Search results for: enterprise security

Authors: Dina Magnaye

Abstract:

In the Philippines, the performance of the agricultural sector is gauged through crop productivity and returns from farm production rather than the biodiversity in the agricultural ecosystem. Agricultural development hinges on the overall goal of increasing productivity through intensive agriculture, monoculture system, utilization of high yielding varieties in plants, and genetic upgrading in animals. This merits an analysis of the role of agro-biodiversity in terms of increasing productivity, food security and economic returns from community-based pro-biodiversity enterprises. These enterprises conserve biodiversity while equitably sharing production income in the utilization of biological resources. The study aims to determine how community-based pro-biodiversity enterprises become instrumental in local climate change adaptation and agro-biodiversity conservation as input to local green economic development planning. It also involves an assessment of the role of agrobiodiversity in terms of increasing productivity, food security and economic returns from community-based pro-biodiversity enterprises. The perceptions of the local community members both in urban and upland rural areas on community-based pro-biodiversity enterprises were evaluated. These served as a basis in developing a planning modality that can be mainstreamed in the management of local green economic enterprises to benefit the environment, provide local income opportunities, conserve species diversity, and sustain environment-friendly farming systems and practices. The interviews conducted with organic farmer-owners, entrepreneur-organic farmers, and organic farm workers revealed that pro-biodiversity enterprise such as organic farming involved the cyclic use of natural resources within the carrying capacity of a farm; recognition of the value of tradition and culture especially in the upland rural area; enhancement of socio-economic capacity; conservation of ecosystems in harmony with nature; and climate change mitigation. The suggested planning modality for community-based pro-biodiversity enterprises for a green economy encompasses four (4) phases to include community resource or capital asset profiling; stakeholder vision development; strategy formulation for sustained enterprises; and monitoring and evaluation.

Keywords: agro-biodiversity, agro-biodiversity conservation, local green economy, organic farming, pro-biodiversity enterprise

Procedia PDF Downloads 333

Authors: Arenca Trashani

Abstract:

20 years after its first entrance in a General Assembly of the United Nation’s Resolution, human security has became a very important tool in a global debate affecting directly the whole main rules and regulations in international law and more closely in international human rights law. This paper will cover a very important issue of today at how the human security has its impact to the development of international human rights law, not as far as a challenge as it is seen up now but a tool of moving toward development and globalization. In order to analyze the impact of human security to the global agenda, we need to look to the main pillars of the international legal order which are affected by the human security in itself and its application in the policy making for this international legal order global and regional ones. This paper will focus, also, on human security, as a new and very important tool of measuring development, stability and the level of democratic consolidation and the respect for human rights especially in developing countries such as Albania. The states are no longer capable to monopolize the use of human security just within their boundaries and separated from the other principles of a functioning democracy. In this context, human security would be best guaranteed under the respect of the rule of law and democratization. During the last two decades the concept security has broadly developed, from a state-centric to a more human-centric approach: from state security to respect for human rights, to economic security, to environmental security as well. Last but not least we would see that human rights could be affected by human security not just at their promotion but also at their enforcement and mainly at the international institutions, which are entitled to promote and to protect human rights.

Keywords: human security, international human rights law, development, Albania, international law

Procedia PDF Downloads 723

Authors: Shahnaz Piroozfar, Seyed Arash Halajzadeh, Abouzar Ilkhani

Abstract:

Nowadays, in unpredictable business environments, enterprises face a great challenge to meet customer’s requirements. The performance of an enterprise has a significant impact on its activities and has to be evaluated continuously. One of the most important indicators to evaluate performance is named ‘innovation’. There are various indicators of innovation in the product/service sectors. These cause different innovation types to emerge, in product sectors. Additionally there are basic enablers to these innovation types, including an innovative culture, a customer oriented organizational culture, etc. Also one of these enablers is called enterprise system, which includes: SCM, CRM, ERP, KM etc. Knowledge management as a solution is a necessity in a competitive world. Implementation solutions such as KM are expensive, so enterprises need to answer how KM systems affect different performance indicators like innovation. This paper aims to develop a model to evaluate the impact of KM on innovation in SMEs.

