Figure 1 - available via license: CC BY
Content may be subject to copyright.
Source publication
The new age “digital age” is bringing rapid change in the form of connections, integration, supply chain management, models and much more. As a result, security is a big business, securing critical data, operations, the customer profile is beyond the four wall of physical security. It is therefore essential to re-look on the definition of security...
Context in source publication
Context 1
... cryptic attack exposes the vulnerabilities and stark realities of how a worm could cause enormous damage in very little time. Reports indicate that WannaCry caused extensive damage including critical infrastructures like hospitals, railway systems, and telecommunication networks spread across 100 countries globally (Figure 1). Kaspersky reported that Russia was the worst hit with approximately 60% of infected systems and many other nations like Ukraine, Taiwan, India, China, Romania, Spain, Egypt, Brazil, Spain, Italy. ...
Similar publications
This study delves into the intricate intersection of human behavior, cognition, and technology within the cybersecurity domain, aiming to enhance our understanding of the human-centric challenges influencing the effectiveness of cybersecurity measures. The primary objective is to unravel the nuanced landscape where human errors persist as a signifi...
Artificial Intelligence (AI) is becoming a key technology for space applications. Recently, AI has come into extensive use in spacecraft operations, for example to support highly efficient operations of satellite constellations. This ranges in applications from relative positioning, Earth Observation, autonomous navigation, and end-of-life manageme...
![Figure 1: Illustrates Digital Economy Fact of Indonesia [18]](profile/Miftahul-Ulum/publication/326155837/figure/fig1/AS:644288320917512@1530621714559/Illustrates-Digital-Economy-Fact-of-Indonesia-18_Q320.jpg)
In 2013, Indonesia topped China and was acknowledged as the country with the highest rate of cyber attack traffic, in which with its 1,6 percent share of world Internet users, Indonesia contribute 38 percent of the total cyber attack in the world. Furthermore, as one of large emerging economic countries, Indonesia will definitely more rely on the u...
We present an approach to decision support in cybersecurity with respect to cyber threats and stakeholders' requirements. We approach situations in which cybersecurity experts need to take actions to mitigate the risks, such as temporarily putting an IT system out of operation, but need to consult them with other stakeholders. We propose a decision...
Cyber resilience is an active research area offering a novel approach to Cyber Security. The term appeared due to the concerning number of cyber-attacks on critical infrastructure. The National Institute of Standards and Technology (NIST) developed a framework to assist organisations with techniques and approaches to improving cyber resilience. How...
Citations
... The cost of the absence of cyber security is also related to the protection of economic values and gains. Theoretically, in all cyber attacks, the party organizing the attack wants to gain economic, political or strategic advantage [37,38] . All these values are identified with the economy in today's global societies. ...
This research aimed to analyze the effects of international law differences on cyber security and artificial intelligence applications. Content analysis and descriptive scanning models were used in the research. A PESTEL analysis was conducted to evaluate the political, economic, social, technological, environmental and legal effects of international law differences on cyber security and artificial intelligence applications. According to the results obtained, differences in international law have negative political and economic effects both on the establishment and implementation of cyber security and on the maintenance of artificial intelligence applications in daily life. On the other hand, in social, technological, environmental and legal terms, international legal differences have positive effects on the continuity of cyber security and artificial intelligence applications and have a developing and driving force. It can be stated that there is an increasing need for studies, field practices and collaborations, especially in the field of international law, and that it is necessary to support the studies to be carried out in this field.
... Respectively, companies encounter international challenges of enhancing cybersecurity in fear that exposure could result in financial damages. As a result, limited companies publish their records on possible breaches (Venkatachary et al., 2017). Further investigation should involve data including fear of exposure presented by companies that withhold data breach information in concern of financial losses (Venkatachary et al., 2017). ...
... As a result, limited companies publish their records on possible breaches (Venkatachary et al., 2017). Further investigation should involve data including fear of exposure presented by companies that withhold data breach information in concern of financial losses (Venkatachary et al., 2017). Research should examine if cybersecurity and data privacy regulations improve this phenomenon and if they truly prohibit organisations from withholding data breach incidents. ...
