Search results for: enterprise IoT cybersecurity

Authors: K. Hołda, D. Śliwa, K. Daniec, A. Nawrat

Abstract:

This article was created as part of the developed master's thesis. It attempts to present a newly developed device, which will support the work of specialists dealing with broadly understood cybersecurity terms. The device is contrived to automate security tests. In addition, it simulates potential cyberattacks in the most realistic way possible, without causing permanent damage to the network, in order to maximize the quality of the subsequent corrections to the tested network systems. The proposed solution is a fully operational prototype created from commonly available electronic components and a single board computer. The focus of the following article is not only put on the hardware part of the device but also on the theoretical and applicatory way in which implemented cybersecurity tests operate and examples of their results.

Keywords: Raspberry Pi, ethernet, automated cybersecurity tests, ARP, DNS, backdoor, TCP, password sniffing

Procedia PDF Downloads 90

Authors: Babak Darvish Rouhani, Mohd Naz'ri Mahrin, Fatemeh Nikpay, Maryam Khanian Najafabadi

Abstract:

Enterprise Architecture (EA) Implementation Methodologies have become an important part of EA projects. Several implementation methodologies have been proposed, as a theoretical and practical approach, to facilitate and support the development of EA within an enterprise. A significant question when facing the starting of EA implementation is deciding which methodology to utilize. In order to answer this question, a framework with several criteria is applied in this paper for the comparative analysis of existing EA implementation methodologies. Five EA implementation methodologies including: EAP, TOGAF, DODAF, Gartner, and FEA are selected in order to compare with proposed framework. The results of the comparison indicate that those methodologies have not reached a sufficient maturity as whole due to lack of consideration on requirement management, maintenance, continuum, and complexities in their process. The framework has also ability for the evaluation of any kind of EA implementation methodologies.

Keywords: enterprise architecture, EAIM, evaluating EAIM, framework for evaluation, enterprise architecture implementation methodology

Procedia PDF Downloads 346

Authors: Logan Carmichael

Abstract:

As the world’s governments seek to increasingly digitize their service provisions, there exists a subsequent and fully valid concern about the security underpinning these digital governance provisions. Estonia, a small and innovative Baltic nation, has been refining both its digital governance structure and cybersecurity mechanisms for over three decades and has been praised as global ‘best practice’ in both fields. However, the security of the Estonian digital governance system has been ever-evolving and significantly shaped by cybersecurity crises. This paper examines said crises – 2007 cyberattacks on Estonian government, banks, and news media; the 2017 e-ID crisis; the ongoing COVID-19 pandemic; and the 2022 Russian invasion of Ukraine – and how governance decision-making following these crises has shaped the cybersecurity of the digital governance structure in Estonia. This paper employs a blended constructivist and historical institutionalist theoretical approach as a useful means to view governance and decision-making in the wake of cybersecurity incidents affecting the Estonian digital governance structure. Together, these theoretical groundings frame the topics of cybersecurity and digital governance in an Estonian context through a lens of ideation and experience, as well as institutional path dependencies over time and cybersecurity crises as critical junctures to study. Furthermore, this paper takes a qualitative approach, employing discourse analysis, policy analysis, and elite interviewing of Estonian officials involved in digital governance and cybersecurity in order to glean nuanced perspectives into the processes that followed these four crises. Ultimately, the results of this paper will offer insight into how governments undertake policy-driven change following cybersecurity crises to ensure sufficient security of their digitized service provisions. This paper’s findings are informative not only in continued decision-making in the Estonian system but also in other states currently implementing a digital governance structure, for which security mechanisms are of the utmost importance.

Keywords: cybersecurity, digital governance, Estonia, crisis management, governance in crisis

Procedia PDF Downloads 82

Authors: Chih Chin Yang

Abstract:

The paper proposed a new theory of intellectual capital (so called IC) and a value approach in associated with production and market. After an in-depth review and research analysis of leading firms in this field, a holistic intellectual capital model is discussed, which involves transport, delivery supporting, and interface and systems of on intellectual capital. Through a quantity study, it is found that there is a significant relationship between the product value and infrastructure in a company. The product values are transferred from intellectual capital elements which includes three elements of content and the enterprise includes three elements of infrastructure in its market and product values of enterprise.