Keywords: innovation, knowledge management, SMEs, enterprise

Procedia PDF Downloads 674

Authors: S. M. Tavakoli Sani, M. Sabbet Moghadam, Y. Khorram Farhadi, Iraj Rezayi Nejad

Abstract:

The concept of national security in Iran is a permanently effective factor in acceptance or rejection of many international obligations. These obligations had been defined according to the type of legislation of Iran in many aspects. Therefore, there are several treaties at international level which requires Iran’s security to come in contact with obligations in these treaties in a way that an obstacle to join to them and their passage in parliament. This issue is a typical category which every country pays attention to be accepted in treaties or to include their national security in that treaties and also they can see the related treaties from this perspective, but this issue that 'what is the concept of Iran’s national security', and 'To what extent it is changed in recent years, especially after Islamic Revolution' are important issues that can be criticized. Thus, this study is trying to assess singed treaties from the perspective of Iran’s national security according of the true meaning of treaty and to investigate how the international treaties may be in conflict with Iran’s national security.

Keywords: treaties, national security, Iran, Islamic Revolution

Procedia PDF Downloads 441

Authors: Nur Imroatun Sholihat, Gresika Bunga Sylvana

Abstract:

Currently, cyber attack became an incredibly serious problem due to its increasing trend all over the world. Therefore, information security becomes prominent for every organization including public sector organization. In Indonesia, unfortunately, Ministry of Finance (MoF) is the only public sector organization that has already formally established procedure to assess its information security adequacy by performing information security audits (November 2017). We assess the implementation of information security audits in the MoF using qualitative data obtained by interviewing IT auditors and by analysis of related documents. For this reason, information security audit practice in the MoF could become the acceptable benchmark for all other public sector organizations in Indonesia. This study is important because, to the best of the author’s knowledge, our research into information security audits practice in Indonesia’s public sector have not been found yet. Results showed that information security audits performed mostly by doing pentest (penetration testing) to MoF’s critical applications.

Keywords: information security audit, information technology, Ministry of Finance of Indonesia, public sector organization

Procedia PDF Downloads 198

Authors: Sidra Shabbir, Ayesha Manzoor, Mehreen Sirshar

Abstract:

The use of the network communication has imposed serious threats to the security of assets over the network. Network security is getting more prone to active and passive attacks which may result in serious consequences to data integrity, confidentiality and availability. Various cryptographic techniques have been proposed in the past few years to combat with the concerned problem by ensuring quality but in order to have a fully secured network; a framework of new cryptosystem was needed. This paper discusses certain cryptographic techniques which have shown far better improvement in the network security with enhanced quality assurance. The scope of this research paper is to cover the security pitfalls in the current systems and their possible solutions based on the new cryptosystems. The development of new cryptosystem framework has paved a new way to the widespread network communications with enhanced quality in network security.

Keywords: cryptography, network security, encryption, decryption, integrity, confidentiality, security algorithms, elliptic curve cryptography

Procedia PDF Downloads 704

Authors: Tamil Chelvi Vadivelu, Nurazean Maarop, Rasimah Che Yusoff, Farhana Aini Saludin

Abstract:

Implementing a remote healthcare system needs to consider many security features. Therefore, before any deployment of the remote healthcare system, a feasibility study from the security perspective is crucial. Remote healthcare system using WBAN technology has been used in other countries for medical purposes but in Malaysia, such projects are still not yet implemented. This study was conducted qualitatively. The interview results involving five healthcare practitioners are further elaborated. The study has addressed four important security features in order to incorporate remote healthcare system using WBAN in Malaysian government hospitals.