... The study not only analyzes economics but also proposes a mechanism and highlights the importance of global security coordination to decrease the likelihood of attacks. (Venkatachary, 2017). ...
A transforming economy undergoes several transformations including digitalization. The 21st-century economy must be driven on the wheels of digital technologies that cannot be wished away. This requires protecting vital information in the digital space with an increasing number of actual cyber-attacks and cyber frauds. The economy remains the base of any society and determines its level of development, any form of compromise in this institution spells doom for its various organizations or arms. There is a need to protect vital information which is key to development in any sector. Therefore, the paper interrogates the importance of securing cyberspace, especially in developing economies. Some prevalent cybersecurity threats include; malware that attacks information systems, information theft, and fraud in cyberspace. It becomes imperative that companies, organizations, individuals, and governments envisage security threats to their vital information and that of their clients and customers; and be proactive in adopting security measures and policies that will ensure the integrity of their information systems and reduce the cost of systems’ compromise.
... Cyber security has become a matter of global interest and importance due to the role it plays in everyday life, both at a personal and non-personal level, see, for example, papers by Lallie et al. (2021); Ghelani (2022); Venkatachary et al. (2017); and Taherdoost (2022). In particular, the frequency of cyber attacks is continuously rising, as evidenced by several papers in the literature. ...
Cyber security importance has escalated globally, driven by its pivotal role in shaping daily life, encompassing both personal and non-personal aspects. Cyber security breach probability functions play a crucial role in comprehending how cyber security investments affect vulnerability to cyber attacks. These functions employ mathematical models to guide decision making in cyber risk management. Thus, studying and improving them is useful in this context. In particular, using these models, this article explores the effectiveness of an integrated risk management strategy that merges insurance and security investments, aiming to minimize overall security expenses. Within this strategy, security investments contribute to reducing the insurance premium. This research investigates the optimal investment for this blended approach under total insurance coverage. When the integrated risk management strategy combining insurance and security investments is deemed the optimal choice, this paper reveals that the insurance premium tends to be the dominant component in the overall security expense in the majority of cases. This implies that the cost of insurance outweighs the cost of security investments.
... Therefore, it is crucial to prioritize and implement effective cyber-attack mitigation strategies while also considering their potential economic and psychological impacts. [5]. ...
The emergence of the communication infrastructure in power systems has increased the variety and sophistication of network assaults. Intrusion Detection Systems’ (IDS) importance has increased in relation to network security. IDS, however, is no longer secure when confronted with adversarial examples, and attackers can boost assault success rates by tricking the IDS. As a result, resilience must be increased. This paper assesses the Decision Tree, Logistic regression, Support Vector Machines (SVM), Naïve Bayes, K-Nearest Neighbours (KNN), and Ensemble’s effectiveness. Using the WUSTL-IIoT-2021 dataset and WUSTL-IIoT-2018 dataset, we train the algorithms on the unmanipulated dataset and then train the algorithms on the manipulated dataset. Per the simulation results, the accuracy and prediction speed drop on the manipulated dataset while the training time rises.
... However, during the last decade CPSs (e.g., the electric power system) have been increasingly targeted by cyber attacks [2,3]. A successful cyber attack on power system infrastructure can lead to severe service disruptions, economic losses and physical infrastructure damage [3]. ...
... However, during the last decade CPSs (e.g., the electric power system) have been increasingly targeted by cyber attacks [2,3]. A successful cyber attack on power system infrastructure can lead to severe service disruptions, economic losses and physical infrastructure damage [3]. The general vulnerability of the power system infrastructure and the severity of the impact of cyber attacks are shown, for example, by the successful cyber attacks on Ukrainian distribution system operators starting in late 2015. ...
Successful cyber attacks on power systems cause severe disruptions. One possible manipulation strategy is the utilization of distributed energy resources (DERs) to disturb power system operation. In addition to the impact on bulk power system frequency, local cascading effects caused by DER control and protection can increase the severity of this strategy. To investigate these effects, manipulation scenarios including the disconnection as well as the manipulation of active (P) and reactive power (Q) setpoints of DERs are derived. The impact is analyzed using time-domain simulations and quantified using assessment criteria such as voltage band violation and plant protection triggering. Though DER disconnection leads to high amounts of lost P injection the manipulation of Q setpoints offers potential to disconnect additional DERs through local cascading effects. To mitigate the impact of the manipulation scenarios automated tap changer operation as well as a limitation of remotely accessible Q is suitable.
