Globally, the Internet is one of the fast-growing technology platforms marked with continuous and rapid innovations. The information and communication technology (ICT) infrastructure has significantly contributed to digitalization. The rising demand for the Internet and connectivity has inspired computer technology integration into devices that previously functioned without it, such as automobiles or apartments. Even though new technologies have focused on addressing consumer needs, challenges have been encountered, including cyberattacks (Alashi & Badi, 2020). Many people have gained access to computer systems, the Internet, and related products and services, leading to the emergence of cyber-related threats. In such regards, identity theft and capturing sensitive data via the Internet and fraudulent activities have increased. However, the use of the Internet stretches beyond information infrastructure to other network-based services. The ICT applications are perceived as structures for development because they allow for efficient service delivery. With the right approach, setting, and implementation, ICT can enhance quality and productivity in public and private domains in the United States.
Discussion
ICT has been integrated into daily life activities that have enabled the development of the information society. Through the information society, various opportunities are available for Internet users. For instance, increased open institutions and democracy are enhanced due to unrestricted access to information (Smith, 2017). The growth of the information age has demonstrated a vulnerability in some ICT applications, promoting computer-related crimes. Damages resulting from cybercrime are enormous: malicious software could be accrued $17 billion in the past decade. Recently, revenues from cybercrimes were over $100 billion, which surpassed the illegal drug trade (Atli, 2017). Such considerations indicate the potential threat posed by cyber-attacks in the future. About 60% of businesspersons in the United States are convinced that cybercrimes are costlier than physical crimes. Some malicious software like Stuxnet identified in 2010 was a threat to critical infrastructure (Alashi & Badi, 2020). Stuxnet had over 4000 functions targeting software of computer systems used in controlling sensitive information. Therefore, there is a need to enhance cybersecurity measures to combat cybercrimes and protect ICT infrastructures.
The UN General Assembly highlighted cybercrime as a significant challenge while addressing resolutions on cybersecurity. Cybersecurity improvements are vital to the continuous developments in information technology (IT), national security, and the economy (Smith, 2017). In such regard, the Internet and its user’s safety are core to establishing new services and government policies. However, preventing cybercrime is vital to national security and safeguarding the critical information infrastructure. Adopting a legislative framework against the use of ICT for fraudulent activities undermines the integrity of critical infrastructures (Jang-Jaccard & Nepal, 2014). Nationally, coordination among the government agencies, private firms, and the public is required to prevent, prepare, and respond to cyberattacks. The relevant partners should also cooperate and coordinate on a global scale to mitigate cyber threats (The Heritage Foundation, 2019). For such reasons, formulating and implementing cybersecurity measures necessitate a comprehensive approach. For instance, educating Internet users or developing technical protection systems minimizes the risk of cybercrime.
A coherent global strategy is required for addressing the problems posed by cybercrimes since the legal, institutional, and technical challenges are far-reaching. For instance, the World Summit for the Information Society (WSIS) supported the concept of international cooperation after appreciating the significant risks posed by inadequate cybersecurity and the intensification of cybercrimes. Provisions in the WSIS have established a plan for multi-stakeholder implementation to boost confidence and security in the ICT services and products’ consumption. Such an objective was supported by the Global Security Agenda (GCA) to increase cybersecurity issues (Jang-Jaccard & Nepal, 2014). For example, legal measures should be implemented to report the legislative challenges of crimes over the ICT networks. The law enforcement of the United States should also participate in investigating and prosecuting cybercrimes.
The GCA’s technical and procedural measures emphasize the procedures used in promoting security and risk management in cyberspace. GCA’s organizational structures pursue to prevent, detect, counteract, and manage cyberattacks. Moreover, capacity building has been aimed at increasing awareness, transferring skills, and boosting cybersecurity nationwide. Finally, GCA’s international cooperation indicated the need for a universal approach to addressing cyber threats (Jang-Jaccard & Nepal, 2014). Therefore, adequate legislation can be developed within the GCA approach to enhance cybersecurity.
Conclusion
Overall, the development of the Internet primarily focused on the free flow of information and openness of society instead of security. Such consideration explains the increasing challenge of realizing cybersecurity amid the proliferation of cybercrimes. The information society has been characterized by an unprecedented level of information exchange via the Internet, leading to significant gains in individual liberty, prosperity, and empowerment. Protecting Internet users from malicious activities within cyberspace with no compromise on its openness remains a challenge. Such a concern calls for international cooperation to address cybersecurity issues. A global perspective on cybersecurity is the only viable option since perpetrators and victims of cyberattacks can be anywhere. Through international frameworks, legal, organizational, technical, and capacity-building measures can be implemented to improve cybersecurity and combat cybercrimes.
References
Alashi, S. A., & H. Badi, D. (2020). The role of governance in achieving sustainable cybersecurity for business corporations. Journal of Information Security and Cybercrimes Research, 3(1), 97-112. Web.
Atli, D. (2017). Cybercrimes via virtual currencies in international business. Cybersecurity Breaches and Issues Surrounding Online Threat Protection, 121-143. Web.
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80(5), 97-93. Web.
Smith, A. (2017). Americans and cybersecurity. Pew Research Center: Internet, Science & Tech. Web.
The Heritage Foundation. (2019). The growing threat of cyberattacks. The Heritage Foundation. Web.
Recent research in the area of cybersecurity shows that North Carolina is more and more often affected by more sophisticated attacks that cause damage to numerous areas of human life, from business to education. Some of the recent cases include an attack on a school in the state covered by Gordon and the launch of a cybercrime hotline noted by Coble. Nevertheless, the involvement of the human factor in the discussion of cybercrimes also leaves room for an argument that artificial intelligence could be of help when predicting and preventing cybercrimes (Smith). This emerging topic has to be covered because it could be the key to explaining why North Carolina and other states could switch to the implementation of artificial intelligence instruments instead of capitalizing on human resources. The complexity of fraudulent attacks requires the local cybersecurity agencies to come up with more instruments that might showcase the strength of AI-based solutions and validate the idea described above.
Pro Arguments
The first argument intended to strengthen North Carolina’s approach to protecting people from cybersecurity threats is that artificial intelligence adds to the scalability of the systems where it is employed. The speed of functioning also increases drastically, which might help the machine-based agents follow certain transactions and highlight suspicious operations way before those might be discovered by their human counterparts (Alashi and Badi 104). The increasing pace of online processes has to be maintained by machines since they are never subject to bias or human errors. North Carolina’s administration could also implement a machine learning system in order to have its cybersecurity systems handle even more transactions at once. This kind of instant processing will never be achieved with the help of a call center or the work of a team of cybersecurity specialists who do not use groundbreaking tools. Computerized analytics can be rightfully considered to be the future of fraud prevention.
Accordingly, the second benefit that has to be pointed out when discussing the strengths of artificial intelligence is the possibility of reducing manual labor. Therefore, the increasing number of attacks during the pandemic could be handled with the help of machine learning and have the numerous human workers assigned to less crucial tasks that actually require human judgment (Jang-Jaccard and Nepal 984). In a sense, a single piece of software could substitute hundreds of employees without forcing the institution to lose any of its productive strength. High-level projects would be then completed by humans, and tons of low-level missions would be accomplished with the help of AI-based instruments, creating more room for research and development (Hill 10). The number of menial tasks is not going to diminish, so the state administration should make a rational decision regarding the utilization of artificial intelligence and machine learning and employ these to support existing tools are reduce the pressure put on human employees during the Covid-19 pandemic.
The unmatched benefit of instruments based on artificial intelligence is that all of them are free of biased analysis that is typical of conventional employees. The majority of novel approaches that feature human workers are going to be affected by numerous limitations in the future due to the inherent partiality that cannot be eradicated (Soni 3). Previous experiences work differently with AI-based instruments since there is no subconscious to affect the computerized analysis of online transactions and suspicious operations. The administration could experiment with artificial intelligence and its derivatives in order to see how human workers compare to their digital counterparts. Human judgment will be forever flawed, but computers make no assumptions (Thesmar et al. 747). This should be the key to an accurate analysis assigned to a machine and not a team worker, even if the given human is rather capable and beyond knowledgeable.
Counter-Arguments
The first counter-argument that has to be considered is the high cost of implementation that is going to be affecting groundbreaking solutions at all times. If the State of North Carolina expects to benefit in full from the adoption of artificial intelligence, it will have to hire a complete team of data scientists. The latter would be responsible for developing an in-house system and setting up a production cycle allowing constant updates and revisions (Smith). The increasing amounts of data required to help the machine predict fraud also hint at the additional investments related to storage solutions. The popularity of the cloud and its comparatively safe architecture make it safe to say that the whole network space should be translated into the cloud as well, allowing the administration to step away from legacy systems.
Eventually, the administration of North Carolina would also have to consider the importance of finding a team of individuals who would possess an exceptional level of technical expertise. It would be required to build a complex, data-driven machine learning instrument that will have no significant flaws or gaps that might cause it to malfunction (Ryman-Tubb et al. 144). Under the condition where the implementation procedure itself might cost plenty of money, the development of the model would become even more expensive rather quickly. So as not to get exposed to any of the issues mentioned above, the administration would have to find experts who are closely linked to the notion of machine learning (Hill 10). These individuals should know exactly how to build a flawless iteration of a machine that can predict and prevent fraudulent network activities.
The ultimate counter-argument intended to prevent North Carolina’s administration from deploying an AI-based system to prevent numerous cyberattacks is the inability to collect effective data sets quickly. In other words, machine learning models are currently set up in a way that averts them from functioning if they do not have enough information on a certain threat (Soni 4). It is going to take the team an indeterminate period to cope with the challenges related to data collection and processing, with most end-users remaining without protection throughout that time. There are no easy ways to escape this challenge because of the growing number of transactions that are finalized daily. According to Zhu et al., without relevant information on all the transactions, the team will have no chance to prevent serious cyberattacks even with the help of artificial intelligence (74). The stage of proper machine training cannot be ignored as well, because the lack of experience would increase the number of false positives
Conclusion
Artificial intelligence can be deemed as one of the most important pillars of modern fraud detection. Therefore, human involvement in cybersecurity has to be reduced by a notch in order to help machines spot and destroy such threats without the involvement of any biased reviews or human-factor errors. In the age of the pandemic, the numerous administrations across the State of North Carolina should be willing to escape the principle of capitalizing on classic instruments and focus on the process of innovation. The number of false positives could be significantly reduced with the help of artificial intelligence, which makes it one of the most important digital trends that have to be adopted to slow down the progression of online fraud. Machine-based algorithms are going to be much more reliable than their human counterparts, affecting the overall quality of proposed solutions and reducing North Carolina’s exposure to such critical threats.
Works Cited
Alashi, Shahad, and Dhuha Badi. “The Role of Governance in Achieving Sustainable Cybersecurity for Business Corporations”. Journal of Information Security and Cybercrimes Research, vol 3, no. 1, 2020, pp. 97-112.
Gordon, Brian. “Rise of Ransomware Attacks on NC Schools Hinder Virtual Learning”. Asheville Citizen Times, 2020, Web.
Hill, Charlotte. “Biometrics Becoming Must-Have for Fraud Prevention.” Biometric Technology Today, vol. 2018, no. 1, 2018, pp. 9-11.
Jang-Jaccard, Julian, and Surya Nepal. “A Survey of Emerging Threats in Cybersecurity.” Journal of Computer and System Sciences, vol. 80, no. 5, 2014, pp. 973-993.
Ryman-Tubb, Nick F. et al. “How Artificial Intelligence and Machine Learning Research Impacts Payment Card Fraud Detection: A Survey and Industry Benchmark.” Engineering Applications of Artificial Intelligence, vol 76, 2018, pp. 130-157.
Smith, Aaron. “Americans and Cybersecurity”. Pew Research Center, 2017, Web.
Soni, Vishal Dineshkumar. “Role of Artificial Intelligence in Combating Cyber Threats in Banking.” International Engineering Journal for Research & Development, vol. 4, no. 1, 2019, pp. 1-7.
Thesmar, David, et al. “Combining the Power of Artificial Intelligence with the Richness of Healthcare Claims Data: Opportunities and Challenges.” PharmacoEconomics, vol. 37, no. 6, 2019, pp. 745-752.
Zhu, Xingquan, et al. Fraud Prevention in Online Digital Advertising. Springer International Publishing, 2017.