Keywords: remote healthcare, IT security, security features, wireless sensor application

Procedia PDF Downloads 274

Authors: Trevor Kroeger, Hayden Williams, Edward Holzinger, David Coleman, Brian Haberman

Abstract:

The network connectivity of medical devices is increasing at a rapid rate. Many medical devices, such as vital sign monitors, share information via wireless or wired connections. However, these connectivity options suffer from a variety of well-known limitations. Wireless connectivity, especially in the unlicensed radio frequency bands, can be disrupted. Such disruption could be due to benign reasons, such as a crowded spectrum, or to malicious intent. While wired connections are less susceptible to interference, they inhibit the mobility of the medical devices, which could be critical in a variety of scenarios. This work explores the application of Light Fidelity (Li-Fi) communication to enhance the security, performance, and mobility of medical devices in connected healthcare scenarios. A simple bridge for connected devices serves as an avenue to connect traditional medical devices to the Li-Fi network. This bridge was utilized to conduct bandwidth tests on a small Li-Fi network installed into a Mock-ICU setting with a backend enterprise network similar to that of a hospital. Mobile and stationary tests were conducted to replicate various different situations that might occur within a hospital setting. Results show that in room Li-Fi connectivity provides reasonable bandwidth and latency within a hospital like setting.

Keywords: hospital, light fidelity, Li-Fi, medical devices, security

Procedia PDF Downloads 77

Authors: Vishnu Pratap Singh Kirar

Abstract:

Wireless sensor network (WSN) is a network of many interconnected networked systems, they equipped with energy resources and they are used to detect other physical characteristics. On WSN, there are many researches are performed in past decades. WSN applicable in many security systems govern by military and in many civilian related applications. Thus, the security of WSN gets attention of researchers and gives an opportunity for many future aspects. Still, there are many other issues are related to deployment and overall coverage, scalability, size, energy efficiency, quality of service (QoS), computational power and many more. In this paper we discus about various applications and security related issue and requirements of WSN.

Keywords: wireless sensor network (WSN), wireless network attacks, wireless network security, security requirements

Procedia PDF Downloads 456

Authors: El Miloudi Djelloul

Abstract:

Based on analysis on applications by perception control technology in computer network security status and security protection measures, from the angles of network physical environment and network software system environmental security, this paper provides network security system perception control solution using Internet of Things (IOT), telecom and other perception technologies. Security Perception Control System is in the computer network environment, utilizing Radio Frequency Identification (RFID) of IOT and telecom integration technology to carry out integration design for systems. In the network physical security environment, RFID temperature, humidity, gas and perception technologies are used to do surveillance on environmental data, dynamic perception technology is used for network system security environment, user-defined security parameters, security log are used for quick data analysis, extends control on I/O interface, by development of API and AT command, Computer Network Security Perception Control based on Internet and GSM/GPRS is achieved, which enables users to carry out interactive perception and control for network security environment by WEB, E-MAIL as well as PDA, mobile phone short message and Internet. In the system testing, through middle ware server, security information data perception in real time with deviation of 3-5% was achieved; it proves the feasibility of Computer Network Security Perception Control System.

Keywords: computer network, perception control system security strategy, Radio Frequency Identification (RFID)

Procedia PDF Downloads 413

Authors: Luna Shamieh

Abstract:

Various players are part of the game in an asymmetric war, all making efforts to provide human security to their own adherents. Although a fragile state is not able to provide sufficient and comprehensive services, it still provides special services and security to the elite; the insurgents as well provide services and security to their associates. The humanitarian organisations, on the other hand, provide some fundamental elements of human security, but only in the regions, they are able to access when possible (if possible). The counterinsurgents (security forces of the state and intervention forces) operate within a narrow band defined by the vision of the responsibility to protect and the perspective of the resolution of the conflict through combat; hence, the possibility to provide human security is shaken at this end. This article examines how each player provides human security from the perspective of freedom from want in order to secure basic and strategic needs, freedom from fear through providing protection against all kinds of violence, and the freedom to live in dignity. It identifies a vicious cycle caused by the intervention of the different players causing a centrifugal force that may lead to disintegration of the nation under war.

