and liberatory autonomy have been highlighted as the reflections of transformative practices. The implication of this paper refers to the significance of practicing teachers’ articulation of beliefs and views on teaching along with their orientation to critical pedagogical relations.

Keywords: critical language awareness, personal theories of practice, teacher autonomy, transformative practices

Procedia PDF Downloads 194

Authors: Stefano Fantin

Abstract:

The present analysis outcomes from the research undertaken in the course of the European-funded project EUNITY, which targets the gaps in research and development on cybersecurity and privacy between Europe and Japan. Under these auspices, the research presents a study on the policy approach of Japan, the EU and a number of Member States of the Union with regard to the handling and discovery of software vulnerabilities, with the aim of identifying methodological differences and similarities. This research builds upon a functional comparative analysis of both public policies and legal instruments from the identified jurisdictions. The result of this analysis is based on semi-structured interviews with EUNITY partners, as well as by the participation of the researcher to a recent report from the Center for EU Policy Study on software vulnerability. The European Union presents a rather fragmented legal framework on software vulnerabilities. The presence of a number of different legislations at the EU level (including Network and Information Security Directive, Critical Infrastructure Directive, Directive on the Attacks at Information Systems and the Proposal for a Cybersecurity Act) with no clear focus on such a subject makes it difficult for both national governments and end-users (software owners, researchers and private citizens) to gain a clear understanding of the Union’s approach. Additionally, the current data protection reform package (general data protection regulation), seems to create legal uncertainty around security research. To date, at the member states level, a few efforts towards transparent practices have been made, namely by the Netherlands, France, and Latvia. This research will explain what policy approach such countries have taken. Japan has started implementing a coordinated vulnerability disclosure policy in 2004. To date, two amendments can be registered on the framework (2014 and 2017). The framework is furthermore complemented by a series of instruments allowing researchers to disclose responsibly any new discovery. However, the policy has started to lose its efficiency due to a significant increase in reports made to the authority in charge. To conclude, the research conducted reveals two asymmetric policy approaches, time-wise and content-wise. The analysis therein will, therefore, conclude with a series of policy recommendations based on the lessons learned from both regions, towards a common approach to the security of European and Japanese markets, industries and citizens.

Keywords: cybersecurity, vulnerability, European Union, Japan

Procedia PDF Downloads 118

Authors: Eldah Ephraim Buba

Abstract:

The study is aimed at assessing the effect of maintenance practices on tourist patronage. Yankari resort and Safari had a patronage of twenty thousand, three hundred and two international and national tourists in two thousand and ten, fourteen thousand nine hundred and sixty two, in two thousand and eleven and ten thousand six hundred and one, in two thousand and twelve. The number of tourists keeps falling as the resort has been witnessing low patronage. Personal observation has shown that the state of facilities in the resort is bad. This study aims to appraise maintenance practices in the resort and how it affects tourist patronage. Standard checklist was used for the appraisal of facilities, while questionnaires were administered to tourists to examine whether maintenance practices in the resort do affect their patronage. Findings show that Operational maintenance was poorly carried out while repairs maintenance was fairly done. The study also discovered that there is significant relationship between maintenance practices and tourist patronage. It is recommended that adequate repairs and operational maintenance practices should be carried out in the resort to encourage tourist patronage.

Keywords: maintenance, practices, tourist, patronage

Procedia PDF Downloads 271

Authors: Lauren Provost

Abstract:

The digital world remains increasingly vulnerable, making the development of effective cybersecurity approaches even more critical in supporting the success of the digital economy and national security. Although approaches to cybersecurity have shifted and improved in the last decade with new models, especially with cloud computing and mobility, a record number of high severity vulnerabilities were recorded in the National Institute of Standards and Technology (NIST), and its National Vulnerability Database (NVD) in 2020. This is due, in part, to the increasing complexity of cyber ecosystems. Security must be approached with a more comprehensive, multi-tool strategy that addresses the complexity of cyber ecosystems, including the human factor. Ethical hacking has emerged as such an approach: a more effective, multi-strategy, comprehensive approach to cyber security's most pressing needs, especially understanding the human factor. Research on ethical hacking, however, is limited in scope. The two main objectives of this work are to (1) provide highlights of case studies in ethical hacking, (2) provide a conceptual framework for research in ethical hacking that embraces and addresses both technical and nontechnical security measures. Recommendations include an improved conceptual framework for research centered on ethical hacking that addresses many factors and attributes of significant attacks that threaten computer security; a more robust, integrative multi-layered framework embracing the complexity of cybersecurity ecosystems.

Keywords: ethical hacking, literature review, penetration testing, social engineering

Procedia PDF Downloads 184

Authors: B. Alajmi, L. Marouf, A. S. Chaudhry

Abstract:

In recent years, increasing emphasis has been placed upon issues concerning the evaluation of health care. In this regard, knowledge management has also been considered an important component of the evaluation process. KM facilitates the transfer of existing knowledge or the development of new knowledge among healthcare staff and patients. This research aimed to examine how hospitals in Kuwait employ knowledge management practices, including capturing, sharing, and generating, and the perceived impact of KM practices on performance of hospitals in Kuwait. Through adopting a quantitative survey method with 277 sample of doctors, the study found that in terms of the three major knowledge management practices – knowledge capturing, sharing, and generating – the adoption of KM practices were rated very low in the sampled hospitals in Kuwait. Hospitals paid little attention to the main activities that support the transfer of expertise among doctors in hospitals. However, as predicted by previous studies, knowledge management practices were perceived to have an impact on hospitals’ performance. Through knowledge capturing, sharing, and generating, hospitals could improve the services they provide through documenting best practices, transforming their hospitals into learning organizations in which lessons learned are captured, stored, and made available for others to learn from.