In the United States, various Departments have been established to provide essential services to the public. One such department is the Department of Homeland Security (DHS), which addresses terrorism, cybersecurity, security, pandemics, and national preparedness. Upon reviewing the DHS Mission Website, it becomes clear that the most critical mission of the department is cybersecurity. This mission is vital in safeguarding the country from malicious attacks by cybercriminals. For instance, databases, financial institution details, or personal data must be protected from individuals seeking to expose such data. This threatens the nation’s security and operations and undermines the trust of consumers who rely on the details. Cyber-attacks can cause significant damage by disrupting service delivery and posing a threat to national security. Therefore, the government must invest more resources to secure information from cybercriminals.
Cybersecurity is evolving rapidly, and DHS’s cybersecurity mission is equipped with models adapting to the ever-changing security and information dynamics. Cyber security plays a critical role across all other missions since any data is a threat to attack (Charlet, 2018). It is important to take immediate action and ensure that critical infrastructure such as water supply, transportation systems, and power grid systems are controlled by computer systems (Homeland Security, 2022). These systems are vulnerable to cyber-attacks that cause severe disruption throughout the states in the US. Additionally, most Americans use the internet to access essential services like online education, telecommunication, and home working (Plan, 2022). Hence, an attack on these platforms can impact the ability of organizations and individuals to access critical services. Therefore, the DHS’s cybersecurity mission is becoming sophisticated, making it crucial to have strong cyber security to encounter cybercrimes to protect Americans.
In conclusion, the task of safeguarding the country’s security, critical infrastructure, and classified data from cyber-assaults through the cyber security mission of the DHS is of paramount significance to all citizens of the United States. The integration of cybersecurity ensures that Americans are protected from losing important information and trust in governmental services. Due to changing dynamics in security and data, cybersecurity is evolving rapidly. The DHS cybersecurity mission is designed with models that adapt to changing dynamics and landscapes.
It seems reasonable to state that by using cyber-attack simulator systems and research, a number of crucial benefits may be attained. First, the development of efficient research practices, as well as training scenarios, may address problems within the scope of human cyber-security, advance the related skills, and contribute to the significant decision-making process. Second, the exploration of human factors in the framework of cyber-security can assist in resolving the issues of understanding a defender’s cognitive state, possibilities for automation, and an attacker’s subjective traits. Third, dynamic malingering that would involve attackers, defenders, and user models could enrich data sets regarding cyber epidemiology and cyber protection (Leblanc et al., 2011). The described benefits might be considered a great advantage in dealing with challenges caused by cyber-attacks. Such a state of affairs allows analyzing these benefits in terms of how they could assist in defining the needs for security within an organization.
Here, it may be claimed that the mentioned cognitive models can give precise projections of behaviors if they are designed and applied appropriately. A model’s peculiarities, processes, and biases will vary depending on the aspects of age, education levels, and network intents. Internal surveys can be conducted in order to figure out essential details about users and defenders, as well as geographical data accompanied by information regarding potential cyber-attacks origins. This would allow an organization to determine the areas of security enhancement effectively. The utilization of advanced computational processes in the framework of cyber-security can serve as an important foundation for precise simulations. The latter, in turn, contributes to a company’s enrichment in terms of experience and theoretical background, which leads to a proper realization of how to address a specific issue. The conjunction of theory and practice in this vein is critical and should be achieved at all levels.
Trend Micro reported that in 2020, the company’s products identified 119,000 cyber threats every minute. The attacks primarily targeted home-based employees and network infrastructure. This and other facts are published by Trend Micro in A constant state of flux: Trend Micro 2020 annual cybersecurity report (Trend Micro, 2021). Among other things, the report reveals that home networking has become one of the most popular targets for cybercriminals in 2020. With their help, attackers tried to gain access to corporate network resources or use home IoT devices for their botnets.
In early June 2021, a cyberattack on the world’s largest meat producer JBS SA caused the shutdown of all US beef factories, which supply nearly a quarter of the US supplies. All of the company’s meat processing plants and regional beef plants were forced to close, and the rest of JBS’s meat processing facilities were malfunctioning (Polansek & Mason, 2021). Then, according to Sharwood (2021), in May 2021, the American auto parts manufacturer Toyota Auto Body, part of the Toyota Motor Group, announced a cyberattack on the company. As a result of the hack, classified information was stolen.
In mid-February 2021, North Korean hackers tried to hack into the computer systems of the pharmaceutical company Pfizer in search of information on a vaccine and technology for treating coronavirus infection (French Press Agency, 2021). Here, it may be noted that both the public and private sectors are affected by cyber-attacks significantly. However, given the fact that the private one seems to be impacted more constantly (CDNetworks, 2021) – and taking into account the examples above – it may have greater insights if compared with the public sector.
There is a number of practices that should be implemented during the development of a company’s cybersecurity. The most critical ones are the utilization of a firewall, documentation of security policies, cybersecurity plans for mobile devices, and educating all employees (Segal, n.d.). It should be claimed that in order to sustain these practices, IT personnel should arrange their roles and functions appropriately. These roles and functions – such as daily updates of cybersecurity software or increasing IT awareness among other employees – may be perceived as a foundation for averting and dealing with cyberattacks within an enterprise.
Then, planning a cybersecurity strategy is another crucial aspect within the scope given. Without a coherent plan, there might be breaches within cybersecurity in the future, and hackers may identify and use them. Among key deliverables that would ensure the effective implementation and transition of this plan seem to be the following. First, it is the adherence to the best practices of cybersecurity. Second, it is a significant extent of awareness among all employees in this regard. Third, it is a sustainable daily routine of cybersecurity enhancement.
Without outside help, government agencies are unable to improve the state of affairs in the field of national cybersecurity. For cybersecurity measures and projects to be successful, strong partnerships must be built between public and private actors. The National Institute of Standards and Technology of the US has developed the System for Strengthening Cybersecurity of Critical Infrastructure through a collective effort through public-private partnerships. As noted in more detail in Section 2.4, the institute has ensured that all stakeholders are involved in the development of the update, thereby encouraging them to adhere to the system’s principles as much as possible (International Telecommunication Union, 2019a). As stakeholders participated in the development of version 1.1 of the system and their suggestions and comments were taken into account, it is more likely that they will adhere to and implement the best practices, guidelines, and standards contained therein.
In the Republic of Korea, the Ministry of Science and Information and Communications Technology developed the 2019 national cybersecurity baseline for the private sector in consultation with relevant stakeholders, including academia, businesses, and civil society organizations. The plan provided for the implementation of two tasks: ensuring the security of cyberspace and the development of the information security industry (International Telecommunication Union, 2019b). Key strategic projects under these efforts have focused on expanding the cybersecurity network, promoting the development of the information security industry, and strengthening the information security infrastructure. Given the rapidly changing ICT environment, the ministry intends to update the plan on an annual basis. In addition, the Republic of Korea’s Public and Private Sector Advisory Board meets twice a year to track progress on the project and identify areas for improvement.
The latter two examples may be considered a great foundation for cybersecurity at different dimensions. Within the corporate environment, such measures could contribute to a considerable degree of awareness about cyber hazards among employees, given comprehensive and consistent provisions fixed at the national level. At the regional level, there can be productive cooperation between various local entities in terms of cybersecurity development as they have effective roadmaps to follow. At the national level, the government could obtain constantly obtain data from companies that can share their cybersecurity insights, which may lead to governmental cybersecurity enhancement.
Leblanc, S., P., Partington, A., Chapman, I., & Bernier, M. (2011). An overview of cyber attack and computer network operations simulation. Proceedings of the 2011 Military Modeling & Simulation Symposium, 2011, 92–100.
First of all, it is worth noting that the legal right for self-defense does not cover cyberspace. This means that a victim of a hacker attack is not allowed to “hack back,” in other words, attack the perpetrator (1). This determines the need for special legal statutes provide governmental regulation in the given sphere. Currently, all 50 states have the laws of such a kind that “encompass a variety of actions that destroy or interfere with normal operation of a computer system” (2). As much as anything else, cybercrime-related laws regularize evidence collection, which should involve the participation of electronic experts and not allow for any privacy right violation (3). Therefore, approaching the crime scene has to be based upon the existing legal considerations.
Steps and Procedures
When collecting digital evidence, it is critical to maintain data originality. This means that a forensic analysis should be a so-called clone, which stands for a copy of the original data collected from the device under analysis (3). After the submission of the evidence to the court, it has to be possible to explain any change from its initial state; ideally, there should not be any. Considering the latter fact, neither transfer process nor the analysis itself presupposes changing the data. Another essential point is the supervision of experts, under which only both evidence collection and investigation can happen. To avoid bias, not only the plaintiff should appoint experts, but other parties as well (3). Finally, in case any electronic data have been destroyed or deleted, it is essential to restore them accurately and without delay.
Crime Scene Analysis
The given diagram represents the workplace of the one who is suspected in hacking. It bears several electronic devices that are to be seized for evidence, notably, a PC, a smartphone, an external media drive, a router, and a wireless access point. All of those may bear traces of the cybercrimes that have been committed by their owner from this location, which has been confirmed by the IP address.
The gadgets to use for accessing the Internet, in particular, the router, as well as the wireless access point, are important for checking whether the detail of the crime involves their MAC-addresses. It is necessary as well to review both the PC and the smartphone for malicious software that enables an access to logins and passwords of users, hence the data protected by them. Finally, data themselves are doubtlessly incontrovertible evidence, which determines the need for examining all present memory devices. In the given case, those are the PC, the smartphone, and the external media drive. In addition, it is essential to check whether the suspect is using cloud storages, which determines the need for examining all devices that allow for surfing the Internet, such as the PC and the smartphone.
To summarize, all 50 states today have legal statutes to enable governmental regulation in the sphere of cyber safety. Investigation on cybercrimes involves collecting electronic evidence, that is, data stored on or accessible from the devices that belong to a suspect along with software installed on them. All evidence should be collected in the presence of experts in order to avoid losing data as well as violating privacy rights.
Ya. Wu et al. 2019. Research on Investigation and Evidence Collection of Cybercrime Cases. Journal of Physics: Conference Series, vol. 1176, no. 4. Web.
The rapid adoption of digital solutions is exposing schools to the cyber-security threat, which is currently the biggest concern that these institutions face as they make a complete shift from the analog to the digital data management system (Chishti & Puschmann, 2018). According to a K-12 Cybersecurity Resource Center (2021) report, a staggering 1,180 incidents have been reported since 2016. A recent Cyber Security of UK institutions found that cyber breaches and malicious attacks were prevalent in both business and education organizations in the last 12 months (Ipsos Synovate, 2020). As technology becomes central to the overall running of educational institutions, it is important to examine the new threat in order to find effective ways of addressing it (Christiansen & Piekarz, 2019).
Nature of Cyberattacks
According to a recent K-12 Cybersecurity Resource Center (2021) report, there has been a dramatic rise in frequent and severe K-12 cyber-attacks in educational institutions. The most prevalent cases involve unauthorized disclosures or breaches, ransomware, Denial of Service (DoS), phishing, hacking, and other attacks that are increasingly becoming severe and frequent. Techno-savvy criminals have perfected the strategy of illegally accessing sensitive data belonging to students, lecturers, specific administrators, or the institution at large with malicious intentions (Grieco et al., 2019). Cybercriminals have been trying to hack into databases of such institutions with the aim of stealing the formula and selling it to other institutions around the world (Tallón-Ballesteros & Chen, 2020). Such intellectual property theft is a major concern to these institutions. Hacking may be targeted at manipulating information in the database of a learning institution. The financial department is always the leading target of these cybercriminals. Their goal is always to steal from the institution using different strategies (Berman et al., 2019). Some criminal-minded students may hack the system and update their payment details with the goal of defrauding the institution. A hacker may target a student’s portal and manipulate data in various ways. Ransomware attacks are also increasingly becoming common, and they often target lecturers and administrators (Erendor & Öztarsu, 2020). Other major threats include Trojans, botnets, wiper attacks, and Distributed Denial of Service.
The Problem
Rapid digitization that has been witnessed in various learning institutions in the Kingdom of Saudi Arabia and around the world over the past decade has exacerbated the problem of cyber-attacks. The problem is that despite the serious danger that cyber insecurity poses to these educational institutions, they do not have the option of moving back from digital to analog data management systems (Nguyen & Reddi, 2020). These institutions have to continue using digital data systems because of the technological changes that have been taking place in the recent past. They have to learn how to manage the threat and operate secure digital platforms that protect learners, teachers, administrators, and institutions.