Keywords: asymmetric war, counterinsurgency, fragile state, human security, insurgency

Procedia PDF Downloads 310

Authors: Naveed Ghani

Abstract:

With the arrival of higher speed communication links and mature application running over the internet, the requirement for reliable, efficient and robust network designs rising day by day. Multi-Protocol Label Switching technology (MPLS) Virtual Private Networks (VPNs) have committed to provide optimal network services. They are gaining popularity in industry day by day. Enterprise customers are moving to service providers that offer MPLS VPNs. The main reason for this shifting is the capability of MPLS VPN to provide built in security features and any-to-any connectivity. MPLS VPNs improved the network performance due to fast label switching as compare to traditional IP Forwarding but traffic classification and policing was still required on per hop basis to enhance the performance of real time traffic which is delay sensitive (particularly voice and video). QoS (Quality of service) is the most important factor to prioritize enterprise networks’ real time traffic such as voice and video. This thesis is focused on the study of QoS parameters (e.g. delay, jitter and MOS (Mean Opinion Score)) for the real time traffic over MPLS VPNs. DiffServ (Differentiated Services) QoS model will be used over MPLS VPN network to get end-to-end service quality.

Keywords: network, MPLS, VPN, DiffServ, MPLS VPN, DiffServ QoS, QoS Model, GNS2

Procedia PDF Downloads 398

Authors: Irfan Mohiuddin, Ahmad Al Mogren

Abstract:

In recent years, cloud computing has earned substantial attention in the Oil and Gas Industry and provides services in all the phases of the industry lifecycle. Oil and gas supply infrastructure, in particular, is more vulnerable to accidental, natural and intentional threats because of its widespread distribution. Numerous surveys have been conducted on cloud security and privacy. However, to the best of our knowledge, hardly any survey is carried out that reviews cyber security in all phases with a cloud computing perspective. Moreover, a distinctive classification is performed for all the cloud-based cyber security measures based on the cloud component in use. The classification approach will enable researchers to identify the required technique used to enhance the security in specific cloud components. Also, the limitation of each component will allow the researchers to design optimal algorithms. Lastly, future directions are given to point out the imminent challenges that can pave the way for researchers to further enhance the resilience to cyber security threats in the oil and gas industry.

Keywords: cyber security, cloud computing, safety and security, oil and gas industry, security threats, oil and gas pipelines

Procedia PDF Downloads 118

Authors: Nada Mouchfiq, Ahmed Habbani, Chaimae Benjbara

Abstract:

The security aspect of the IoT occupies a place of great importance especially after the evolution that has known this field lastly because it must take into account the transformations and the new applications .Blockchain is a new technology dedicated to the data sharing. However, this does not work the same way in the different systems with different operating principles. This article will discuss network security using the Blockchain to facilitate the sending of messages and information, enabling the use of new processes and enabling autonomous coordination of devices. To do this, we will discuss proposed solutions to ensure a high level of security in these networks in the work of other researchers. Finally, our article will propose a method of security more adapted to our needs as a team working in the ad hoc networks, this method is based on the principle of the Blockchain and that we named ”MPR Blockchain”.

Keywords: Ad hocs networks, blockchain, MPR, security

Procedia PDF Downloads 149

Authors: Mario Spremic

Abstract:

Despite the financial crisis and ongoing need for cost cutting, companies all around the world heavily invest in information systems (IS) and underlying information technology (IT). Information systems (IS) play very important role in modern business organizations supporting its organizational efficiency or, under certain circumstances, fostering business model innovation and change. IS can influence organization competitiveness in two ways: supporting operational efficiency (IS as a main infrastructure for the current business), or differentiating business through business model innovation and business process change. In either way, IS becomes very important to the business and needs to be aligned with strategic objectives in order to justify massive investments. A number of studies showed that investments in IS and underlying IT resulted in added business value if they are truly connected with strategic business objectives. In that sense proliferation of governance of enterprise IT helps companies manage, or rather, governs IS as a primary business function with executive management involved in making a decision about IS and IT. The quality of IT governance is rising with the large number of decisions about IS made by executive management, not IT departments. The more executive management is engaged in making a decision about IS and IT, the IT governance is of better quality. In this paper, the practice of governing the enterprise IT will be investigated on a sample of the largest 100 Croatian companies. Research questions posed here will reveal if there are some formal IT governance mechanisms, are there any differences in perceived role of IS and IT between CIOs (Chief Information Officers) and CEOs (Chief Executive Officers) of the sampled companies and what are the mechanisms to govern massive investment in enterprise IT.