Keywords: enterprise, product value, intellectual capital, market and product values

Procedia PDF Downloads 365

Authors: Deepika Verma, Runa Sarkar

Abstract:

One of the prominent debates in the social entrepreneurship literature has been to establish whether entrepreneurial work for social well-being by for-profit organizations can be classified as social entrepreneurship or not. Of late, the scholarship has reached a consensus. It concludes that there seems little sense in confining social entrepreneurship to just non-profit organizations. Boosted by this research, increasingly a lot of businesses engaged in filling the social infrastructure gaps in developing countries are calling themselves social enterprise. These organizations are diverse in their ownership, size, objectives, operations and business models. The lack of a comprehensive definition of social enterprise leads to three issues. Firstly, researchers may face difficulty in creating a database for social enterprises because the choice of an entity as a social enterprise becomes subjective or based on some pre-defined parameters by the researcher which is not replicable. Secondly, practitioners who use ‘social enterprise’ in their vision/mission statement(s) may find it difficult to adjust their business models accordingly especially during the times when they face the dilemma of choosing social well-being over business viability. Thirdly, social enterprise and social entrepreneurship attract a lot of donor funding and venture capital. In the paucity of a comprehensive definitional guide, the donors or investors may find assigning grants and investments difficult. It becomes necessary to develop an exhaustive and objective definition of social enterprise and examine whether the understanding of the academicians and practitioners about social enterprise match. This paper develops a dictionary of words often associated with social enterprise or (and) social entrepreneurship. It further compares two lexicographic definitions of social enterprise imputed from the abstracts of academic journal papers and trade publications extracted from the EBSCO database using the ‘tm’ package in R software.

Keywords: EBSCO database, lexicographic definition, social enterprise, text mining

Procedia PDF Downloads 357

Authors: Anu Paul, Varghese Paul

Abstract:

The focal aspire of e-Government (eGovt) is to offer citizen-centered service delivery. Accordingly, the citizenry consumes services from multiple government agencies through national portal. Thus, eGovt is an enterprise with the primary business motive of transparent, efficient and effective public services to its citizenry and its logical structure is the eGovernment Enterprise Architecture (eGEA). Since eGovt is IT oriented multifaceted service-centric system, EA doesn’t do much on an automated enterprise other than the business artifacts. Service-Oriented Architecture (SOA) manifestation led some governments to pertain this in their eGovts, but it limits the source of business artifacts. The concurrent use of EA and SOA in eGovt executes interoperability and integration and leads to Service-Oriented e-Government Enterprise (SOeGE). Consequently, agile eGovt system becomes a reality. As an IT perspective eGovt comprises of centralized public service artifacts with the existing application logics belong to various departments at central, state and local level. The eGovt is renovating to SOeGE by apply the Service-Orientation (SO) principles in the entire system. This paper explores IT perspective of SOeGE in India which encompasses the public service models and illustrated with a case study the Passport service of India.

Keywords: enterprise architecture, service-oriented e-Government enterprise, service interface layer, service model

Procedia PDF Downloads 482

Authors: Krish Batra

Abstract:

The advent of open banking has revolutionized the financial services industry by fostering innovation, enhancing customer experience, and promoting competition. However, this paradigm shift towards more open and interconnected banking ecosystems has introduced complex cybersecurity challenges. This research paper delves into the multifaceted cybersecurity landscape of open banking, highlighting the vulnerabilities and threats inherent in sharing financial data across a network of banks and third-party providers. Through a detailed analysis of recent data breaches, phishing attacks, and other cyber incidents, the paper assesses the current state of cybersecurity within the open banking framework. It examines the effectiveness of existing security measures, such as encryption, API security protocols, and authentication mechanisms, in protecting sensitive financial information. Furthermore, the paper explores the regulatory response to these challenges, including the implementation of standards such as PSD2 in Europe and similar initiatives globally. By identifying gaps in current cybersecurity practices, the research aims to propose a set of robust, forward-looking strategies that can enhance the security and resilience of open banking systems. This includes recommendations for banks, third-party providers, regulators, and consumers on how to mitigate risks and ensure a secure open banking environment. The ultimate goal is to provide stakeholders with a comprehensive understanding of the cybersecurity implications of open banking and to outline actionable steps for safeguarding the financial ecosystem in an increasingly interconnected world.