Factors Exacerbating Cyber Insecurity
Limited budget is a serious challenge that limits the ability of these institutions to fight cybercrime effectively. According to Williams and McDonald (2018), most of these educational institutions cannot afford to set aside a significant amount of their resources to fight cybercrime as they rely hugely on government funding and school fees. The income goes to the payment of staff, purchasing of consumables needed in the institution, and paying other bills. As such, setting aside a significant amount of money to install some of the latest software and pay for highly qualified experts is an issue. In addition, the country still lacks legislation that can help in prosecuting those who steal or manipulate data from these institutions (Kumar, 2020). Cybercriminals may be prosecuted for a misdemeanor, which is a minor offense that cannot deter such actions in the country. The few cyber-security policies that have been enacted do not classify learning institutions as major victims of such attacks. As such, they have not been given priority when defining means and strategies for fighting cybercrime in the country. The cyber-security threat has worsened the tendency of students and staff to use personal devices such as personal computers, iPads, tablets, or smartphones to access these sensitive databases. Criminals take advantage of these security gaps to access information that they need (Nguyen & Reddi, 2020). Thus, it is necessary to find ways of addressing the problem to ensure that these institutions are protected.
Clear Statement of Aim
It is evident that learning institutions in the country and around the world are faced with serious cyber-security threats. As explained above, the problem cannot be solved by walking back technology and reverting to the analog approach to managing data. Instead, stakeholders have to find ways of ensuring that these educational institutions operate without being adversely exposed to cyber insecurity. The aim of this study is to investigate cyber-security threats that these institutions face and develop solutions that they can embrace to ensure that their data is protected from any form of attack.
Objectives
To assess the nature, magnitude, and frequency of cyber-attacks that target educational institutions in the country.
To identify departments that are more vulnerable to these attacks in these institutions.
To determine the impact of cyber-attacks on the normal operations and success of learning institutions in the country.
The Project Plan
When conducting a research project, it is important to define in clear terms tasks specifications and durations that they are supposed to take for them to be completed. The project plan helps in determining how each activity should be taken to enable the researcher to achieve the desired goals. In this section, the researcher defines these tasks and the duration that it will take to ensure that they are completed. The first task of developing the proposal was to take about 11 days, from January 7th to January 18th, 2021. Proposal approval was expected to take about two weeks, from January 20th to February 15th, 2021. Questionnaire development took a relatively short period of two days, from 18th to 20th February 2021, because research questions had been defined. A review of the literature was a continuous process. From January 7th, 2021, when developing the proposal to April 25th, 2021, when writing the final report. Primary data collection took over six weeks, from February 23rd to April 5th, 2021.
Data analysis ng primary data collected from these participants took about two weeks, from 8th to 23rd April 2021. Writing the report and proofing it, which was the last step, took about three weeks, from April 25th to May 17th, 2021. The completed report will then be delivered as per the regulations set by the school and within the time that was specified.
Literature Review
Overview
Based on the review of existing literature on cyber security in an educational institution, this review established that this topic had attracted a lot of attention from researchers and practitioners. This interest manifests in the growing literature on c cyber-attacks covered in this review. However, despite the existence of extensive research in this area, most of the studies focused on cyber-security threats to online learning. Topics such as severity, frequency, impacts, and solutions to this problem are adequately covered. Literature reviews and opinion briefs were the common methodologies, but a few studies used structured questionnaires.
Critical Analysis
The article by Adel et al. (2019) provides a clear picture of e-learning and its growing adoption in higher education institutions. The authors conduct a comprehensive review of existing literature on the online education approach, which helps readers understand the nature, trends, advantages, and limitations of e-learning. This source is relevant to the research because its content helped to provide a strong background to the study. However, the article lacks depth because very few sources are included, and most of them are not current.
In their journal article, Aliyu et al. (2020) advanced a more comprehensive, internet-based framework for analyzing and assessing security vulnerabilities and potential threats in online systems. This study is relevant to the research project because it details an array of cyber threats to educational institutions. Furthermore, the article offers metrics that educational institutions can utilize to measure their competency or maturity in relation to online learning adoption. Besides that, the authors propose a security assessment model, which, unlike other conventional frameworks, incorporates relevant regulations. The major limitation of this study is the lack of primary data.
In this journal article, Coleman and Reeder (2018) provide a nuanced discussion of major reasons why educational institutions need to invest more resources in improving the security and integrity of their information communication systems. The authors draw on a wide range of literature and empirical evidence to support their arguments. In addition, it integrates old and current literature which helps capture current issues and debates on cyber security in learning institutions. However, the authors rely heavily on secondary data and personal opinions, which weaken the validity and reliability of their arguments.
Muniandy et al. (2017) conducted an empirical investigation to examine the current state of cyber security behavior of college and university students in Malaysia. The researchers explored how the learners use passwords and their knowledge about key attacks such as phishing, malware, internet-based scamming, and social engineering. Unlike previous studies, this study employed a structured questionnaire to gather primary data from the participants. Analysis of the collected data revealed that a majority of the learners exhibited unsatisfactory knowledge levels across all five security threats. The use of a structured data collection tool enhanced the validity and reliability of the research results. Furthermore, this instrument enables the researcher to recruit a large sample, which also enhances the overall trustworthiness of the study. However, the rigidity, structured, and non-participatory nature of this tool did not allow the investigators to gain a nuanced understanding of the research problem.
Methodology
Overview of Research Methodology
Limited studies have narrowed down to how local educational institutions in the Kingdom of Saudi Arabia are affected by the problem of constant cyber-attacks. Therefore, this study examined how these institutions are affected by this problem to find ways of developing local solutions. As such, collecting primary data from local stakeholders in the education sector was essential. This chapter explains how participants (subjects) were identified, sampled, and involved in the process of collecting data. The chapter also explains the instrument used in the process of collecting data, the procedure, and the statistical analysis that was conducted to help in answering the research questions. The chapter ends by explaining the challenges faced and ethical considerations that the researcher observed.
Subjects
The researcher had to collect data from stakeholders in the education sector who could explain the cyber-security threats that they have encountered in their normal operations. The researcher used a stratified sampling method to select 50 participants. The first group was the administrators responsible for ensuring that these institutions were running smoothly. The second group was the teachers who are currently using cyberspace and other modern technologies to facilitate the learning process. The third group was learners who are currently using information technology to enable them to acquire new knowledge. The researcher selected two institutions of higher learning to facilitate the process of collecting data from these three groups of respondents.
Instrumentation
It was necessary to develop an instrument to facilitate the process of collecting data from the sampled participants. A questionnaire helps to harmonize the collected data and ensures that every participant is given the same question that can then be used to facilitate the analysis (Politano et al., 2018). It also eliminates cases where a researcher forgets to ask critical questions needed to respond to the main research questions. The researcher developed a questionnaire with three sections. The first part of the questionnaire focused on the demographical factors of the respondents. The second part of the document focused on the experience and academic qualifications of the participants. The last section of the instruments focused on specific issues related to cyber-security threats to educational institutions within the country.
Research Procedure
The process of collecting data from the sampled participants started with seeking permission from the management of the two institutions before contacting individual participants. After that, the researcher reached out to individual respondents to obtain their informed consent. The goal of this study was explained to them, and they were informed of the reason why they were selected. Only those who agreed to be part of this study were engaged in the process of collecting data. The researchers emailed questionnaires to these participants. The email explained how they were expected to respond to the questions. The researchers made a follow-up with every respondent to remind them that the document had been emailed to them and that they were expected to email back the filled questionnaire. The process of collecting primary data took two weeks.
Statistical Analysis
When primary data had been collected from the participant, it had to be processed to help in responding to the research questions. According to Mallette and Duke (2020), one can use qualitative, quantitative, or mixed-method to process primary data. The choice of the method depends on the nature of the questions that have to be answered. In this study, statistical analysis was the most appropriate method of answering questions. The quantitative method used structured questions, and the participants were instructed to select answers that best responded to each of the questions asked. Data obtained from the participants were coded into an excel spreadsheet. The software was then used for the computation and generation of various outputs depending on the nature of the question that had to be answered.
Challenges Faced and Ethical Considerations
The process of collecting primary data was affected by some challenges which are worth discussing at this stage of the report. One of the major challenges was the inability to physically interact with the participants because of the COVID-19 restrictions. Face-to-face interviews were the most preferred approach for collecting primary data and could not be used in this investigation due to COVID-related restrictions. The researcher had to rely on online platforms to gather the needed data. When conducting this study, the researchers were keen on observing ethical considerations. Consistent with Baron and McNeal (2019), the researcher ensured that the identity of those who took part in the study remained anonymous. Instead of using their actual names, they were assigned codes from Participant 1 to Participant 50. The researchers obtained informed consent from each participant before they could start answering the questions. All forms of plagiarism were avoided, and information obtained from secondary sources was referenced accordingly using American Psychological Association (APA) seventh edition style.
Results and Findings
Nature and Magnitude of Cyber-Attacks
Malware attack is the most common cyber-attack at these institutions. It affected all the stakeholders, irrespective of their department. Phishing was the second-most common form of cyber-attack at these organizations. The respondents identified unsecured personal devices as another common problem. Denial of service (D-o-s) and camfecting were the other challenges that these respondents identified. The findings of this study confirmed the high perverse nature of cyber-security threats in the existing literature. An overwhelming majority (94%) of the participants believe that cyber-attacks have a devastating impact on the normal operations of these educational institutions. 38% of the respondents (19 out of 50) stated that cyber-attacks have a highly devastating impact. Another 52% of the respondents (26 out of 50) stated that the impact is devastating, while 4% believed that it is somehow devastating.
Frequency of Attacks and most Affected Departments
An overwhelming majority of the participants (94%) believe that these attacks are frequent at the selected institutions. 50%, 44%, and 4% of the respondents stated that these attacks are highly frequent, frequent, or less frequent, respectively. The finance department is the most vulnerable unit, with 50% of those interviewed identifying it as the most vulnerable department. The administration, research and extension, online learning, academic department, and students’ portals were also at great risk of cyber-attacks.
Impact of Cyber-Attack on Educational Institutions
The biggest impact of these attacks is the loss of financial resources. This finding confirms previous research results showing that most of these cybercriminals are often targeting the finance departments of these organizations. There is also the massive disruption of learning when they attack digital instruments that are meant to facilitate the normal learning process. Personalized attacks on students, the teaching staff, and the non-academic staff may also disrupt the learning environment. Loss of intellectual property is another issue that institutions face when attacked. Some of the respondents felt that when there are such attacks, there would be poor coordination of activities, especially when the communication system is compromised.
Conclusion
Many learning institutions are transitioning from analog to digital data management systems. Online learning is becoming a dominant approach to education delivery due to its cost efficiencies and enhancing access to higher education. This trend is exacerbated by the COVID-19 containment measures. However, these impressive steps have been significantly affected by the continued cyber-attacks that these institutions face. Cyber-attack is a major threat to the success and normal operations of educational institutions. This investigation established that the institutions that were surveyed were not ready to deal with the threat associated with the new system. The attack has led to the loss of finances for these institutions, loss of intellectual property, cases of blackmail, and other forms of online harassment.
Recommendations
The management of educational institutions and policymakers in the country should find a way of addressing the problem of cyber-security threats in the country. They have to put in place policies and infrastructural systems that will ensure that sensitive data for these institutions remain as secure as possible. The following are the steps that they should consider to address this problem:
Every education institution should have internal policies meant to minimize the capabilities of cybercriminals;
They need to invest in emerging technologies meant to protect their databases;
These institutions need to work closely with cyber-security experts to help in monitoring and managing these threats;
The government should enact strict policies that can ensure that cyber criminals are severely punished to discourage such practices;
The government should increase the financial allocations of educational institutions to enable them to fight cybercrime effectively.
Challenges and Future Research
The process of collecting primary data was affected by some challenges which are worth discussing at this stage of the report. One of the major challenges was the inability to physically interact with the participants because of the COVID-19 restrictions. Face-to-face interviews were the most preferred approach for collecting primary data and could not be used in this investigation due to COVID-related restrictions. Furthermore, the pandemic made it difficult to draw a large sample and some participants. As a result, the researcher had to rely on online platforms to gather the needed data. Further research should consider using large samples and studying multiple schools to compare findings. Future research should use face-to-face methods such as personal interviews to gain in-depth knowledge into the nature, frequency, and impact of cyber-attacks in educational institutions.
References
Adel, E., Elsawy, M., & Ahmed, S. (2019). E-Learning using the Blackboard system in light of the quality of education and cyber security. International Journal of Current Engineering and Technology, 9(1), 49-54.
Aliyu, A., Maglaras. L., He, Y., Yevseyeva, I., Boiten, E., Cook, A., & Janicke, H. (2020). A holistic cybersecurity maturity assessment framework for higher education institutions in the United Kingdom. Applied Sciences, 10(1), 1-15.
Coleman, C. D., & Reeder, E. (2018). Three reasons for improving cyber-security instruction and practice in schools. SITE, 26(30), 1020-1024.