Keywords: IT governance, governance of enterprise IT, information system auditing, operational efficiency

Procedia PDF Downloads 281

Authors: Widjojo Suprapto, Zeplin Jiwa Husada Tarigan, Sautma Ronni Basana

Abstract:

Business process reengineering can be conducted by some procedure rationalization for all related departments in a company so that all data and business processes are connected. The changing of any business process is used to set up the working standard so that it gives an impact to the implementation of ERP and the company performance. After collecting and processing the data from 77 manufacturing companies, it is obtained that BPR (Business Process Reengineering) has no direct impact on the implementation of ERP (Enterprise Resource Planning) in the companies and manufacturing performance; however, it influences the implementation of TQM. The implementation of TQM influences directly the implementation of ERP, but it does not influence directly the company performance. The implementation of ERP gives a significant increase in the work performance of the manufacturing companies in East Java.

Keywords: enterprise resources planning, business process reengineering, TQM, company performance

Procedia PDF Downloads 179

Authors: Abdulqader Rasool Feqi Mohammed, Ergun Erçelebi̇

Abstract:

A large number of hospitals from developed countries are adopting hospital information system to bring efficiency in hospital information system. The purpose of this project is to research on new network security techniques in order to enhance the current network security structure of save a hospital information system (HIS). This is very important because, it will avoid the system from suffering any attack. Security architecture was optimized but there are need to keep researching on best means to protect the network from future attacks. In this final project research, security techniques were uncovered to produce best network security results when implemented in an integrated framework.

Keywords: hospital information system, HIS, network security techniques, internet protocol, IP, network

Procedia PDF Downloads 400

Authors: Mohsen Rezaee

Abstract:

Although robust security softwares, including anti-viruses, anti-spywares, anti-spam and firewalls are amalgamated with new technologies such as safe zone, hybrid cloud, sand box and etc., and although it can be said that they have managed to prepare highest level of security against viruses, spywares and other malwares in 2012, in fact, hacker attacks to websites are increasingly becoming more and more complicated. Because of security matters developments it can be said it was expected to happen so. Here in this work we try to point out some functional and vital notes to enhance security on the web, enabling the user to browse safely in unlimited web world and to use virtual space securely.

Keywords: firewalls, security, web services, computer science

Procedia PDF Downloads 370

Authors: Nam-Uk Kim, Sung-Hwan Kim, Tai-Myoung Chung

Abstract:

Typical security management systems are not suitable for detecting APT attack, because they cannot draw the big picture from trivial events of security solutions. Although SIEM solutions have security analysis engine for that, their security analysis mechanisms need to be verified in academic field. Although this paper proposes merely an architectural model for APT detection, we will keep studying on correlation analysis mechanism in the future.

Keywords: advanced persistent threat, anomaly detection, data mining

Procedia PDF Downloads 496

Authors: Luedech Girdwichai, Witthaya Mekhum

Abstract:

This research analyses the factors affecting the success and develops a guideline for self- reliance planning of the entrepreneurs for effective implementation. Samples in this study included 42 awarded winners from the 2nd Sufficiency Economics Philosophy (SEP) National Contest arranged by Office of the Royal Development Projects Board. The results revealed 4 main factors affecting the success as follows: 1) there is a need to encourage unity and cooperation in the enterprise in conducting development plan. 2) The entrepreneur must be a knowledge seeker and lead by example on SEP life. 3) The entrepreneur must be able to apply traditional local wisdom with his present experience and knowledge in defining product identity. 4) The entrepreneur should provide career training for the staffs to develop their competencies. The guideline for self-reliance planning consisted of 4 aspects: 1) Human resource development: the enterprise should develop its staffs especially on integrity, honesty, and public minded. 2) Local community development: there should be a clear target for the local community development. 3) Local community economic development: by encouraging additional incomes through experience sharing. 4) Enterprise development planning: by arranging monthly meeting to conduct the development plan including analysing problems and synthesizing data.