Keywords: open banking, financial services industry, cybersecurity challenges, data breaches, phishing attacks, encryption, API security protocols, authentication mechanisms, regulatory response, PSD2, cybersecurity practices

Procedia PDF Downloads 17

Authors: Ayomide Oyedele

Abstract:

In the dynamic landscape of cybersecurity, "Strategic Cyber Sentinel" emerges as a revolutionary framework, transcending traditional approaches. This paper pioneers a holistic strategy, weaving together threat intelligence, machine learning, and adaptive defenses. Through meticulous real-world simulations, we demonstrate the unprecedented resilience of our framework against evolving cyber threats. "Strategic Cyber Sentinel" redefines proactive threat mitigation, offering a robust defense architecture poised for the challenges of tomorrow.

Keywords: cybersecurity, resilience, threat intelligence, machine learning, adaptive defenses

Procedia PDF Downloads 35

Authors: Joseph Uche Azubike, Evelyn Ngozi Agbasi, Mi Ogbonna

Abstract:

The audit committee of the board of directors could no longer handle the enterprise's risks. Therefore, a risk management committee was created to control them. Thus, this study examined how enterprise risk management committee characteristics affected Nigerian exchange-listed banks' financial performance from 2013 to 2022. The study's hypotheses and three objectives were to determine how enterprise risk management committee size, composition, and gender diversity affect Nigerian banks' performance. An ex-post facto study design collected secondary data from bank annual reports. We used descriptive statistics, correlation analysis, and Ordinary least square regression to analyze panel data. Enterprise risk management committee size and composition had both negative and no significant effect on bank financial performance in Nigeria, whereas enterprise risk committee gender diversity has a 10% favorable effect. The report advises that adding more women with relevant knowledge to the risk committee to boost performance and allowing women to be at the lead of such risk management could improve bank performance in Nigeria since they are noted to be thorough in their tasks.

Keywords: enterprise, risks, committee, management, banks

Procedia PDF Downloads 4

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 131

Authors: Babak Darvish Rouhani, Mohd Nazri Mahrin, Fatemeh Nikpay, Pourya Nikfard, Maryam Khanian Najafabadi

Abstract:

Enterprise Architecture (EA) is a strategy that is employed by enterprises in order to align their business and Information Technology (IT). EA is managed, developed, and maintained through Enterprise Architecture Implementation Methodology (EAIM). The effectiveness of EA implementation is the degree in which EA helps to achieve the collective goals of the organization. This paper analyzes the results of a survey that aims to explore the factors that affect the effectiveness of EAIM and specifically the relationship between factors and effectiveness of the output and functionality of EA project. The exploratory factor analysis highlights a specific set of five factors: alignment, adaptiveness, support, binding, and innovation. The regression analysis shows that there is a statistically significant and positive relationship between each of the five factors and the effectiveness of EAIM. Consistent with theory and practice, the most prominent factor for developing an effective EAIM is innovation. The findings contribute to the measuring the effectiveness of EA implementation project by providing an indication of the measurement implementation approaches which is used by the Enterprise Architects, and developing an effective EAIM.

Keywords: enterprise architecture, enterprise architecture implementation methodology, implementation methodology, factors, EA, effectiveness

Procedia PDF Downloads 390

Authors: Danah S. Alabdulmohsin

Abstract:

Due to the fast growth of organizational data as well as the emergence of new technologies such as artificial intelligence (AI), organizations tend to utilize these new technologies in their enterprise information systems (EIS) either to overcome the issues they struggle with or to enhance their functions. The aim of this paper is to review the potential role of AI technologies in EIS, namely: enterprise resource planning systems (ERP), customer relation management systems (CRM), supply chain management systems (SCM), knowledge systems (KM), and human resources management systems (HRM). The paper provided the definitions of these systems as well as the definitions of AI technologies that have been used in EIS. In addition, the paper discussed the challenges that organizations might face while integrating AI with their information systems and explained why some organizations fail in achieving successful implementations of the integration.