Hasan, R. (2017). Protect a university website from the different types of outside attacks. Journal of Advanced Computing and Communication Technologies. 5(4), 109-114.
Muniandy, L., Muniandy, B., & Samsudin, Z. (2017). Cyber security behaviour among higher education students in Malaysia. Journal of Information Assurance & Cyber security, 7(1), 1-12.
Nguyen, T., & Reddi, V. (2020). Deep reinforcement learning for cyber security. Cryptography and Security, 3(1), 1-11.
Due to the rapid development of technology, cybersecurity must keep pace with the pace of growth to maintain a high level of warning and rapid removal of threats. One of the most promising approaches in this area and the field of information technology, in general, is artificial intelligence. AI is the property of intelligent systems to perform functions that were usually considered the prerogative of humans (Haenlein & Kaplan, 2019).
The use of AI in cybersecurity is considered a relatively recent innovation, which, nevertheless, annually increases its share in this market several times, radically changing the traditional approaches to organizing security. The use of AI is regulated by a large amount of documentation, which should take into account the current legislation in the country of use and ethical issues related to AI, many of which have not yet been resolved.
Both the private and public sectors are consistently interested in AI, but they are faced with a stereotype of mistrust in AI. Certification procedures regulate these issues, and given the international popularity of this approach, integration experience is being developed rather quickly. Nevertheless, AI still requires human control, which is gradually developing the idea of “reliable AI,” the definitive version of which is in the design stage (Taddeo et al., 2019). Another argument that claims the danger of AI is its use in cyberattacks or for other personal purposes. In addition, the internal or built-in security of the AI itself is most often provided by other programs or means of protection, making the technology itself defenseless in the event of an attack.
Regardless, machine learning and AI systems capable of learning on their own are highly promising approaches for many business sectors. AI learning and self-learning take place on billions of objects, often unstructured, which can provide security against cyber threats (Chan et al., 2019). In addition, advances in the speed of response to hazards allow AI to determine a problem tens of times faster than a human, and logical analysis makes it possible to cope with most typical ones (Daraj et al., 2019). In addition, most advanced developments provide companies with a ready-made risk analysis and in-depth analytics on many issues, reducing the time and money for attracting human resources.
Using simulation is prevalent in cybersecurity since artificial intelligence trains on a simulated situation using machine learning in cases of typical attacks. The creative moment of a well-designed AI helps in assessing any situation, showing its possible danger. At this stage of the development of AI, intelligent control and assessment by humans are still fully required to prevent security breaches due to the imperfection of AI (Sarker et al., 2021). However, significant financial investments and the race for qualified researchers in this field make it very obvious to predict that innovations and bringing existing developments to a new level will not belong in coming.
The problem of mistrust is already being eliminated thanks to the social implementation of AI – in electric vehicles, in many services of contextual prompts and recommendation systems, in the form of virtual and voice assistants of smartphones and computers, and much more. In my opinion, if cybersecurity researchers develop proactive protection algorithms, then automation of processes using artificial intelligence will capture all possible business industries that can afford to use the new technology. In a pandemic, when the number of personal contacts has decreased, and even most commerce has moved online, cybersecurity is more relevant than ever in the protection of transactions, e-commerce, and the preservation of personal data.
References
Chan, L., Morgan, I., Simon, H., Alshabanat, F., Ober, D., Gentry, J. & Cao, R. (2019). Survey of AI in cybersecurity for information technology management. In 2019 IEEE technology & engineering management conference (TEMSCON) (pp. 1-8). IEEE.
Darraj, E., Sample, C., & Justice, C. (2019). Artificial intelligence cybersecurity framework: Preparing for the here and now with ai. In ECCWS 2019 18th European Conference on Cyber Warfare and Security (p. 132). Academic Conferences and publishing limited.
Haenlein, M., & Kaplan, A. (2019). A brief history of artificial intelligence: On the past, present, and future of artificial intelligence. California Management Review, 61(4), 5-14.
Sarker, I. H., Furhad, M. H., & Nowrozy, R. (2021). Ai-driven cybersecurity: An overview, security intelligence modeling and research directions. SN Computer Science, 2(3), 1-18.
Taddeo, M., McCutcheon, T., & Floridi, L. (2019). Trusting artificial intelligence in cybersecurity is a double-edged sword. Nature Machine Intelligence, 1(12), 557-560.
Open data is a concept of freely available information for everyone without such restrictions as patents, copyright, and other control mechanisms. Open-data champions have objectives similar to those of open movements for other things such as software, hardware, education, government, science, knowledge, and the Internet (“Open data and privacy”, 2016). Open-data tradition is not necessarily a new concept. For instance, there has been the Mertonian tradition of science; however, the term itself is relatively recent. Despite the rise in the open-data movement, there has also been an upsurge in intellectual property rights.
Governments continue to play a vital role in the open data movement. Data.gov was developed under OPEN Government Data Act; this is Title II of Foundations for the Evidence-based Policymaking Act (“Privacy and website policies”, n.d.). The website was launched in 2009 by the US government’s Chief Information Officer; its mission statement is to provide the public with high-value, machine-readable datasets. The data is also supposed to maintain privacy and security (“Privacy and website policies”, n.d.). When getting data to data.gov, federal agencies must conduct an inventory of their data the same way they would record any other asset, such as furniture. They are then required to publish the data assets that are publicly accessible.
The executive branch has a role to play in the open data policy. President Obama 2009 issued a memorandum on transparency and open government; the memo had instructions to the Office of Management and Budget (OMB) to declare an Open Government Directive. The OMB’s role was to help form, draft, and issue directives on the president’s open government orders (“Privacy and website policies”, n.d.). The OMB was also supposed to guide agencies on implementation throughout the executive. In 2019, POTUS signed into law the Foundations for Evidence-Based Policymaking (FEBP). The legislation consists of Open Public, Electronic, and Necessary Government (Title II) legislation; the bill passed Congress in 2018 (“Privacy and website policies”, n.d.). It is a relief to witness significant efforts from the executive branch that is typically sidetracked by politics.
Benefits and Values of Open Data
Open data is valuable information that is available for use and sharing with anyone without restriction. Governments are adopting this new paradigm as a new way to communicate with their citizens. Open data comes with many benefits and values and has opened a recent debate about running government operations (Huston et al., 2019). Citizens will be on the lookout to ensure governments meet certain milestones; as a result, governments will feel the pressure and act accordingly.
Increases Transparency and Accountability
Open data means that members of the public will stay tuned and informed about their local governments’ operations. The open nature of this communication ensures that governments are held accountable for their results (Huston et al., 2019). Citizens can scrutinize their governments’ achievements, and their deficits, and can offer suggestions on further actions. Citizens can pressure their governments if they do not meet goals and objectives; conversely, it can increase trust if they exceed expectations.
Fosters Trust, Credibility, and Reputation
Publicly available data is, typically, transparent; this inherent characteristic enables exposure of certain facets of an organization that are usually hidden. As it is with sharing information on a personal level, this type of arrangement fosters trust and credibility by building an honest conversation between parties (Huston et al., 2019). Through open data, citizens can rest assured that the government is working to deliver its mandate and making decisions in the community’s best interest.
Fosters Progress and Innovation
There is immense value in data being released into the public realm. Open data can provide an opportunity for the development of commercial applications. Open data also widens markets for businesses and can form the basis for new technologies enhancing economic growth (Waxer, 2014). Some organizations that may not have the resources to collect data by themselves can leverage this free data and repurpose it or utilize it for their services. Public data is also crucial for the academic, scientific, public sector, and industrial research in communities (Huston et al., 2019). Open data allows information to be freely available and increases its velocity and value, thus enabling its full exploitation.
Encourages Public Education and Engagement
There are few better ways to educate the citizenry and ensure their participation than enabling free access to information in a user-friendly manner. Anybody can have answers to persistent questions from freely available sources (Huston et al., 2019). Information becomes available as fast as it was collected, enabling citizens to provide immediate feedback; this can help streamline processes for all stakeholders’ benefit. Access to helpful information fosters unity in the community and empowers them to shape their future.
Examples of Open Data Businesses
Many businesses have been built around governments’ free data. An example of this is Yelp; they provide quality and hygiene ratings of restaurants to their customers, using municipal health inspection data. Google also uses General Transit Feed Specification (GTFS) data to enhance their Google Maps so that their users can plan their trips better (“Open data businesses – an oxymoron or a new model?”, n.d.). Although building a business around open data may seem ironic, it has been a successful experiment that has created tremendous value.
Security Challenges Facing the FIOA
The size of public data available is making cybersecurity a complex issue for most companies. Under normal circumstances, a government agency will collect vast amounts of data that are supposed to be available under the Freedom of Information Act (FIOA); these government agencies may have suffered to avail the information to the public before, but technological advancement has eased the process (Vigil et al., 2015). However, this opportunity brings challenges where governments are at crossroads since they must balance the public’s need and right to public information and the concern for the data’s security. Information security refers to the protection of data against unauthorized access, destruction, or modification. Open data systems do not typically release personally identifiable information (PII). The challenge, however, is that enough details may be released that it would be possible to infer the PII (Vigil et al., 2015). Malicious persons may cross-reference different databases to the point of uncovering people’s true identities.
Another challenge facing open data is integrity, where information can be altered and modified without detection. Therefore, it is essential to ensure the correctness of messages to protect against unauthorized alteration; this can be safeguarded against by coding the message such that when altered, the code changes (Vigil et al., 2015). A modification would then be detected by comparing the hash codes of the two files. Availability of information is also a challenge in open data. The question remains whether the providers of access can maintain the availability of data especially given that the data is supposed to be free. Authenticity is a concept in information security that pertains to the verification of the claim of identity. Non-repudiation, on the other hand, refers to the assurance that a person appending a signature cannot deny having signed it.
The government is the primary source of open data and must make data security a priority. The government’s role in open data security is to set the rules; they utilize their legislative power to ensure industry players abide by security and safety regulations. Some areas in which the government has passed laws include the definition of the right to protect PII; an example of such a law is the OMB Memorandum M-07-1616. The government also decides which information is mandatory for organizations to share. Finally, they also offer guidelines on collecting, managing, and disseminating data. According to Boyne (2018), the US currently lacks an all-encompassing single act enacted to protect personal data; however, there are hundreds of laws in different acts. For instance, the Federal Trade Commission Act protects citizens against privacy violations, including false promises of privacy from companies.
Recommendations to Guard FIOA and PII
As much as open data presents a remarkable opportunity for accountability, as discussed, there are challenges of security because some information may be private. Other challenges of data include integrity, availability, and authenticity. The National Institute of Standards and Framework published a Cybersecurity Framework (CSF) in 2014, in response to a presidential directive that called for a standardized framework for vital infrastructure in the US (“NIST cybersecurity framework”, n.d.). The NIST cybersecurity framework is organized into five core functions called the Framework Core. The functions are essential in the management of cybersecurity risk; they are defined as follows (“NIST cybersecurity framework”, n.d.):
Identity: the first step involves developing the organizational understanding to manage potential security risks to assets, systems, data, and capabilities.
Protect: The second step is developing and implementing appropriate measures to ensure critical infrastructural services are delivered.
Detection: The third step involves developing and implementing appropriate activities to manage security events.
Responding: the next step is to implement appropriate procedures when faced with security events.
Recover: the final function is developing and implementing relevant procedures for resilience and restoration capabilities in case of adverse security events.
On top of the above functions, many categories and subcategories provide specific context when referring to other frameworks such as COBIT, ISA, and ISO. The NIST framework also provides tiers that show how well an organization is handling its security threats (“NIST cybersecurity framework”, n.d.). Tier-1 is a partial adoption where cybersecurity is informal and managed in an ad-hoc manner with little awareness. Tier-2 is also called a risk-informed approach where an organization applies some education to their methodology; problems are addressed as they happen.
Tier-3 also called the repeatable approach, involves formalized risk management in an organization with a clear security policy. Tier 4 is called the adaptable approach, which is when an organization will adopt a cybersecurity policy based on lessons learned and also from analytics (“NIST Cybersecurity Framework”, n.d.). An organization implementing this standard will constantly learn from security threats occurring within the organization and share the information with relevant peers. NIST cybersecurity is one of the most powerful frameworks that can help an organization standardize its security management (“NIST cybersecurity framework”, n.d.). An institution can also use this framework when trying to benchmark its security processes.
Many cybersecurity frameworks are developed to provide public sector organizations with guidelines to meet their open data goals while being privacy-aware. The concerned agency will have to conduct a first step of assessing the purpose; data cannot be released for its sake, which means not all data should be released (“Open data and privacy”, 2016). The second step is to conduct a security risk assessment, including assessing the chance of connecting data to individuals.