Keywords: potential development, SME entrepreneurs, sufficiency economics philosophy, finance, management

Procedia PDF Downloads 316

Authors: Yuhong Li, Luyu Mao

Abstract:

Globalization has led to an increasingly interconnected international community and transmitted risks to every corner of the world through the chain of globalization. Security risks arising from international conflicts seem inescapable. Some countries have begun to build their capacity to deal with the globalization of security risks. They establish disembedding security mechanisms that transcend spatial or temporal boundaries and promote security cooperation with countries or regions that are not geographically close. This paper proposes four hypotheses of the phenomenon of "risks and security disembedding" in the post-Cold War international society and uses them to explain The United Kingdom’s behavior in the Bosnian War and the Russo-Ukrainian War. In the Bosnian War, confident in its own security and focused on maintaining European stability, The UK has therefore chosen to be cautious in its use of force in international frameworks such as the EU and to maintain a very limited intervention in Bosnia and Herzegovina's affairs. In contrast, the failure of the EU and NATO’s security mechanism in the Russo-Ukrainian war heightened Britain's anxiety, and the volatile international situation led it to show a strong tendency towards security disembedding, choosing to conclude security communities with extra-territorial states. Analysis suggests that security mechanisms are also the starting point of conflict and that countries will rely more on disembedding mechanisms to counteract the global security risks. The current mechanism of security disembedding occurs as a result of the global proliferation of security perceptions as a symbolic token and the recognition of an expert system of security mechanisms formed by states with similar security perceptions.

Keywords: disembedding mechanism, bosnia war, the russian-ukrainian war, british security strategy

Procedia PDF Downloads 54

Authors: Gavin J. Baxter, Mark H. Stansfield

Abstract:

This paper reviews the internal use of blogs and their potential effectiveness as organisational learning tools. Prior to and since the emergence of the concept of ‘Enterprise 2.0’ there still remains a lack of empirical evidence associated with how organisations are applying social media tools and whether they are effective towards supporting organisational learning. Surprisingly, blogs, one of the more traditional social media tools, still remains under-researched in the context of ‘Enterprise 2.0’ and organisational learning. The aim of this paper is to identify the theoretical linkage between blogs and organisational learning in addition to reviewing prior research on organisational blogging with a view towards exploring why this area remains under-researched and identifying what needs to be done to try and move the area forward. Through a review of the literature, one of the principal findings of this paper is that organisational blogs, dependent on their use, do have a mutual compatibility with the interpretivist aspect of organisational learning. This paper further advocates that further empirical work in this subject area is required to substantiate this theoretical assumption.

Keywords: Enterprise 2.0, blogs, organisational learning, social media tools

Procedia PDF Downloads 256

Authors: Redha M. Elhuni

Abstract:

The critical key success factors, which have to be targeted with appropriate change management, are the user acceptance and support of a new Enterprise Resource Planning (ERP) system at the early implementation stages. This becomes even more important in Arab context where national and organisational culture with a different value and belief system, resulting in different management styles, might not complement with Western business culture embedded in the predefined standard business processes of existing ERP packages. This study explains and critically evaluates research into national and organizational culture and the influence of different national cultures on the implementation and reengineering process of ERP packages in an Arab context. Using a case study, realized through a quantitative survey testing five of Martinsons’s and Davison’s propositions in a Libyan sample company, confirmed the expected results from the literature review that culture has an impact on the implementation process and that employee empowerment is an unavoidable consequence of an ERP implementation.