Keywords: artificial intelligence, AI, enterprise information system, EIS, integration

Procedia PDF Downloads 62

Authors: Babatunde Osabiya

Abstract:

Cybersecurity has emerged as a pressing policy problem in recent years, affecting individuals, businesses, and governments worldwide. This research paper aims to critically review the literature on cybersecurity policy and apply policy theory to propose a policy approach that balances the freedom to access and use technology with the human rights risks and threats posed by cyber. Drawing on various credible sources, the paper examines the scale and seriousness of cyber threats, highlighting the growing threat posed by cybercriminals, hackers, and nation-states. The paper also identifies the key challenges facing policymakers, including the need for more significant investment in cybersecurity research and development and the importance of balancing the benefits of technological innovation with the risks to privacy, security, and human rights. To address these challenges, the paper proposes a policy approach emphasizing investing in cybersecurity research and development to maintain a technological edge over potential adversaries. This approach also highlights the need for greater collaboration between government, industry, and civil society to develop effective cybersecurity policies and practices that protect the rights and freedoms of people while mitigating the risks posed by cyber threats. This paper will contribute to the growing body of literature on cybersecurity policy and offers a policy framework for addressing this critical policy challenge.

Keywords: security risk, legal framework, cyber security and policy, national security

Procedia PDF Downloads 59

Authors: Kaznah Alshammari, Thomas Beach, Yacine Rezgui

Abstract:

Technological advances in the construction sector are helping to make smart cities a reality by means of cyber-physical systems (CPS). CPS integrate information and the physical world through the use of information communication technologies (ICT). An increasingly common goal in the built environment is to integrate building information models (BIM) with the Internet of Things (IoT) and sensor technologies using CPS. Future advances could see the adoption of digital twins, creating new opportunities for CPS using monitoring, simulation, and optimisation technologies. However, researchers often fail to fully consider the security implications. To date, it is not widely possible to assimilate BIM data and cybersecurity concepts, and, therefore, security has thus far been overlooked. This paper reviews the empirical literature concerning IoT applications in the built environment and discusses real-world applications of the IoT intended to enhance construction practices, people’s lives and bolster cybersecurity. Specifically, this research addresses two research questions: (a) how suitable are the current IoT and CPS security stacks to address the cybersecurity threats facing digital twins in the context of smart buildings and districts? and (b) what are the current obstacles to tackling cybersecurity threats to the built environment CPS? To answer these questions, this paper reviews the current state-of-the-art research concerning digital twins in the built environment, the IoT, BIM, urban cities, and cybersecurity. The results of these findings of this study confirmed the importance of using digital twins in both IoT and BIM. Also, eight reference zones across Europe have gained special recognition for their contributions to the advancement of IoT science. Therefore, this paper evaluates the use of digital twins in CPS to arrive at recommendations for expanding BIM specifications to facilitate IoT compliance, bolster cybersecurity and integrate digital twin and city standards in the smart cities of the future.

Keywords: BIM, cybersecurity, digital twins, IoT, urban cities

Procedia PDF Downloads 135

Authors: Chi-Hsuan Cheng

Abstract:

This research aims to evaluate public-private partnerships against cyberattacks by comparing the UK and Taiwan. First, the study analyses major cyberattacks and factors influencing cybersecurity in both countries. Second, it assesses the effectiveness of current cyber defence strategies in combating cyberattacks by comparing the approaches taken in the UK and Taiwan, while also evaluating the cyber resilience of both nations. Lastly, the research evaluates existing public-private partnerships by comparing those in the UK and Taiwan, and proposes recommendations for enhancing cooperation and collaboration mechanisms in tackling cyberattacks. Grounded theory serves as the core research method. Theoretical sampling is used to recruit participants in both the UK and Taiwan, including investigators, police officers, and professionals from cybersecurity firms. Semi-structured interviews are conducted in English in the UK and Mandarin in Taiwan, recorded with consent, and pseudonymised for privacy. Data analysis involves open coding, grouping excerpts into codes, and categorising codes. Axial coding connects codes into categories, leading to the development of a codebook. The process continues iteratively until theoretical saturation is reached. Finally, selective coding identifies the core topic, evaluating public-private cooperation against cyberattacks and its implications for social and policing strategies in the UK and Taiwan, which highlights the current status of the cybersecurity industry, governmental plans for cybersecurity, and contributions to cybersecurity from both government sectors and cybersecurity firms, with a particular focus on public-private partnerships. In summary, this research aims to offer practical recommendations to law enforcement, private sectors, and academia for reflecting on current strategies and tailoring future approaches in cybersecurity

Keywords: cybersecurity, cybercrime, public private partnerships, cyberattack

Procedia PDF Downloads 24

Authors: Mahdi Alkaeed, Adeel Ehsan

Abstract:

Enterprise information systems (EIS) act as the backbone of organizations that belong to different domains. These systems not only play a major role in the efficient usage of resources and time but also throw light on the future roadmap for the enterprise. In today's rapidly expanding world of business and technology, enterprise systems from various heterogenous environments have to exchange information at some point, be it within the same organization or between different organizations. This reality strengthens the importance of interoperability between these systems, which is one of the key enablers of systems collaboration. Both information technology infrastructure and business processes have to be aligned with each other to achieve this effect. This will be difficult to attain if traditional tightly coupled architecture is used. Instead, a more loosely coupled service-oriented architecture has to be used. That would enable an effective interoperability level between different EIS. This paper discusses and presents the current work that has been done in the field of EIS interoperability. Along the way, it also discusses the challenges, solutions to tackle those challenges presented in the studied literature, and limitations, if any.

Keywords: enterprise systems interoperability, collaboration and integration, service-based architecture, open system architecture

Procedia PDF Downloads 78

Authors: Nirmala Gopal, Sheetal Bhoola, Audecious Mugwagwa

Abstract:

This paper discusses the continued infringement and exploitation of data by non-state actors for destructive purposes, emphasizing radical terrorist organizations. It will discuss how terrorist organizations access and use data to foster their nefarious agendas. It further examines how cybersecurity, designed as a tool to curb data exploitation, is ineffective in raising global citizens' concerns about how their data can be kept safe and used for its acquired purpose. The study interrogates several policies and data protection instruments, such as the Data Protection Act, Cyber Security Policies, Protection of Personal Information(PPI) and General Data Protection Regulations (GDPR), to understand data use and storage in democratic states. The study outcomes point to the fact that international cybersecurity and cybercrime legislation, policies, and conventions have not curbed violations of data access and use by radical terrorist groups. The study recommends ways to enhance cybersecurity and reduce cyber risks using democratic principles.

Keywords: cybersecurity, data exploitation, terrorist organizations, data democracy

Procedia PDF Downloads 167

Authors: Elham Rajabian

Abstract:

The ascent of cybersecurity incidents is a rising threat to most organisations in general, while the impact of the incidents is unique to each of the organizations. It is a need for behavioural sciences to concentrate on employees’ behaviour in order to prepare key security mitigation opinions versus cybersecurity incidents. There are noticeable differences among users of a computer system in terms of complying with security behaviours. We can discuss the people's differences under several subjects such as delaying tactics on something that must be done, the tendency to act without thinking, future thinking about unexpected implications of present-day issues, and risk-taking behaviours in security policies compliance. In this article, we introduce high-profile cyber-attacks and their impacts on weakening cyber resiliency in organizations. We also give attention to human errors that influence network security. Human errors are discussed as a part of psychological matters to enhance compliance with the security policies. The organizational challenges are studied in order to shape a sustainable cyber risks management approach in the related work section. Insiders’ behaviours are viewed as a cyber security gap to draw proper cyber resiliency in section 3. We carry out the best cybersecurity practices by discussing four CIS challenges in section 4. In this regard, we provide a guideline and metrics to measure cyber resilience in organizations in section 5. In the end, we give some recommendations in order to build a cybersecurity culture based on individual behaviours.

Keywords: cyber resilience, human factors, cybersecurity behavior, attitude, usability, security culture

Procedia PDF Downloads 66

Authors: Mohanaad Talal Shakir, Saad AJAJ Khalaf, Nawar Ahmed Aljumaily, Mustafa Talal Shakere

Abstract:

Cloud computing is a model for enabling convenient, on demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Objectives of this paper are to investigate the role of the Enterprise System and Cloud Computing Services to assist and guide him to ensure the initiative become successful. The cloud computing technology offers great potential for Enterprise such as the speed of dealing with data and product introductions, innovations and speed of response. The use of cloud computing technology leads to the rapid development and competitiveness of enterprises in various fields.