Summary
Open data is the concept of freely availing data for reuse and sharing without restrictions such as copyright and IP. When this information is available this way, it provides an opportunity for citizens to hold their governments accountable and set a rich precedent world over. Open data has revolutionized the way governments interact with communities. The US government has played an essential role in implementing open data policies, with the executive branch spearheading this initiative. For example, since the passing of the OPEN Government Data Act, the two presidents who have ruled have both signed directives accelerating open data adoption.
The advantages of open data start with increasing the accountability of governments. Besides accountability, there are also economic opportunities, such as developing commercial applications around the data. Open data is also a great way of storing information and performing historical comparisons to discover trends. For a long time, citizens have had a great mistrust of government institutions, but this situation has been assuaged through open data. Governments show that they have nothing to hide, which builds credibility in public institutions.
With great opportunity comes the challenges; open data is hounded by security problems such as privacy, integrity, authenticity, and non-repudiation. There are many frameworks proposed to tackle these issues, one of which is the widely-adopted NIST framework for cybersecurity. The NIST framework provides functions that an organization can adopt in its security management or in benchmarking its existing processes. The important thing for organizations to consider when adopting cybersecurity frameworks is that not all data needs to be shared. The first process in implementing a security management protocol is the non-technical policy part, followed by the technical aspect that involves the adoption of technological solutions.
References
Boyne, S. M. (2018). Data protection in the united states. The American Journal of Comparative Law, 66(suppl_1), 299–343. Web.
Huston, P., Edge, V., & Bernier, E. (2019). Reaping the benefits of Open Data in public health. Canada Communicable Disease Report, 45(10), 252–256. Web.
Open data and privacy. (2016). Citizens-Guide. Web.
Open data businesses—An oxymoron or a new model? (n.d.). Web.
Privacy and website policies. (n.d.). Data.Gov. Web.
Vigil, M., Buchmann, J., Cabarcas, D., Weinert, C., & Wiesmaier, A. (2015). Integrity, authenticity, non-repudiation, and proof of existence for long-term archiving: A survey. Computers & Security, 50, 16-32. Web.
Waxer, C. (2014). Government open data proves a treasure trove for savvy businesses. Computerworld. Web.
The vital nature of the energy sector makes it a target for international cyberattacks, and new, improved cybersecurity infrastructure needs to be developed urgently.
Significance of the Topic
The energy production and supply sector of the United States remains subject to high risks of foreign cyberattacks. Such a development poses serious threats to the national security of the country, as any disruptions of the energy framework compromise the safety of its residents. The stable supply of energy is the key to the normal functioning of American society, as it fuels all essential industries that ensure the vitality of the nation. Communication, transportation, and data analysis are now easier than they have ever been before. Computers can perform complex calculations in a matter of seconds, alleviating the pressure on human operators. However, cyberattacks on the energy infrastructure are capable of causing major blackouts and power interruption, making them a threat of a colossal magnitude. Therefore, it appears vital to research the current and projected avenues of cybersecurity architecture in the U.S. energy sector.
Background of the Issue
The rapid digitalization of the global community has introduced both major benefits and serious risks. According to Jarmakiewicz et al. (2017), the emerging security challenges are conditioned by the continuous integration of vital power resources into the global telecom network. More specifically, this tendency has added a new, intangible dimension to the security of the energy sector. In addition to the physical functioning of a nation’s power grid, the Information Technology aspect is equally to be considered. The benefits of digitalization are expected to make energy more efficient, accessible, controlled, and affordable. However, large-scale cyberattacks often paralyzed the functioning of the digital-dependent power grids, nearly outweighing the advantages of the IT-based approach. For example, in the year 2015, the capital of Ukraine saw a major six-hour blackout that disrupted the life in the city. Sullivan and Kamensky (2017) refer to this case as an ultimate lesson showing the vulnerability of the world’s energy sectors, which includes the United States. Similar attacks on the American power grid appeared to be a matter of time, justifying the need for the rapid development of effective cybersecurity frameworks.
The recent decade has seen a stable increase in terms of the quantity and quality of cyberattacks on critical elements of developed nations’ infrastructures, becoming a pressing concern for the international community. The current infrastructures have become so complex that an attack on one element disrupts the functioning of the rest of the system (United States Government Accountability Office, 2021). Any interruptions in the power supply will also affect healthcare, transportation, communications, defense, and other critical aspects. The U.S. approach to controlling these issues implies adhering to the innovation strategy, which distinguishes the country from many other states promoting obsolete protection principles. However, as Kline (2021) remarks, the U.S. currently possesses the largest interconnected grid in the world, making it a target for malicious attacks from China, Russia, and North Korea. These actions have been intensifying, putting the normal functioning of American society at risk.
To reduce risks, more efforts need to be made at the federal level. Rosson et al. (2019) suggest that the situation requires a strong, urgent, and coordinated response through data sharing and cybersecurity infrastructure rebuilding. Dagoumas (2019) adds that the cybersecurity aspect of the power system should exceed the hacking tools’ development pace and should not be compromised in favor of operational cost-efficiency. To protect the energy sector, the latest anti-hacking instruments need to apply, including firewalls and other detecting systems. Today, the U.S. is strengthening this area, and in the future, this may be protected better due to great attention to the problem of cybersecurity. Changing focus from other countries and an emphasis on domestic issues can improve resilience to such threats.
Rosson, J., Rice, M., Lopez, J., & Fass, D. (2019). Incentivizing cyber security investment in the power sector using an extended cyber insurance framework. Homeland Security Affairs, 15(2), 1-24.
The Padgett-Beale Merger & Acquisition (M&A) squad works under Padgett-Beale’s Chief Information Security Officer (CISO) straight management. Currently, the team is planning to incorporate a new acquisition, Island Banking Services (a non-U.S. firm), into the organization because Island Banking Services had been announced bankrupt after operating for five years. This incident happened after the firm and its brigadiers were involved in a money laundering offense filed at the bankruptcy courts. After the Padgett-Beale Company merged with Island Banking Services, people will regard the resulting company as PBI Financial Support (PBI-FS). According to Crumpler & Lewis, 2019, performing gap analysis is crucial before merging to facilitate more benefits than losses. The gap analysis also enables businesses to improve their profitability, efficiency, and products by analyzing the possible gaps that may interfere with the organization’s processes.
A gap analysis will enable Padgett Beale to be aware of the potential threats that would have invaded the Island Banking Services system, contributing to its bankruptcy through a third party. Involving a third party during a merger and acquisition is important because it will let Padgett Beale know the potential risks before starting operations (Tirumala et al., 2019). The idea of involving a third party is evident in the case study. Padgett Beale includes the bankruptcy courts during its acquisition with the Island Banking Services to help access the firm’s records to resume Island Banking Service’s processes. Organizations involve third parties to reveal their capabilities and influence their external invention.
Supplementary assets purchased by the Padgett-Beale incorporated in the auction include the certificates, software, and hardware mandatory in operating the company’s internal computer networks. Additionally, organizations involve third parties to achieve their objectives, enhance their cybersecurity, and speed up their processes. Padgett-Beale’s primary intention of merging the company was to relocate the call epicenter to a property owned by the company roughly 10 miles from the company’s previous location and opposite the newly released Padgett-Beale resort. Padgett-Beale’s threat manager recommended people amend the plan of merging the Island Banking services with Padgett Beale to operate Island Banking’s services as a wholly supplementary firm for five years. Padgett-Beale’s threat manager viewed this as the best decision instead of instantly integrating the company as Padgett-Beale’s operational element. Merging businesses is important because it increases the market share of the new company and reduces operating costs.
Padgett Beale’s incorporation with Island Bankers Services will also enable PBI-FS to expand its business to a large firm and prevent a possible closure of the new company. In the meantime, the Padgett-Beale Merger & Acquisition (M&A) leader will act as the topmost functional officer of the PBI-FS. Padgett-Beale’s Topmost Statistics Security General will be renamed PBI-FS as the corporation hunts for an enthusiastic CISO for the subsidiary. Padgett-Beale needs to recognize cybersecurity threats and means to mitigate the risks due to the criminal operations that rendered the company bankrupt; financial service industries have regulatory and legal standards that govern them. In addition, before companies merge, they need to secure their accounts to prevent unauthorized access from other users. Therefore, through risk analysis, the company will be able to identify risks (Sapienza et al., 2018). PBI-FS should ensure that it adheres to the regulatory and permitted standards that govern financial systems. This paper proposes the cybersecurity strategies and actions Padgett Beale should take to achieve its requirements.
This paper starts with a gap analysis to help Padgett-Beale recognize the threats transmitted to PBI-FS for the acquirement process. Step 1 outlines the security issues that attacked the Island Banking Services, including ransomware and IoT attacks. Step 2 creates a risk register that highlights the risks stated in step 1. Step 3 reviews the laws and supervisory rules related to the Monetary Facilities industry. Step 5 studies Risk Management and the Cybersecurity Framework in the NIST Cybersecurity Framework. Step 6 develops a Cybersecurity Plan that presents detailed actions that the corporation should take to device recommended risk vindications. Step 7 sets and documents a projected strategy of action and execution timeline that discourses each component of the cybersecurity approach recognized in step 6. Step 8 generates a summary of commendations regarding vindicating the risks acknowledged in steps 1-7. The last part of this paper offers a conclusion and a memorandum that addresses the Merger & Acquisition Team on the strategies they should consider.
Gap Analysis
Cyber threat landscapes are ever-changing, and the cybersecurity controls that function today may not work for the organization tomorrow. Cyber-attacks occur often, and alteration insecurity may lead to losing customers’ confidential information, contributing to financial consequences and an altered reputation. Gap analysis enables companies to identify their network security witnesses to ensure an effective and robust network. Gap analysis allows companies to know what they should engage in by comparing their actual activities against their best practices and issuing insights on how their organization should put correct controls and structures in place. Performing gap analysis correctly enables companies to benefit more than lose (Crumpler & Lewis, 2019). Gap analysis is an in-depth evaluation that allows businesses to distinguish between their present state of information security and industry requirements. Conducting gap analysis enhances companies’ comprehension of their vulnerabilities and cyber-security risks to work closely on the gaps hindering their security. Additionally, gap analysis helps firms improve their services, efficiency, and profitability by knowing the gaps hindering them from achieving their goals. Once a company completes conducting gap analysis, it will emphasize improving the identified gaps.
Step 1: Cybersecurity Issues
Ransomware Attacks
Ransom attacks are malicious software used by cybersecurity criminals to alter an organization’s system. When ransomware infects computers or networks, it prevents the networks from accessing their system by encrypting their data. Ransomware attacks include hacking a user’s information and preventing users from accessing the data without paying a ransom (Sapienza et al., 2018). Ransomware threats are common to individuals, particularly businesses that cannot access sufficient data to run their day-to-day activities. In some circumstances, ransomware attackers do not release data even after users have made payments. Instead, they work hard towards extorting more money from users. Organizations affected by ransomware occurrences have three choices after an attack. First, the organization can either pay for redeeming, eliminate the malware, or revive their devices. Attack vectors often used by coercion Trojans include; software vulnerabilities, phishing emails, and Remote Desktop procedures. Therefore, ransomware attacks can attack both companies and individuals.
Crypto developers regularly add countdowns to their redemption demand; organizations that do not pay their ransom before the deadline lose their files. In addition, due to the high number of individuals who are not aware of the importance of backing up their data in an external physical backup device or the cloud, crypto-ransomware devastating impacts the people. Eventually, many organizations pay the ransom to access their files (Singh & Jain, 2018). Organizations should protect their data against ransomware attacks by avoiding clicking on unsafe links. They should also ensure that they avoid disclosing their information to third parties. Companies should avoid opening suspicious emails, resisting unfamiliar USB sticks, keeping their operating systems and programs updated, using only familiar download sources, and using public Wi-Fi VPN services. Clicking on links available on unknown websites or spam messages may start automated downloads that infect an organization’s systems.
Organizations should not reply to emails asking for their organizational information as cybercriminals may be using the tactic to attack their knowledge, which they later use to send phishing emails to the organizations. In case an organization doubts the origin of an email, contacting the sender is essential. Organizations should also avoid opening dubious-looking files on emails. They must first ensure that the email is trustable by checking if the sender’s address is correct. Infected attachments may run malicious commands that offer malware monitoring of an organization’s computers (Tirumala et al., 2019). Organizations should update their operating systems and programs regularly to eliminate malware attacks.