... Integrated network infrastructure offers a more comprehensive platform for critical data storage and computation. Since sensitive information is being processed, network interaction must be protected with suitable cybersecurity [1,7]. Various security measures have been implemented to safeguard web-based networking against cyberattacks, including virus protection, user security mechanisms, firewalls, and authorization approaches. ...
... On utilizing such a technique, risk in the workplace is systematically assessed and managed. We have previously stated that cyber security is a crucial problem that instantaneously impacts mechanisms and dynamic assessments [7][8][9][10]. Experts can make quick judgments depending on network assessment in a stable cyber environment. ...
Massive reliance on practical systems has resulted in several security concerns. The ability to identify anomalies is a critical safety feature enabled by anomaly diagnostic techniques. The construction of a data system faces a significant issue in cyber security. Because of the exploitation of valuable data, cybersecurity impacts the privacy of such data. Attack incidents must be examined using an appropriate analytics approach in elevating the safety level. Design of advanced analytical, conceptual model creation gives practical guidance and prioritizes threats/attacks across the network system. There is now substantial effectiveness in attack categorization, and evaluation through Convolution Neural Network (CNN) based classifiers. In light of the drawbacks of previous approaches, this research proposes an approach relying on the Deep Learning (DL) strategies for cyberattacks detection and categorization in the context of cyberspace incidents. Likewise, this article presents an XGBoost Regression Classifier (XRC) using Inception V4 to address those restrictions. XGBoost refers to Extreme Gradient Boosting, a decentralized gradient-boosted decision tree (GBDT) supervised learning framework that is robust and can be used in a decentralized context. XGBoost is a well-known machine learning technique because of its ability to produce outstanding accuracy. The concepts of both XGBoost and Regression classifiers are integrated and represented as a suggested hybridized classifier, which is implemented in Inception V4 to further train and test the model. The proposed XRC categorizes and forecasts several common types of network cyberattacks that includes Distributed Denial of Service (DDoS), Phishing, Cross-site Scripting (CS), Internet of Things (IoT). The sigmoidal function is used as a supportive activator to the hybridized classifier to lower the erroneous ratio and increase the effectiveness. Research shows that training and testing errors were substantially decreased when using XRC. In 9 out of 13 instances, over 97% of threats are detected by the XRC, and over 75% of threats are detected in its most challenging datasets.
... In the case of a static environment, the admin able to take decisions with network assessment for the decision-making process in CPS. Even this provides accurate, and evaluation of problems associated with cybersecurity those requires for static factors to maintain system [6], [7]. In the case of a sophisticated attack environment, IoT cyber system demands an effective mechanism to evaluate the management of risk. ...
Cyber-Security in the Internet of Things (IoT) is a major concern for information exploitation which hinder the growth of information system. To address security levels and issues, security risk assessment is considered an effective tool for system security, products, process, and readiness. Effective system vulnerabilities guidance is involved in the prioritization of security risk assessment. At present, the differential equation provides a significant tool for risk assessment. However, for second-order derivatives, the error rate is higher which impacts on overall risk assessment model. To overcome those limitations, this paper presented Decision Support Light Weight Risk Assessment Model (DSLiRAM). The proposed DSLiRAM is the domain-specific framework for security assessment. The proposed DSLiRAM is adopted in four stages for the specification of practices applied for cybersecurity and organizational characteristics. The proposed DSLiRAM includes a fuzzy differential equation with a second-order derivative. To minimize error rate Taylor series expansion is integrated with Fredholm for risk assessment. The proposed DSLiRAM is examined in three scenarios, RT server, BPCS, and HMI. Analysis of results stated that the proposed DSLiRAM significantly predicts risk and prevents the attack.