Keywords: cloud computing, information management, marketing, enterprise systems

Procedia PDF Downloads 650

Authors: Chigozie P. Ugochukwu Okoro

Abstract:

While the needs of the traveling public are becoming more evolving due to the ever-changing tourism ecosphere; there is a seeming inability to sustain competitive advantage through hospitality enterprise service quality differentials and effective service delivery. Contending with these evolving needs demands a re-assessment of the notions that drive service evolvement thoughts pattern and service delivery processes management in the hospitality enterprise. The intent of this study was to explicate the trends of the evolving needs of the traveling public that are critical to hospitality enterprise service management. The hypothetical study used customer satisfaction to dissect the strategic implication of perception, experience, and socio-cultural engagements in customization of hospitality enterprise services. The study found out that customer perception is cognitive and does not shape service customization. The study also elucidated that customer experience which can be evaluated, is critical in service structure determination and delivery. Socio-cultural engagement is intrinsic in driving service diversification. The study recommends tourists’ audit and cognitive insights as strategic actions for re-designing service efficiency and delivery in hospitality enterprise service management.

Keywords: hospitality enterprise services, strategic management, quality service delivery, notions of criticality

Procedia PDF Downloads 140

Authors: Kerry Lee

Abstract:

Many teachers are experienced; however, experience doesn’t necessarily equate to excellence. Excellence in teaching is the single most powerful influence on student achievement. This case study investigates the practices of one of the nation’s most acknowledged teachers in enterprise education. In a number of semi-structured interviews and observational visits, this remote regional teacher talked freely about what skills and strategies she used to achieve this success. It is anticipated these findings will help others to support students to gain greater success (in whatever form that may take).

Keywords: expert teacher, enterprise education, excellence, skills and strategies

Procedia PDF Downloads 47

Authors: Dongfang Qiu, Yilin Lu

Abstract:

The measurement of enterprise-university-research cooperative efficiency has important meanings in improving the cooperative efficiency, strengthening the effective integration of regional resource, enhancing the ability of regional innovation and promoting the development of regional economy. The paper constructs the DEA method and DEA-Malmquist productivity index method to research the cooperation efficiency of Hubei by making comparisons with other provinces in China. The study found out the index of technology efficiency is 0.52 and the enterprise-university- research cooperative efficiency is Non-DEA efficient. To realize the DEA efficiency of Hubei province, the amount of 1652.596 R&D employees and 638.368 R&D employees’ full time equivalence should be reduced or 137.89 billion yuan of new products’ sales income be increased. Finally, it puts forward policy recommendations on existing problems to strengthen the standings of the cooperation, realize the effective application of the research results, and improve the level of management of enterprise-university-research cooperation efficiency.

Keywords: cooperation ability, DEA method, enterprise-university-research cooperation, Malmquist efficiency index

Procedia PDF Downloads 357

Authors: Norshima Humaidi, Saif Hussein Abdallah Alghazo

Abstract:

Cybersecurity threat have become a serious issue recently, and one of the cause is because human error, which is usually constituted by carelessness, ignorance, and failure to practice cybersecurity behaviour adequately. Using a data from a quantitative survey, Partial Least Squares-Structural Equation Modelling (PLS-SEM) analysis was used to determine the factors that affect cybersecurity protective behaviour (CPB). This study adapts cybersecurity protective behaviour model by focusing on two constructs that can enhance CPB: manager’s information security competencies (MISI) and procedural information security countermeasure (PCM) awareness. Theory of leadership competencies were adapted to measure user’s perception towards competencies among security managers/leader in the organization. Confirmatory factor analysis (CFA) testing shows that all the measurement items of each constructs were adequate in their validity individually based on their factor loading value. Moreover, each constructs are valid based on their parameter estimates and statistical significance. The quantitative research findings show that PCM awareness strongly influences CPB compared to MISI. Meanwhile, MISI was significantlyPCM awarenss. This study believes that the research findings can contribute to human behaviour in IS studies and are particularly beneficial to policy makers in improving organizations’ strategic plans in information security, especially in this new era. Most organizations spend time and resources to provide and establish strategic plans of information security; however, if employees are not willing to comply and practice information security behaviour appropriately, then these efforts are in vain.