When conducting updates, organizations should ensure they benefit from the current security batches making it hard for criminals to explore vulnerabilities in their programs. Relying on trustworthy and verified platforms minimizes the risks of ransomware. Organizations can recognize trustable websites by observing trust seals (Tirumala et al., 2019). For instance, organizations should ensure the address pages they are visiting use HTTPS rather than using HTTP. The s in the HTTPS implies that the website is secure. In addition, organizations should be cautious when downloading any attachments. Organizations should also avoid making transactions using public Wi-Fi networks to protect their data against attacks.
IoT Attacks
The devices involved in IoT include mechanical, computing, and digital devices that can transmit data autonomously from one network to another. IoT devices comprise mobile phones, laptops, desktops, and smart security devices, among others. The increasing rate of IoT adoption has increased cyber-security challenges (Tsiknas et al., 2021). Attacks made on IoT devices may lead to the compromising of sensitive client data. Protecting IoT devices is becoming a big challenge because accessing these devices may open doors to malicious attacks. Organizations should update their systems regularly to reduce IoT attacks.
Cloud Attacks
In the contemporary world, many people use cloud facilities for individual and professional purposes. Hacking cloud channels to alter user data is among the cyber-security challenges companies encounter. For instance, exposing users’ private photos poses a massive threat to an organization and may contribute to the collapse of an organization. Organizations should ensure that Multi-Factor Authentication (MFA) is ever for all cloud services (Tirumala et al., 2019). Multi-Factor Authentication provides that stolen passwords alone cannot grant attackers to a company’s critical information. In addition, companies should identify and combine their resources within IT-authorized cloud devices that have been vetted fully for Multi-Factor Authentication support, PII security controls, encryption support, and SOC-2 compliance (Tirumala et al., 2019). Companies should also ensure that all their workers have the least access privileges required to carry out their job. In addition, companies should eliminate stale or unused permissions of workers and external contractors to smoothly minimize their attack surface by reducing the risk of data loss and account takeovers.
Phishing Attacks
Phishing attacks are coordinated engineering attacks that hackers regularly use to rip off user information, such as acknowledgment card numbers and login authorizations. Once the hacker gains access to a user’s confidential information, they use it for their benefit, such as transferring money illegally or shopping online (Singh & Jain, 2018). Phishing attacks are common among hackers because they get an opportunity of exploiting the user’s information until the user realizes it. Organizations should protect their systems against phishing attacks by avoiding clicking on suspicious links and updating their software. They should also avoid sharing their financial or personal information, protect their accounts using Multifactor verification, and avoid clicking on any pop-up links.
Software Vulnerabilities
Advanced software also has vulnerabilities that challenge its cyber-security because the adoption of advanced devices is currently joint compared to the past. Companies and individuals do not update their software because they view it as unnecessary. Nevertheless, updating a business’s software with the latest versions should be prioritized (Singh & Jain, 2018). Old software has a high chance of containing security threats installed by developers in new versions. To reduce software vulnerabilities in organizations, organizations should restrict the number of people accessing their sites, employ solutions that bloc exploitative behaviors, and monitor all logins to recognize Indicators of Compromise (IoC).
Outdated Software
Not all cyber-security challenges come in the form of software threats. Software developers have realized the risks involved in software vulnerabilities. Hence, they are offering periodic updates. Nevertheless, the new updates may not be friendly with the device hardware, contributing to out-of-date hardware. Outdated software lacks ransom protection, disrupts business processes, exposes a system to third-party vendors, and exposes an approach to IoT (IoT) risks (Tsiknas et al., 2021). Organizations should update their software regularly to secure their devices against attacks.
Denial of Service
Denial of service is a cyber-attack that interferes with networks or computers not responding to inquiries. Denial of service attacks shuts down machines and makes them inaccessible by sending information that destroys the machines. In addition, DoS attacks interfere with the services expected by account holders, members or employees. DoS attackers often target highly-performing organizations, including trade organizations, government organizations, media companies, and commerce and banking organizations. DoS attacks do not contribute to the loss of important information or theft but cost organizations money and time to ease the situation. DoS attacks occur by crashing services or flooding the assistance of an organization (Gupta & Agarwal, 2017). Flood attacks happen when an organization’s system receives more traffic that slows down servers and stops them from functioning. Organizations can eliminate DoS attacks by preventing spoofing, limiting broadcasting, streamlining their incident responses, and ensuring all endpoints are protected to eliminate familiar vulnerabilities. In addition, businesses should ensure that their firewalls limit traffic entering their systems, and they should monitor their networks to detect DoS attacks.
Unencrypted Data
Data encryption is an essential part of good cyber-security. Organizations need to encrypt data stored in computers to avoid being accessed by hackers once they steal it. Unencrypted data makes it easy for hackers to access user information and create severe issues for the financial institution (Gupta & Agarwal, 2017). Organizations should encrypt their data to provide security, maintain their integrity, protect their privacy, comply with organizational rules, and protect the data transmitted against other networks.
Manipulated Data
This threat may be complex to detect because financial institutions may incur a lot of dollars. Precisely, data manipulation refers to cyber activities where malicious activities alter, modify, and tweak an organization’s valuable documents and data rather than directly stealing an organization’s data to cause misery to the firm (Gupta & Agarwal, 2017). Organizations can protect themselves against data manipulation by achieving optimal security with a famous cybersecurity paradigm that involves data integrity, endpoint security, manual data monitoring, and encryption.
Spoofing
Spoofing occurs when an invader impersonates a certified user or device to spread malware, intrude into access control systems, or steal data. Spoofing can occur through servers, IP addresses, texts, phone calls, emails, and websites. Usually, spoofing aims at accessing personal information, spreading malware attacks, or stealing money. Scammers will always use spoofing to steal an organization’s identity and assets (Lamba, 2020). The most common types of spoofing include; Caller ID Spoofing, Websites Spoofing, Email Spoofing, Text Message Spoofing, GPS Spoofing, DNS spoofing, ARP spoofing, and IP address spoofing. In Internet Protocol Address spoofing, an attacker manipulates the Internet Protocol (IP) header that the packet looks like from a verified source.
Spoofing lures the target device into enhancing invaders to access sensitive information or accommodating malicious code. Assailants use internet Protocol spoofing to perform attacks like denial-of-service, whereby attackers feed the network with more information than it can handle by sending millions of Internet Protocol Packets from several spoofed addresses. Hackers can also trick the IP address of specific machines into sending several packets of information to other devices on a similar network (Lamba, 2020). Since engines spontaneously send responses once they accept an IP packet, this causes the spoofed machine to get knocked offline. Attackers also use Internet Protocol spoofing to undergo authentication that depends on the IP address of a device. Hackers may trick systems built by organizations to assume particular IP addresses are trustworthy to accept connections from untruthful machines that fake the IP address of a trusted engine.
Address Resolution Protocol (ARP) spoofing can identify legit devices on networks by resolving Internet Protocol addresses to particular Media Access Control (MAC) addresses. During ARP spoofing, attackers send ARP packets to networks, which appear to be from legit devices. Since the devices on a similar network may think the attackers are legit, they may send their data, which attackers use for more attacks (Lamba, 2020). Organizations should protect their systems against attackers by switching on their spam filters. System protection prevents spoofed emails from appearing in their inboxes and examining their communication to detect spoof attacks through observing unusual sentence structures and poor grammar (Gourisetti et al., 2020). Organizations should also confirm the senders of the messages, invest in cyber-security software, and set up two-step verification to reduce spoofing attacks.
Step 2: Risk Register
Risk ID
Risk
Category
Severity
Applicable Laws, Regulations, Standards
Risk Mitigation Strategy (description)
Implementation: Required Technologies, Products, or Services
NIST Cybersecurity Framework Category and Sub Category Identifier (e.g., ID.AM-1)
Sub-Category Description
001
Ransomware Attacks
Process
5
CIS CSC 1
Risk avoidance
PBI-FS should avoid clicking on unsafe links.
ID.AM-1
The company inventory its physical devices and systems within the organization.
002
IoT attacks
technology
3
CIS CSC 4
Risk transfer
Organizations should update their systems regularly to reduce IoT attacks
ID.RA-1
Organizations identify asset vulnerabilities and document them.
003
Cloud attacks
People
4
COBIT 5 DSS01.04, DSS05.05
Risk avoidance
Firms should switch on multifactor Authentication (MFA) for all their cloud services.
PR.AC-2
Physical access to assets is managed and protected
004
Phishing attacks
integrity
2
CIS CSC 1, 5, 15, 16
Risk avoidance
Companies should protect their systems against phishing attacks by avoiding clicking on suspicious links and updating their software.
PR.AC-1
Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users, and processes
005
Software vulnerabilities
Technology
3
COBIT 5 DSS01.04, DSS05.05
Risk mitigation
Firms should restrict the number of people accessing their sites, employ solutions that bloc exploitative behaviors, and monitor all logins to recognize Indicators of Compromise (IoC).
PR.AC-2
Physical access to assets is managed and protected
006
Outdated software
Technology
2
CIS CSC 1, 2, 13
Risk transfer
Companies should update their software regularly to secure their devices against attacks.
PR.DS-4
Adequate capacity to ensure availability is maintained
007
Denial of Service
availability,
2
CIS CSC 8, 12, 15
Risk avoidance
Firms should Prevent spoofing, limit broadcasting, streamlining their incident responses, and ensure all endpoints are protected to eliminate familiar vulnerabilities.
PR.PT-4
Communications and control networks are protected
008
Unencrypted data
confidentiality
4
CIS CSC 1, 7, 8, 12, 13, 15, 16
Avoidance
Organizations should encrypt their data to provide security, maintain their integrity, protect their privacy, comply with organizational rules, and protect the data transmitted against other networks.
DE.CM-1
Companies monitor networks to detect potential cybersecurity events
009
Manipulated data
confidentiality
4
CIS CSC 17, 18
Acceptance
Organizations should achieve optimal security with a famous cybersecurity paradigm that involves data integrity, endpoint security, manual data monitoring, and encryption
PR.AT-1
All users are informed and trained
010
spoofing
People
5
CIS CSC 19
Mitigation
Organizations should protect their systems against attackers by switching on their spam filters to prevent spoofed emails from appearing in their inboxes.
RS.CO-4
Coordination with stakeholders occurs consistent with response plans
Step 3: The Laws and Regulatory Guidance Which Apply To Financial Services Industries and Companies
Law and regulatory guidance which apply to Financial Services Industries and Companies refer to the regulations and laws that govern insolvency, operation, and creation of financial industries. These industries include; security settlement, payment, trading, investment, insurance, broker-dealers, and banks (Rosella et al., 2019). The regulations and laws that govern the industries are statutory (legislation, commodities, securities, and banking laws. Companies design these laws to enhance the soundness and safety of financial companies, consumers, investors, and fiscal stability. Law and regulatory guidance differ from one organization to another. The government restricts some law institutions from issuing financial regulatory guidance to specific financial industries, such as insurance companies and banks (Rosella et al., 2019). Other law firms emphasize bank acquisitions and mergers. Only a few financial firms practice legislative advice and financial regulations, investments, and mergers when the government targets financial institutions, capital market transactions among financial institutions, and enforcement when the perpetrator is a financial firm. Financial regulations and laws also protect organizations from financial fraud.
Statutory (legislation) Laws
Governing bodies enact these and pass them within a financial institution. Organizations use these laws to restrict, declare, sanction, outlaw, authorize, regulate, or provide funds.
Commodities’ Laws
These laws regulate futures trading and all commodity activities and need organizations to exchange commodity options and futures in an organized way. These laws promote transparency, efficiency, and competitive financial markets that protect clients from malicious and fraudulent practices.
Securities Laws
Security laws enable investors to acquire financial and important information offered for securities. Securities laws are essential for financial industries because they provide transparency, allowing the investors to get consistent and accurate information about company profitability. They aim at protecting investors by maintaining efficient, orderly, and fair markets. They also facilitate the formation of capital within the financial industry.
Banking Laws
Banking Laws cover the regulation, liquidation, examination, and operation of financial banks. They discuss the legal necessities that govern structural changes, such as mergers and acquisitions, branching, divestiture expansion, and company information. They also examine the activities of financial banks, such as negotiation and transfer of notes and checks, electronic banking, credit cards, investment, and loans. In addition, banking laws discuss the assessment of financial industries by the regulatory agencies of federal banks. They also examine the influence of national securities and federal income laws.
Step 4: Laws and Regulations Which Apply To All Companies
Sarbanes-Oxley Act
The government implemented the Sarbanes Oxley act due to the unexpected and stunning bankruptcy in 2001. This law deals with the reform of accounting and auditing procedures such as internal controls, and oversight responsibilities of officers and corporate directors. It also deals with conflicts of interest, extraordinary bonuses and compensation disclosure, and insider dealings (Gupta et al., 2018). It also deals with stock analysis, completes an earlier disclosure of activities that impact financial results, and violates disclosure rules (Gorshunov et al., 2020). Additionally, this law requires certification of financial results by the chief executive and the signing of federal income tax files.