Keywords: knowledge management, hospitals, knowledge management practices, knowledge management tools, performance

Procedia PDF Downloads 473

Authors: Iliya Ibrahim Gimba

Abstract:

Human beings or groups over the world have a traditional and cultural practices which guide and direct their ways of life. They value and promote these practices not minding the attitude of others towards them. In spite of the place of culture which is an embodiment of these practices in every human society some people still reduce the understanding of culture to idolatry and other archaic and anachronistic arts good perhaps only for the museum. Others consider culture to be just drumming and dancing. Whether a culture is “good” or “bad”, civilized or barbaric, it can be reformed for the betterment of the society. Hence, this paper focuses on reforming traditional and cultural practices in Nigeria for enhancing development in the 21st century using the Jukun people as a case study. Relevant literatures from journals, reports, published books among others will be consulted.

Keywords: Jukun, traditional and cultural practices, sustainable development, human

Procedia PDF Downloads 394

Authors: Benn Van Den Ende

Abstract:

Over the last three decades, there has been an exponential increase in developments in implantable technologies such as the cardiac pacemaker, bionic prosthesis, and implantable chips. The effect of these technologies has been well researched in many areas. However, there is a lack of critical research in security studies. This paper will provide preliminary findings to an ongoing research project which aims to examine how implantable technologies effect the practices of governmentality in the context of security. It will do this by looking at the practices and techniques of governmentality along with different implantable technologies which increase, change or otherwise affect governmental practices. The preliminary research demonstrates that implantable technologies have a profound effect on the practices of governmentality, while also paving the way for further research into a potential ‘new’ form of governmentality in relation to these implantable technologies.

Keywords: critical security studies, governmentality, security theory, political theory, Foucault

Procedia PDF Downloads 159

Authors: Liwen Wang, Yuting Chen, Tong Wu, Shaolei Hu

Abstract:

In order to enhance the security of critical financial infrastructure, this study carries out a transformation of the architecture of a financial trading terminal to a zero trust architecture (ZTA), constructs an active defense system for cybersecurity, improves the security level of trading services in the Internet environment, enhances the ability to prevent network attacks and unknown risks, and reduces the industry and security risks brought about by cybersecurity risks. This study introduces the SDP technology of ZTA, adapts and applies it to a financial trading terminal to achieve security optimization and fine-grained business grading control. The upgraded architecture of the trading terminal moves security protection forward to the user access layer, replaces VPN to optimize remote access, and significantly improves the security protection capability of Internet transactions. The study achieves 1. deep integration with the access control architecture of the transaction system; 2. no impact on the performance of terminals and gateways, and no perception of application system upgrades; 3. customized checklist and policy configuration; 4. introduction of industry-leading security technology such as single-packet authorization (SPA) and secondary authentication. This study carries out a successful application of ZTA in the field of financial trading and provides transformation ideas for other similar systems while improving the security level of financial transaction services in the Internet environment.

Keywords: zero trust, trading terminal, architecture, network security, cybersecurity

Procedia PDF Downloads 126

Authors: Nor Azlina Ab.Rahman, Salwana Hassan, Zuraeda Ibrahim, Normah Omar, Jamaliah Said

Abstract:

Revolution in the business environment has crucial growing changes on most globalized markets. Numerous of organizations are necessitating towards producing more proactive entrepreneurs with a dynamic teams, who can run and steer their business to victory. Revolutionizing on business strategy and entrepreneurial skills, also implementing innovation and practices to enhance its performance is necessary for these organizations to be more cost-efficient and increase their efficiency. The study aims to clarify issues of whether measurement has a positive effect on different aspects of innovation and best practices. The study contributes to the current understanding in three ways; first by presenting the important aspects of organizational innovation and best practices. Second by showing the importance of measurement in promoting different aspects of innovation and best practices. Third is to examine the link between innovation, best practices and sustainability in microfinance. The study has been executed by conducting a qualitative study toward the microfinance industry. A representative of management and employees in each company was selected through an invitation to participate in getting information for data collection purpose in the study. The study contains a comprehensive description of the impacts of measurement on different aspects of innovation and best practices towards sustainability in both microfinance industries and SMEs. Findings from this study shows that performance measurement has positive effects on issues related to innovation and best practices. The measurement for several aspects of innovation and best practices is good potential in microfinance industries. Additionally, measurement on innovation and best practices shows a positively related with each other to enhance organization performance. The study suggests that both academics and practitioners should focus on the development of new methods and practices to describe and scrutinize further understanding for measuring issues which is related to innovation and best practices, in order to better develop innovation and best practices towards sustainability. This effort would not only contribute to firm’s success, but also toward the development of the nation in the developing countries.

Keywords: best practices, innovation, microfinance, sustainability

Procedia PDF Downloads 479

Authors: Shireesha Devraj, Vishwanath Kokkonda

Abstract:

Information Technology Industry is one of the fastest up-and-coming, knowledge and skill concentrated industries in India. India preserves its position as the world’s notable global sourcing terminus for IT services. The swift progress in the competitive age is possible only through effective human resource development practices. In the IT industry attracting, nurturing talent, retaining and managing human resources have been the principal issues. The sustenance and growth of IT companies worldwide depends on the intellectual capital it possesses. The IT sector cannot be effectively managed through traditional human resource development practices. In order to stay competitive in future, the IT sector in India has to enrich the skilled talent pool through pertinent HRD practices. An attempt is made in this paper to study the trends in Indian IT Industry.

Keywords: HRD practices, IT industry, India, competitive age

Procedia PDF Downloads 329