Keywords: cybersecurity, protection behaviour, information security, information security competencies, countermeasure awareness

Procedia PDF Downloads 63

Authors: Sylvia Acquah

Abstract:

The assumption that social enterprises are empowering has strong theoretical support, but empirical verification is anecdotal at best. Social enterprises blend social goal with an enterprising idea and therefore in theory these enterprises should provide meaningful jobs that are empowering. Whether jobs created are meaningful, or whether these organizations are practicing social entrepreneurship remains unexplored key questions. This paper addresses these key questions through a comprehensive literature review and an ethnographical study of a Domiciliary Home Care Social Enterprise in the UK. The social entrepreneurs, management and 9 staff members were observed, interviewed and achieves were reviewed and analyzed. In this study, the social entrepreneur’s vision was lost in transition during management change and the organization was only identified as a social enterprise by name. The organization that was set up to tackle lack of continuity in care and create a family of independent carers, was eventually closed down overnight and subjected to investigation by social services and the local council. Also, the ineffectiveness of the organization led to staff being stressed and without the support of the management to help rectify the issues; staff started displaying symptoms of burnout. Social enterprise managers should not only focus on profit maximization or generation, but should equally live up to the core tenets of the enterprise and effectively communicate and gain buy-in of all employees for any changes. Further, there ought to be an independent organization that regulates social enterprises to ensure that they are adhering to their social goals.

Keywords: ethnography, carer, social, enterprise

Procedia PDF Downloads 284

Authors: Panupong Chanplin, Kathaleeya Chanda., Wilailuk Mepracha

Abstract:

The aims of this research were twofold: 1) to brand identity design of Creative Agriculture Community Enterprise, Bang Khonthi District, Samut Songkhram Province and 2) to study the level of tourist satisfaction towards brand identity design of Creative Agriculture Community Enterprise, Bang Khonthi District, Samut Songkhram Province. tourist satisfaction was measured using six criteria: clear brand positioning, likeable brand personality, memorable logo, attractive color palette, professional typography and on-brand supporting graphics. The researcher utilized a probability sampling method via simple random sampling. The sample consisted of 30 tourists in the Creative Agriculture Community Enterprise. Statistics utilized for data analysis were percentage, mean, and standard deviation. The results suggest that tourist had high levels of satisfaction towards all six criteria of the brand identity design that was designed to target them. This study proposes that specifically brand identity designed of Creative Agriculture Community Enterprise could also be implemented with other real media already available on the market.

Keywords: satisfaction, brand identity, logo, creative agriculture community enterprise

Procedia PDF Downloads 212

Authors: Atma Sahu

Abstract:

After 9/11, there will only be cyberwars. The cyberwars increase in intensity the country's cybersecurity workforce's hiring and retention issues. Currently, many organizations have unfilled cybersecurity positions, and to a lesser degree, their cybersecurity teams are understaffed. Therefore, there is a critical need to develop a new program to help meet the market demand for cybersecurity engineers (CYSE) and personnel. Coppin State University in the United States was responsible for developing a cybersecurity engineering BS degree program. The CYSE curriculum design methodology consisted of three parts. First, the ACM Cross-Cutting Concepts standard's pervasive framework helped curriculum designers and students explore connections among the core courses' knowledge areas and reinforce the security mindset conveyed in them. Second, the core course context was created to assist students in resolving security issues in authentic cyber situations involving cyber security systems in various aspects of industrial work while adhering to the NIST standards framework. The last part of the CYSE curriculum design aspect was the institutional student learning outcomes (SLOs) integrated and aligned in content courses, representing more detailed outcomes and emphasizing what learners can do over merely what they know. The CYSE program's core courses express competencies and learning outcomes using action verbs from Bloom's Revised Taxonomy. This aspect of the CYSE BS degree program's design is based on these three pillars: the ACM, NIST, and SLO standards, which all CYSE curriculum designers should know. This unique CYSE curriculum design methodology will address how students and the CYSE program will be assessed and evaluated. It is also critical that educators, program managers, and students understand the importance of staying current in this fast-paced CYSE field.

Keywords: cyber security, cybersecurity engineering, systems engineering, NIST standards, physical systems

Procedia PDF Downloads 54

Authors: Shankar Kambhampaty, Harish Rohan Kambhampaty

Abstract:

Data in IT systems in enterprises has been growing at a phenomenal pace. This has provided opportunities to run analytics to gather intelligence on key business parameters that enable them to provide better products and services to customers. While there are several artificial intelligence (AI/ML) and business intelligence (BI) tools and technologies available in the marketplace to run analytics, there is a need for an integrated view when developing intelligent solutions in enterprises. This paper progressively elaborates a reference model for enterprise solutions, builds an integrated view of data, information, and intelligence components, and presents a reference architecture for intelligent enterprise solutions. Finally, it applies the reference architecture to an insurance organization. The reference architecture is the outcome of experience and insights gathered from developing intelligent solutions for several organizations.