SEC Disclosure Obligations
SEC regulations involve publicly owned companies disclosing particular financial and business data categories to the organization’s stockholders and SEC. SEC also necessitates disclosing appropriate financial and business information to reliable investors when novel securities, including bonds and stocks, are issued to citizens (Rosella et al., 2019). However, organizations exempt private placements and minor issues from the disclosure. This regulation also requires publicly owned companies to prepare two yearly reports for the shareholders and the SEC. On top of that, SEC regulations need annual reports to have specific items and verified financial statements.
Generally Accepted Accounting Principles (GAAP)
Generally accepted accounting principles refer to accounting rules that require companies to disclose their audited financial statements. Once companies adopt these rules, they get followed and acknowledged by individuals (King, 2019). Organizations must disclose important information for auditing purposes. Pension details, lease information, mitigation, accounting policies, and financial records are among the information companies have to disclose
IRS Regulations for Business Records
This regulation requires businesses to keep their records until they make income deductions on tax returns, implying that companies must maintain their tax records. These records help businesses monitor their progress, gather financial statements, recognize their income sources, track deductible expenses, track properties, prepare tax returns, and support assets reported on a company’s tax returns (Hodge, 2016). Businesses may choose record-keeping systems that favor their businesses and show their expenses and income clearly. In some circumstances, this regulation does not need particular records from firms. However, enterprises impact the category of records they may require for federal tax commitments. Businesses generate supporting transaction documents such as payrolls, sales, and purchases. The supporting documents of businesses contain crucial information that companies must record in books. Most importantly, this regulation requires businesses to keep their employment tax records for approximately four years.
Reporting Requirements
Reporting requirements are the applicable regulations, rules, laws, directives, instruments, and regulatory requirements that mandate reporting of business transactions. Reports are required to provide crucial details that may improve decision-making, planning, and development of future forecasts. Businesses also use accounts to identify irregularities, and growth and track their progress. In addition, reporting requirements refer to data and information supplied by companies to government agencies. All insurance organizations play a significant role in adhering to reporting requirements. In addition, government agencies use reporting requirements to safeguard companies, policyholders, and investors, who depend on reporting requirements to obtain insurance coverage. Companies that fail to comply with reporting requirements face penalties and punishment.
Step 5: Risk Management and the Cybersecurity Framework in the NIST Cybersecurity Framework
National Institute of Standards and Technology (NIST) aims at supporting and facilitating the advancement of cybersecurity risk structures. NIST must recognize cost-effective, performance-based, repeatable, flexible, and prioritized approaches such as information measures and security control that operators and owners of vital infrastructure may implement to assist in identifying, assessing, and managing cyber risks (Almuhammadi & Alsaleh, 2017). NIST framework is applicable in the Padgett-Beagle Solutions in recognizing the essence of privacy in creating public privacy and protecting civil liberties and individual privacy when conducting its cybersecurity activities. The framework will be adequate to Padgett-Beale because it references different practices, guidelines, and standards within the organization. In addition, the framework will help Padgett-Beale to describe its current cybersecurity postures, target cybersecurity state, opportunities, progress, and communicate with external and internal stakeholders about cybersecurity risks.
The framework will manage PBI-FS cybersecurity risks using three parts; framework profile, implementation tiers, and the framework core to strengthen the association between cybersecurity activities and mission/business drivers. The framework core refers to cybersecurity activities, applicable references, and desired outcomes that are mutual across acute infrastructure sections (Almuhammadi & Alsaleh, 2017). The framework will provide the PBI-FS with practices, guidelines, and standards to permit cybersecurity communication across the company from the executive to the implementation level. The National Institute of Standards and Technology (NIST) framework identifies, protects, detects, responds, and recovers cybersecurity issues. If Padgett Beale implements these functions well into PBI-FS, the company will easily manage its cybersecurity risks (Almuhammadi & Alsaleh, 2017). Identifying involves understanding cybersecurity risks to manage an organization’s capabilities, data, assets, people, and systems; protecting consists of developing and implementing appropriate securities to ensure the distribution of essential services.
Detecting involves developing and implementing appropriate activities to recognize cybersecurity risks and developing and implementing proper operations to detect cybersecurity issues. Similarly, recovering consists of implementing and developing the activities that retain an organization’s resilience plans and restoring impaired capabilities due to cybersecurity incidents. The framework tiers give organizations a clue on how they view and manage cybersecurity risks. They describe the extent to which cybersecurity risks have altered with an organization’s practices.
The risk management process will enable Padgett-Beale to manage its risks appropriately because it will help the company detect the likelihood of cybersecurity risk. With this information, PBI-FS will recognize the possibility of risks occurring and the potential impacts the risks will pose to the organization (Almuhammadi & Alsaleh, 2017). Comprehension of risk tolerance helps companies prioritize their cybersecurity activities to make better expenditures, implement programs that manage risks, and communicate and quantify cybersecurity programs adjustments. PBI-FS may also implement the following risk mitigation strategies depending on the impacts of the dangers on the critical services of the organization:
Accepting the risk- Padgett-Beale may take risks if it acknowledges that the potential impacts of the risks are not many to the extent of the organization incurring more money to eliminate the risks.
Mitigating the risk- Padgett-Beale may take actions that reduce its exposure to cybersecurity risks and decreasing the probability of the risks occurring again in the future. The organization can mitigate the risks by identifying the risks, analyzing the risks, and mitigating the risks.
Risk transfer- involves transferring risks from one individual to another or from one company to another. Padgett-Beale may share its risks by purchasing insurance to share the risks to a third party.
Avoiding the risk- Risk avoidance includes eliminating exposures, activities, and hazards that negatively affect a company’s assets. While risk management looks forward to controlling financial consequences or damages that threaten an organization, risk avoidance aims at avoiding events that compromise a company.
Risk management processes will enable PBI-FS to prioritize and inform decisions about cybersecurity. It funds recurring business validations and risk assessments to allow firms to select objected cybersecurity activities that contribute to desired outcomes. Therefore, the National Institute of Standards and Technology (NIST) cybersecurity framework will enable Padgett-Beale to direct and select improvements in the management of cybersecurity risks for ICS and IT surroundings (Almuhammadi & Alsaleh, 2017). The framework will give the organization a shared language for expressing, managing, and understanding threats to external and internal shareholders. The framework can also prioritize and identify actions that reduce cybersecurity risks and align policies, technological, and business approaches that manage risks. In addition, the organization can use the framework to manage cybersecurity risks to deliver critical services.
PBI-FS can also protect its data from data breaches and phishing by using multifactor authentication. Data protection is an authentication technique used to confirm devices, users, or applications by presenting various identifiers. Multifactor authentication will provide PBI-FS additional security layer by requesting users to deliver more than one verification factor to access their accounts, decreasing cyberattacks or the likelihood of data breaches or phishing attacks (Byun et al., 2019). Multifactor authentication gives organizations a strong identity and access management policy (IAM). It is the most reliable security control strategy. In addition, PBI-FS should protect its online accounts by making long and strong passwords, securing its local systems, and visiting websites with SSL certificates.
Using password managers, avoiding storing their passwords on computers, and using programs that support multifactor authentication will also significantly protect PBI-FS’s online accounts. PBI-FS should keep its systems and software updated to prevent hackers from accessing their networks. Installing firewalls can also benefit PBI-FS by defending it from cyberattacks (Byun et al., 2019). Firewall systems block any suspected attacks before they damage a system. Firewalls monitor network traffic; data coming in and out of an organization’s systems develop opportunities for risks to compromise activities (Marinova-Boncheva, 2007). By analyzing and monitoring network circulation, firewalls influence pre-established filters and rules to protect an organization’s systems. Firewalls can monitor the entry points of a system and stop virus attacks. In addition, firewalls will help organizations prevent hackers, eliminate spyware, and promote privacy.
Step 6: Cybersecurity Strategy Padgett-Beale should take to implement the recommended risk mitigation strategies
Among the cybersecurity strategies Padgett Beale should implement, the risk mitigation strategies include developing assurance frameworks and creating secure cyber systems. The first strategy Padgett Beale should implement is creating specific cyber ecosystems, including broad devices such as computers, technologies, and communication. This strategy will enable Padgett Beale to have a robust ecosystem where devices can work together to eliminate cyber-attacks. The plan will also allow Padgett Beale to allow secure means of organized actions within its devices. Vital cyber ecosystems have authentication interoperability and automation (Goel et al., 2019). Automation will ease the implementation of Padgett Beale’s advanced security strategies, enhance their swiftness, and optimize their decision-making procedures. Interoperability will toughen the collaborative activities of Padgett Beale, improve their awareness, and accelerate learning processes. Authentication will improve Padgett Beale’s verification and identification technologies that provide scalability, interoperability, ease of usage, affordability, and security.
The second strategy Padgett Beale should implement is creating assurance frameworks that will help develop an outline that complies with security strategies via technology, people, processes, and products. Padgett Beale should adopt the NIST framework to implement this strategy, accommodating critical infrastructure through endorsing and enabling actions (Almuhammadi & Alsaleh, 2017). Also, the assurance frameworks will help Padgett Beale to maintain a resilient, vigilant, and secure environment and identify particular characteristics and domains that interfere with Padgett Beale’s processes. The third strategy that Padgett Beale should implement is motivating open standards. Open standards will play a significant role in defining Padgett Beale’s cybersecurity issues by enhancing the effectiveness of their many processes, enabling the incorporation of their system, organizing new approaches, and interpreting complex surroundings. Implementing ISO 27001 will motivate Padgett Beale’s implementation of standard structures where clients will understand Padgett Beale’s processes and minimize auditing costs.
The fourth strategy PBI-FS should implement installing a Demilitarized User Zone (DMZ). DMZ is a subnetwork between private and public websites (Rababah et al., 2018). It exposes exterior-facing amenities to suspicious networks and supplements an additional security layer to safeguard sensitive data in internal systems using firewalls to clean data circulation. A demilitarized zone (DMZ) will protect the PBI-FS’s interior LAN (Local Area Network) from untrusted traffic (Iskandar et al., 2019). DMZ will allow PBI-FS to access suspicious networks (the internet) while ensuring the safety of its private network (LAN) (Rababah et al., 2018). DMZ will restrict other servers from accessing the LAN, making it hard for hackers to access an organization’s internal servers and information through the internet. The DMZ will enable PBI-FS to implement network segmentation, making it hard for unauthorized users to access the private network (Rababah et al., 2018). It will also allow the company to prevent network reconnaissance by issuing a buffer in the middle of the private network and the internet, preventing hackers from engaging in network reconnaissance. Lastly, the DMZ will block spoofing threats by discovering such attempts and eliminating them from the system.
The fifth strategy Padgett Beale should implement is the Barracuda CloudGen Firewalls which will protect its online accounts. These firewalls will generate a buffer between an external network and an organization’s IT systems by controlling traffic and blocking activities that may damage networks, techniques, and computers. Controlling traffic will eliminate the mentioned gaps from interfering with the company’s networks and blocking outgoing circulation instigating from a Trojan horse. Additionally, implementing the Barracuda firewalls will separate Padgett Beale’s workstation devices from threats, allowing the company to choose the data of the port received or sent manually (Byun et al., 2019). Implementing the Barracuda firewalls will also reduce the risks associated with data loss via the firewalls that safeguard the firm from external threats. The firewalls will also protect Padgett Beale’s applications, users, and data against malicious attacks. It will also eliminate unauthorized access to the company’s data by monitoring traffic entering its system. Hence, the Barracuda firewalls will ensure Padgett Beale’s system is also secured from theft, and hackers and will enhance the assessment of threats.
The sixth strategy PBI-FS should implement installing the antivirus software will root for possible viruses that may interfere with the organization’s software. Remarkably, the antivirus will protect Padgett Beale’s systems against spyware, adware, worms, Trojan horses, key loggers, ransomware, and malware. The software will also scan PBI-FS’s network or computers to look for malicious programs in the database and eliminate them (Marinova-Boncheva, 2007). Advanced software has a high chance of accommodating more extensive databases and detecting problems. Even though many cyber threats are computerized, with attackers exploiting and looking for known vulnerabilities, the software will enable PBI-FS to scan its data to recognize its weaknesses. Vulnerability scanning will also allow the organization to determine the general efficiency of its security measures to save money and time afterward.