... O&G establishments are composed of a complex infrastructure, and many more industries depend on this sector. It serves as the backbone of any society, and there are many essential services dependent on this sector (transportation, aviation, defense, etc.); therefore, the unavailability of these services may cause more ripple effects to the whole economic landscape of the country [37]. Due to the increasing need for data management and system integration, computers and ISs have become necessities for critical infrastructures (CIs). ...
... O&G organizations need to pay more attention to controlling human-security breaches to achieve effective system information security [37]. It has been noted that O&G organizations suffer from heavy security breaches not due to technological errors but due to an inefficient security culture, a lack of security awareness, and poor security management practices within the organization [40]. ...
... O&G companies are high revenue and less protected organizations. Most of the employees are not well addressed and are motivated towards protecting their companies' [37]. Research shows the existence of security policy, and its awareness, plays a vital role in organizations. ...
Information security attacks on oil and gas (O&G) organizations have increased since the last decade. From 2015 to 2019, almost 70 percent of O&G organizations faced at least one significant security breach worldwide. Research has shown that 43 percent of security attacks on O&G organizations occur due to the non-compliant behavior of O&G employees towards information security policy. The existing literature provides multiple solutions for technical security controls of O&G organizations. However, there are very few studies available that address behavioral security controls, specifically for O&G organizations of developing countries. The purpose of this study is to provide a comprehensive framework for information security policy compliance (ISPC) for the O&G sector. A mixed-method approach is used to develop the research framework. Semi-structured interviews from O&G specialists refined the developed framework. Based on qualitative study a survey questionnaire was developed. To evaluate the research framework, structural equation modeling was applied to a sample of 254 managers/executives from 150 Malaysian O&G organizations. The obtained test results confirmed the proposed research model, according to which good social bonding among employees plays a critical role in improving ISPC. However, there was less support for the notion that all organizational governance factors significantly improve the social bonding of Malaysian O&G organizations employees. This paper contributes to the current information system (IS) literature by exploring the interrelationships among organizational governance, social bonding, and information security policy compliance (ISPC) in Malaysian O&G organizations.
... O&G establishments are composed of a complex infrastructure, and many more industries depend on this sector. It serves as the backbone of any society, and there are many essential services dependent on this sector (transportation, aviation, defense, etc.); therefore, the unavailability of these services may cause more ripple effects to the whole economic landscape of the country [37]. Due to the increasing need for data management and system integration, computers and ISs have become necessities for critical infrastructures (CIs). ...
... O&G organizations need to pay more attention to controlling human-security breaches to achieve effective system information security [37]. It has been noted that O&G organizations suffer from heavy security breaches not due to technological errors but due to an inefficient security culture, a lack of security awareness, and poor security management practices within the organization [40]. ...
... O&G companies are high revenue and less protected organizations. Most of the employees are not well addressed and are motivated towards protecting their companies' [37]. Research shows the existence of security policy, and its awareness, plays a vital role in organizations. ...
Information security attacks on oil and gas (O&G) organizations have increased since the last decade. From 2015 to 2019, almost 70 percent of O&G organizations faced at least one significant security breach worldwide. Research has shown that 43 percent of security attacks on O&G organizations occur due to the non-compliant behavior of O&G employees towards information security policy. The existing literature provides multiple solutions for technical security controls of O&G organizations. However, there are very few studies available that address behavioral security controls, specifically for O&G organizations of developing countries. The purpose of this study is to provide a comprehensive framework for information security policy compliance (ISPC) for the O&G sector. A mixed-method approach is used to develop the research framework. Semi-structured interviews from O&G specialists refined the developed framework. Based on qualitative study a survey questionnaire was developed. To evaluate the research framework, structural equation modeling was applied to a sample of 254 managers/executives from 150 Malaysian O&G organizations. The obtained test results confirmed the proposed research model, according to which good social bonding among employees plays a critical role in improving ISPC. However, there was less support for the notion that all organizational governance factors significantly improve the social bonding of Malaysian O&G organizations employees. This paper contributes to the current information system (IS) literature by exploring the interrelationships among organizational governance, social bonding, and information security policy compliance (ISPC) in Malaysian O&G organizations.