Keywords: enterprise resource planning, ERP systems, organisational culture, Arab context

Procedia PDF Downloads 293

Authors: Yllka Hysaj, Ylberina Hysaj Arifi

Abstract:

Recently, with BREXIT taking place, organizations and employees have been affected in the way of job and employment security. Career-oriented human resources management (HRM) practices are likely to facilitate self-initiated expatriates’ adjustment to the host country. This was related to the career security (job security and employment security), which were missing in their home country and seemed to be important elements to adjust to the host country. The aim of this study is to assess whether the perception of career security by Frances self-initiated expatriates (SIEs) have changed in the wake of the referendum result. Quantitative research method will be used, and the data will be collected through electronic questionnaires. Data will be analyzed through Statistical Package for the Social Sciences (SPSS). The study variables will include an adjustment to the host country, HRM practices, employability, and job security. Predicted results consist that career-oriented HRM practices are positively related to the adjustment to the host country, employability, and job security. However, with Brexit, there might be a negative relationship between career-oriented HRM practices and job security.

Keywords: migration, self-initiated expatriates, Brexit, job security

Procedia PDF Downloads 141

Authors: Michaela Vašková

Abstract:

The paper is focused on the application of the security audit method on the selected objects of the critical infrastructure. The emphasis is put on security audit method to find gaps in the critical infrastructure security. The theoretical part describes objects of the critical infrastructure. The practical part describes using the security audit method. The main emphasis was put on the protection of the critical infrastructure in the Czech Republic.

Keywords: crisis management, critical infrastructure, object of critical infrastructure, security audit, extraordinary event

Procedia PDF Downloads 404

Authors: Omar Moafaq Saleh Aljanabi, Noradiva Hamzah, Ruhanita Maelah

Abstract:

In today’s challenging global economy, which is driven by information and knowledge, risk management is undergoing a great change, as organizations shift from traditional and compartmental risk management to an enterprise-wide approach. Enterprise risk management (ERM), which aims at increasing the sustainability of an organization and achieving competitive advantage, is gaining global attention and fast becoming an essential concern in all industries. Furthermore, in order to be effective, ERM should be managed by managers with high-level skills and knowledge. Despite the importance of the knowledge embedded in, there remains a paucity of evidence concerning how human capital could influence the organization’s ERM. Responses from 116 public listed companies (PLCs) on the main market of Bursa Malaysia were analyzed using Structural Equation Modelling (SEM). This study found that there is a significant association between ERM and organizational performance. The results also indicate that human capital has a positive moderating effect on the relationship between ERM and performance. The study contributes to the ERM literature by providing empirical evidence on the relationship between ERM, human capital, and organizational performance. Findings from this study also provide guidelines for managers, policy makers, and the regulatory bodies, to evaluate the ERM practices in PLCs.

Keywords: enterprise risk management, human capital, organizational performance, Malaysian public listed companies

Procedia PDF Downloads 159

Authors: E. K. Linsenmayer

Abstract:

Traditional international relations theorists define state security, the principal national interest, as a state’s military force. However, many political theorists argue the current definition of security is not comprehensive and therefore, problematic. This paper argues that women’s physical security is not only linked but also necessary to achieve state security. In today’s unipolar political international system, the United States continues to accredit national security to its military. However, in one of the most militarized countries, women remain insecure. Through a case study method of the United States, this paper illuminates a necessary political prescription: the empowerment of women through an inside-out, feminist theoretical approach that makes state security attainable. The research through empirical testing, drawing from several databases, shows the positive effects of women’s physical security on state security. Women’s physical security is defined in terms of equal legal practices, health, education, and female representation in the government. State security is measured by the relative peace of a state, its involvement in conflict and a state’s relations with neighboring states. This paper shows that empowering women, 50% of the world’s population, is necessary for ending the current vicious circle of militarization, war, and insecurity. Without undoing gender power dynamics at the individual and societal level, security at all levels remains unattainable.