The seventh strategy Padgett Beale should take is executing the IBM Guardian to encrypt data. Encrypting data will help the organization prevent attackers from viewing important files, mitigate the risks associated with data breaches, and control General Data Protection Regulation (GDPR) violations. In addition, data encryption will help Padgett Beale to protect its sensitive data and private information by facilitating security between client applications and servers (Brewer, 2016). Encrypting data will prevent hackers from reading Padgett Beale’s sensitive or confidential information. On top of that, encrypting Padgett Beale’s data will enable the company to easily detect malicious users to protect the company’s integrity and confidentiality. This strategy will also address the gaps relating to unauthorized access and hackers.
Gathering the details needed Evaluating alternatives Performing analysis and research
People, money
Five days
Systems design
Outlining interfaces; user, database, network, and system interfaces
people
Two weeks
Development
Testing of tools
Technology, people
Two weeks
Integration and testing
Testing the software
people
Three days
Implementation
Detecting defects
people
5 days
Maintenance
Handling possible issues
Money, technology
Two days
Enterprise IT Architecture for PBI-FS
Figure1: Network diagram
Step 7: Plan of Action and Implementation Timeline
Proposed plan of action
Resources
Start
Date
Due date
Estimate
d Cost ($)
Effort (1-5)
Description
Barracuda CloudGen Firewalls
IT experts Computers
15/07/2021
17/07/2021
500000
5
Installing theBarracuda CloudGen Firewalls will require IT experts and computers. The start date of the installation will be 15/07/2021 to 17/07/2021. Approximated costs are $500000, and the effort required will equal 5 when a scale of 1-5 measures the effort required.
Developing assurance frameworks
Computers Technology
18/07/2021
19/07/2021
540000
3
Developing assurance frameworks will require computers and technology. The update will start on 18/07/2021 to 19/07/2021. Costs needed to update the software are estimated to be $540000, and the effort necessary equals 3 when weighed using a scale of 1 to 5.
Installing the antivirus software
Computers Technology
20/07/2021
21/07/2021
350000
4
Installing the antivirus software will require computers and technology. The installation will start on 20/07/2021 to 21/07/2021. Costs will be approximately $350000, and the effort necessary equals 4 when weighed on a scale of 1 to 5.
Executing the IBM Guardian
Computers IT experts
22/07/2021
23/07/2021
400000
2
Encrypting data will require computers and IT experts. The encryption starts on 22/07/2021 to 23/07/2021. Costs will be $400000, and the effort necessary equals 2 when weighed on a scale of 1 to 5.
Creating secure cyber systems
People Money
25/07/2021
27/07/2021
450000
3
Creating secure cyber systems will require people and money. The initiative starts on 25/07/2021 to 27/07/2021. Costs will be approximately $450000, and the effort necessary equals 3 when weighed on a scale of 1 to 5.
Cybersafety risk examination
Computers IT experts
28/07/2021
01/08/2021
500000
3
Cybersafety risk examination will require computers and IT experts. The investigation will start on 28/07/2021 to 1/08/2021. Costs will be $500000, and the effort necessary equals 3 when weighed on a scale of 1 to 5.
Protecting outbound data
Computers IT experts
02/08/2021
05/08/2021
235000
3
Protecting outbound data will require computers and IT experts. The protection starts on 02/08/2021 to 05/08/2021. Costs will be $235000, and the effort necessary equals 3 when weighed on a scale of 1 to 5.
setting smart passwords
Computers
06/08/2021
08/08/2021
340000
3
Setting smart passwords will require computers. The exercise starts on 06/08/2021 to 08/08/2021. Costs will be $340000, and the effort necessary equals 3 when weighed on a scale of 1 to 5.
Limiting the number of sign-in tries
Computers IT experts
10/08/2021
11/08/2021
500000
4
Limiting the number of sign-in tries will require computers and IT experts. The exercise starts on 10/08/2021 to 11/08/2021. Costs will be $500000, and the effort necessary equals 4 when weighed on a scale of 1 to 5.
Avoiding sharing credit card information
People
12/08/2021
13/08/2021
100000
2
Avoiding sharing credit card information will require people. The exercise starts on 12/08/2021 to 13/08/2021. Costs will be $100000, and the effort necessary equals 2 when weighed on a scale of 1 to 5.
Installing a Demilitarized User Zone (DMZ).
Computers IT experts
15/07/2021
17/08/2021
200000
5
They are installing a Demilitarized User Zone (DMZ) which will require computers and IT experts. The exercise starts on 15/08/2021 to 17/08/2021. Costs will be $200000, and the effort necessary equals 5 when weighed on a scale of 1 to 5.
Step 8: Summary of Recommendations
For the successful merging and acquisition of Island Banking Services to create PBI-FS, Padgett-Beale should first analyze the gaps that contributed to the bankruptcy of the Island Banking Services and adopt appropriate strategies that will mitigate the risks and prevent them from reoccurring. Padgett-Beale should follow statutory laws, commodities laws, and security laws that guide all financial companies when implementing their activities. Statutory regulations will enable the organization to restrict its data. Commodity laws will promote transparency within the organization and security laws will facilitate proper circulation of information, and banking laws will examine the institution’s operations.
PBI-FS should also follow the rules and regulations that guide all companies, including; Sarbanes-Oxley Act, SEC Disclosure Obligations, Generally Accepted Accounting Principles (GAAP), IRS Regulations for Business Records, and Reporting Requirements. These regulations will enable the organization to know the activities it should engage in for its well-being. PBI-FS should manage its risks by employing risk mitigation strategies and multifactor authentication to eliminate unauthorized access. Padgett-Beale should install Barracuda CloudGen Firewalls, and antivirus software, Encrypt sensitive data, and Conduct vulnerability scans to implement the recommended risk mitigation strategies. It should also conduct a cybersecurity risk assessment, install a Demilitarized User Zone (DMZ), and install Intrusion detection software to eliminate intruders from the system. Lastly, Padgett-Beale should implement a plan of action that includes the resources, time, effort, and costs required to mitigate the risks and contribute to the smooth running of BPI-FS.
Conclusion
Gap analysis is essential to every organization because it facilitates easier recognition of risks. Companies should follow the standards and rules that guide businesses to ensure that they are not against the standards that drive industries. Risk management strategies also play a vital role to businesses because it helps companies to mitigate the risks that alter companies’ operations. Adhering to the measures that eliminate risks will help organizations eliminate threats and run business operations smoothly.
Memorandum
To: Merger & Acquisition Team
From:
Date 13th July 2021
Subject: Recommendation for mitigating the identified risks.
The primary purpose of this recommendation is to address the proper strategies that Padgett-Beale should implement on its acquisition with Island Banking Services to mitigate risks. Various risks interfered with Island Banking Services’ hardware, software, and files, bankrupting the organization. Some of the dangers that attacked Island Banking Services include; Ransomware attacks, IoT attacks, cloud attacks, phishing attacks, DoS, software vulnerabilities, outdated software, unencrypted data, manipulated data, and spoofing. These recommendations will facilitate PBI-FS’s security and ensure attackers will not alter its data files.
The Cybersecurity Strategy and Plan of Action consisted of Gap Analysis, Legal & Regulatory Requirements Analysis, Risk Analysis & Risk Register, Cybersecurity Strategy, and Plan of Action and Implementation Timeline. Gap analysis analyzed the risks that attacked the organization. The study of legal and regulatory requirements highlighted statutory laws, commodities laws, and security laws that guide all financial companies when implementing their activities. Additionally, it analyzed the rules and regulations that guide all companies, including; Sarbanes-Oxley Act, SEC Disclosure Obligations, Generally Accepted Accounting Principles (GAAP), IRS Regulations for Business Records, and Reporting Requirements. Risk analysis and risk register provided the risk mitigation strategies that the new company should adopt. The plan of action provided the resources, time, effort, and costs required to mitigate the risks and contribute to the smooth running of BPI-FS.
I recommend the Merger & Acquisition team follow statutory laws, commodities laws, and security laws that guide all financial companies when implementing their activities. It should also follow the rules and regulations that guide all companies, including; Sarbanes-Oxley Act, SEC Disclosure Obligations, Generally Accepted Accounting Principles (GAAP), IRS Regulations for Business Records, and Reporting Requirements. The team should manage its risks by employing risk mitigation strategies to eliminate unauthorized access. It should also install intrusion software that will detect any attackers planning to attack their system.
Thank you for your cooperation.
Signature:
Name:
References
Almuhammadi, S., & Alsaleh, M. (2017). Information security maturity model for NIST cybersecurity framework. Computer Science & Information Technology (CS & IT), 7(3), 51-62. doi:10.5121/csit.2017.70305
Brewer, R. (2016). Ransomware attacks: detection, prevention, and cure. Network Security, 2016(9), 5-9. doi: 10.1016/s1353-4858(16)30086-1
Byun, M., Lee, Y., & Choi, J. Y. (2019). Risk and avoidance strategy for blocking mechanism of SDN-based security service. In 2019 21st International Conference on Advanced Communication Technology (ICACT) (pp. 187-190). IEEE. doi:10.23919/icact.2019.8701887
Crumpler, W., & Lewis, J. A. (2019). The cybersecurity workforce gap. Center for Strategic and International Studies (CSIS).
Goel, A. K., Rose, A., Gaur, J., & Bhushan, B. (2019). Attacks, countermeasures, and security paradigms in IoT. In 2019 2nd international conference on intelligent computing, instrumentation, and control technologies (ICICICT) (Vol. 1, pp. 875-880). IEEE. doi:10.1109/icicict46008.2019.8993338
Gorshunov, M. A., Armenakis, A. A., Feild, H. S., & Vansant, B. (2020). The Sarbanes-Oxley Act of 2002: relationship to the magnitude of financial corruption and corrupt organizational cultures. Journal of Management, 21(2), 73. doi:10.33423/jmpp.v21i2.2929
Gourisetti, S. N. G., Mylrea, M., & Patangia, H. (2020). Cybersecurity vulnerability mitigation framework through empirical paradigm: Enhanced prioritized gap analysis. Future Generation Computer Systems, 105, 410-431. doi:10.1016/j.future.2019.12.018
Gupta, P. P., Sami, H., & Zhou, H. (2018). Do companies with effective internal controls over financial reporting benefit from Sarbanes–Oxley Sections 302 and 404? Journal of Accounting, Auditing & Finance, 33(2), 200-227. doi:10.1177/0148558×16663091
Gupta, R., & Agarwal, S. P. (2017). A comparative study of cyber threats in emerging economies. Globus: An International Journal of Management & IT, 8(2), 24-28. doi: 10.18411/a-2017-023
Iskandar, A., Virma, E., & Ahmar, A. S. (2019). Implementing DMZ in improving network security of web testing in STMIK AKBA. arXiv preprint arXiv:1901.04081. doi:10.14419/ijet.v7i2.3.12627
Lamba, A. (2020). A Through Analysis on Protecting Cyber Threats and Attacks on CPS Embedded Subsystems. Available at SSRN 3517474.doi: 10.2139/ssrn.3517474
Marinova-Boncheva, V. (2007). A short survey of intrusion detection systems. Problems of Engineering Cybernetics and Robotics, 58, 23-30. doi:10.1145/1330598.1330631
Rababah, B., Zhou, S., & Bader, M. (2018). Evaluation of the Performance of DMZ. Assoc. Mod. Educ. Comput. Sci, 0-13. doi:10.5815/ijwmt.2018.01.01
Rosella, M. R., Avdeychik, V., & Capozzi, J. R. (2019). SEC adopts rules and interpretive guidance designed to enhance and clarify the obligations of financial professionals. Journal of Investment Compliance. doi:10.1108/joic-08-2019-0049
Sapienza, A., Ernala, S. K., Bessi, A., Lerman, K., & Ferrara, E. (2018). Discover Mining online chatter for emerging cyber threats. In Companion Proceedings of the Web Conference 2018 (pp. 983-990). doi:10.1145/3184558.3191528
Singh, A., & Jain, A. (2018). Study of cyber-attacks on the cyber-physical system. In Proceedings of 3rd International Conference on Internet of Things and Connected Technologies (ICIoTCT) (pp. 26-27). doi:10.2139/ssrn.3170288
Tirumala, S. S., Valluri, M. R., & Babu, G. A. (2019). A survey on cybersecurity awareness concerns, practices, and conceptual measures. In 2019 International Conference on Computer Communication and Informatics (ICCCI) (pp. 1-6). IEEE. doi:10.1109/iccci.2019.8821951
Tsiknas, K., Taketzis, D., Demertzis, K., & Skianis, C. (2021). Cyber Threats to Industrial IoT: A Survey on Attacks and Countermeasures. IoT, 2(1), 163–186. doi:10.3390/iot2010009