Keywords: architecture, model, intelligence, artificial intelligence, business intelligence, AI, BI, ML, analytics, enterprise

Procedia PDF Downloads 110

Authors: Mohammad Reza Babaei, Sanaz Kamrani

Abstract:

The main problems That arise In adopting most Enterprise resources planning (ERP) strategies come from organizational, complex information systems like the ERP integrate the data of all business areas within the organization. The implementation of ERP is a difficult process as it involves different types of end users. Based on literature, we proposed a conceptual framework and examined it to find the effect of some of the individual, organizational, and technological factors on the usage of ERP and its impact on the end user. The results of the analysis suggest that computer self-efficacy, organizational support, training, and compatibility have a positive influence on ERP usage which in turn has significant influence on panoptic empowerment and individual performance.

Keywords: factor, influencing, enterprise, system

Procedia PDF Downloads 335

Authors: Serzhan Ashirov, Dana Nour, Rafat Rob, Khaled Alotaibi

Abstract:

There has been a fast growth in the introduction and use of communications, information, monitoring, and sensing technologies. The new technologies are making their way to the Industrial Control Systems as embedded in products, software applications, IT services, or commissioned to enable integration and automation of increasingly global supply chains. As a result, the lines that separated the physical, digital, and cyber world have diminished due to the vast implementation of the new, disruptive digital technologies. The variety and increased use of these technologies introduce many cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and members of the supply chain operation. US department of energy considers supply chain in the IR4 space to be the weakest link in cybersecurity. The IR4 identified the digitization of the field devices, followed by digitalization that eventually moved through the digital transformation space with little care for the new introduced cybersecurity risks. This paper will examine the best methodologies for securing the electrical substations from cybersecurity attacks due to supply chain risks, and due to digitization effort. SCADA systems are the most vulnerable part of the power system infrastructure due to digitization and due to the weakness and vulnerabilities in the supply chain security. The paper will discuss in details how create a secure supply chain methodology, secure substations, and mitigate the risks due to digitization

Keywords: cybersecurity, supply chain methodology, secure substation, digitization

Procedia PDF Downloads 37

Authors: Nathaniel Evans, Jessica Boersma, Kenneth Kass

Abstract:

With technology and STEM fields growing every day, there is a significant projected shortfall in qualified cybersecurity workers. As such, it is essential to develop a cybersecurity curriculum that builds skills and cultivates interest in cybersecurity early on. With new jobs being created every day and an already significant gap in the job market, it is vital that educators are pro-active in introducing a cybersecurity curriculum where students are able to learn new skills and engage in an age-appropriate cyber curriculum. Within this growing world of cybersecurity, students should engage in age-appropriate technology and cybersecurity curriculum, starting with elementary school (k-5), extending through high school, and ultimately into college. Such practice will provide students with the confidence, skills, and, ultimately, the opportunity to work in the burgeoning information security field. This paper examines educational methods, pedagogical practices, current cybersecurity curricula, and other educational resources and conducts analysis for false assumptions and developmental appropriateness. It also examines and identifies common mistakes with current cyber curriculum and lessons and discuss strategies for improvement. Throughout the lessons that were reviewed, many common mistakes continued to pop up. These mistakes included age appropriateness, technology resources that were available, and consistency of student’s skill levels. Many of these lessons were written for the wrong grade levels. The ones written for the elementary level all had activities that assumed that every student in the class could read at grade level and also had background knowledge of the cyber activity at hand, which is not always the case. Another major mistake was that these lessons assumed that all schools had any kind of technology resource available to them. Some schools are 1:1, and others are only allotted three computers in their classroom where the students have to share. While coming up with a cyber-curriculum, it has to be kept in mind that not all schools are the same, not every classroom is the same. There are many students who are not reading at their grade level or have not had exposure to the digital world. We need to start slow and ease children into the cyber world. Once they have a better understanding, it will be easier to move forward with these lessons and get the students engaged. With a better understanding of common mistakes that are being made, a more robust curriculum and lessons can be created that no only spark a student’s interest in this much-needed career field but encourage learning while keeping our students safe from cyber-attacks.

Keywords: assumptions, cybersecurity, k-12, teacher

Procedia PDF Downloads 134