Keywords: gender inequality, politics, state security, women's security

Procedia PDF Downloads 180

Authors: Anna Fowler

Abstract:

When considering assets that may need protection, the mind begins to contemplate homes, cars, and investment funds. In most cases, the protection of those assets can be covered through security systems and insurance. Data is not the first thought that comes to mind that would need protection, even though data is at the core of most supply chain operations. It includes trade secrets, management of personal identifiable information (PII), and consumer data that can be used to enhance the overall experience. Data is considered a critical element of success for supply chains and should be one of the most critical areas to protect. In the supply chain industry, there are two major misconceptions about protecting data: (i) We do not manage or store confidential/personally identifiable information (PII). (ii) Reliance on Third-Party vendor security. These misconceptions can significantly derail organizational efforts to adequately protect data across environments. These statistics can be exciting yet overwhelming at the same time. The first misconception, “We do not manage or store confidential/personally identifiable information (PII)” is dangerous as it implies the organization does not have proper data literacy. Enterprise employees will zero in on the aspect of PII while neglecting trade secret theft and the complete breakdown of information sharing. To circumvent the first bullet point, the second bullet point forges an ideology that “Reliance on Third-Party vendor security” will absolve the company from security risk. Instead, third-party risk has grown over the last two years and is one of the major causes of data security breaches. It is important to understand that a holistic approach should be considered when protecting data which should not involve purchasing a Data Loss Prevention (DLP) tool. A tool is not a solution. To protect supply chain data, start by providing data literacy training to all employees and negotiating the security component of contracts with vendors to highlight data literacy training for individuals/teams that may access company data. It is also important to understand the origin of the data and its movement to include risk identification. Ensure processes effectively incorporate data security principles. Evaluate and select DLP solutions to address specific concerns/use cases in conjunction with data visibility. These approaches are part of a broader solutions framework called Data Security Assurance (DSA). The DSA Framework looks at all of the processes across the supply chain, including their corresponding architecture and workflows, employee data literacy, governance and controls, integration between third and fourth-party vendors, DLP as a solution concept, and policies related to data residency. Within cloud environments, this framework is crucial for the supply chain industry to avoid regulatory implications and third/fourth party risk.

Keywords: security by design, data security architecture, cybersecurity framework, data security assurance

Procedia PDF Downloads 61

Authors: Gunjan Saxena

Abstract:

This paper presents case insights from India and Mexico to illustrate how tourism can work as a tool for bringing about peace and prosperity in disadvantaged communities living in peripheral rural localities. A reordering of rural space, given the slow but definite shift from production-oriented activities towards more complex and contested blends of production, consumption and protection indicates clearly that rurality is in flux. Whilst on one hand, there is a predominance of urban interests in the countryside, on the other rurality is boxed and presented for consumption in urban localities. Qualitative data, collected using semi-structured interviews and participant observation, is used in illustrating how creative enterprise is bringing about innovative use of rural ethos and space in response to consumer demands. Overall, this work seeks to contribute to debates on how rurality no longer represents a fixed space of tradition, but is packaged and promoted in a multi-faceted manner to creatively perform for and access tourism markets.

Keywords: rural tourism, creative enterprise, India, Mexico

Procedia PDF Downloads 285

Authors: Kitty Kioskli, Nineta Polemi

Abstract:

Evaluating the levels of cyber-security risks within an enterprise is most important in protecting its information system, services and all its digital assets against security incidents (e.g. accidents, malicious acts, massive cyber-attacks). The existing risk assessment methodologies (e.g. eBIOS, OCTAVE, CRAMM, NIST-800) adopt a technical approach considering as attack factors only the capability, intention and target of the attacker, and not paying attention to the attacker’s psychological profile and personality traits. In this paper, a socio-technical approach is proposed in cyber risk assessment, in order to achieve more realistic risk estimates by considering the personality traits of the attackers. In particular, based upon principles from investigative psychology and behavioural science, a multi-dimensional, extended, quantifiable model for an attacker’s profile is developed, which becomes an additional factor in the cyber risk level calculation.

Keywords: attacker, behavioural models, cyber risk assessment, cybersecurity, human factors, investigative psychology, ISO27001, ISO27005

Procedia PDF Downloads 129