-
The barriers to sustainable risk transfer in the cyber-insurance market Journal of Cybersecurity Pub Date : 2024-02-20 Henry R K Skeoch, Christos Ioannidis
Efficient risk transfer is an important condition for ensuring the sustainability of a market according to the established economics literature. In an inefficient market, significant financial imbalances may develop and potentially jeopardize the solvency of some market participants. The constantly evolving nature of cyber-threats and lack of public data sharing mean that the economic conditions required
-
Behind the curve: technology challenges facing the homeland intelligence and counterterrorism workforce Journal of Cybersecurity Pub Date : 2024-02-07 Michelle Black, Lana Obradovic, Deanna House
Those charged with protecting the homeland through intelligence analysis, particularly in counterterrorism, must be capable of rapidly adopting innovative technologies to detect and prevent exploitation and disruption of vulnerable critical infrastructures. However, implementing these responses requires a highly skilled technical workforce that is continually provided with timely educational and training
-
Cybersecurity when working from home during COVID-19: considering the human factors Journal of Cybersecurity Pub Date : 2024-01-25 Monica T Whitty, Nour Moustafa, Marthie Grobler
This research examined the lives of Australian employees who moved to work from home during COVID-19. Taking a unique approach to cybersecurity, we sought to gain insights into the intermingling of individuals’ personal lives and technology to inform policies and educational programmes. The study employed interpretative phenomenological analysis to understand 27 participants’ lived experiences under
-
A systematic literature review on advanced persistent threat behaviors and its detection strategy Journal of Cybersecurity Pub Date : 2024-01-02 Nur Ilzam Che Mat, Norziana Jamil, Yunus Yusoff, Miss Laiha Mat Kiah
Advanced persistent threats (APTs) pose significant security-related challenges to organizations owing to their sophisticated and persistent nature, and are inimical to the confidentiality, integrity, and availability of organizational information and services. This study systematically reviews the literature on methods of detecting APTs by comprehensively surveying research in the area, identifying
-
Cybersecurity in UK Universities: mapping (or managing) threat intelligence sharing within the higher education sector Journal of Cybersecurity Pub Date : 2023-09-23 Anna Piazza, Srinidhi Vasudevan, Madeline Carr
Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when universities struggled to continue to function through
-
Executive decision-makers: a scenario-based approach to assessing organizational cyber-risk perception Journal of Cybersecurity Pub Date : 2023-08-21 Simon Parkin, Kristen Kuhn, Siraj A Shaikh
The executive leadership in corporate organizations is increasingly challenged with managing cyber-risks, as an important part of wider business risk management. Cyber-risks are complex, with the threat landscape evolving, including digital infrastructure issues such as trust in networked supply chains, and emerging technologies. Moreover, engaging organizational leadership to assess for risk management
-
Predictive Taxonomy Analytics (LASSO): Predicting Outcome Types of Cyber Breach Journal of Cybersecurity Pub Date : 2023-08-12 Jing Rong Goh, Shaun S Wang, Yaniv Harel, Gabriel Toh
Cyber breaches are costly for the global economy and extensive efforts have gone into improving the cybersecurity infrastructure. There are numerous types of cyber breaches that vary greatly in terms of cause and impact, resulting in an extensive literature for individual cyber breach type. Our paper seeks to provide a general framework that can be easily applied to analyze different types of cyber
-
The concept of modern political confrontation in cyber space Journal of Cybersecurity Pub Date : 2023-08-10 Liudmyla Kormych, Yuliia Zavhorodnia
The purpose of the study is to determine the main forms of behavior of the participants of the political process in the information space of Ukraine and progressive informative countries of the world in order to achieve political goals and decisions that have a constructive or destructive function in the political system, considering social, cultural, legal, and ideological factors that affect interaction
-
A close look at a systematic method for analyzing sets of security advice Journal of Cybersecurity Pub Date : 2023-07-03 David Barrera, Christopher Bellman, Paul C van Oorschot
We carry out a detailed analysis of the security advice coding method (SAcoding) of Barrera et al., which is designed to analyze security advice in the sense of measuring actionability and categorizing advice items as practices, policies, principles, or outcomes. The main part of our analysis explores the extent to which a second coder’s assignment of codes to advice items agrees with that of a first
-
Testing human ability to detect ‘deepfake’ images of human faces Journal of Cybersecurity Pub Date : 2023-06-24 Sergi D Bray, Shane D Johnson, Bennett Kleinberg
‘Deepfakes’ are computationally created entities that falsely represent reality. They can take image, video, and audio modalities, and pose a threat to many areas of systems and societies, comprising a topic of interest to various aspects of cybersecurity and cybersafety. In 2020, a workshop consulting AI experts from academia, policing, government, the private sector, and state security agencies ranked
-
A systematization of voter registration security Journal of Cybersecurity Pub Date : 2023-06-08 Jack Cable, Andrés Fábrega, Sunoo Park, Michael A Specter
Voter registration is an essential part of almost any election process, and its security is a critical component of election security. Yet, despite notable compromises of voter registration systems, relatively little academic work has been devoted to securing voter registration systems, compared to research on other aspects of election security. In this paper, we present a systematic treatment of voter
-
Defining the reporting threshold for a cybersecurity incident under the NIS Directive and the NIS 2 Directive Journal of Cybersecurity Pub Date : 2023-05-11 Sandra Schmitz-Berndt
The NIS Directive and sector-specific cybersecurity regulations require the reporting of (security) incidents to supervisory authorities. Following the risk-based approach adopted in the NIS Directive, the NIS 2 Directive enlists as a basic security element the reporting of significant incidents that (i) have caused or (ii) are capable to cause harm, as well as (iii) notifying the service recipients
-
The security mindset: characteristics, development, and consequences Journal of Cybersecurity Pub Date : 2023-05-02 Koen Schoenmakers, Daniel Greene, Sarah Stutterheim, Herbert Lin, Megan J Palmer
The world is facing a cybersecurity skills gap as cybercrime and cyberwarfare grow in importance. One often-discussed quality that is potentially relevant to cybersecurity recruitment and education is the so-called “security mindset”: a way of thinking characteristic of some security professionals that they believe to be especially advantageous in their work. Although some employers express a desire
-
Development of a new ‘human cyber-resilience scale’ Journal of Cybersecurity Pub Date : 2023-04-19 Adam N Joinson, Matt Dixon, Lynne Coventry, Pam Briggs
While there has been an upsurge in interest in cyber resilience in organizations, we know little about the resilience of individuals to cyber attacks. Cyber resilience in a domestic or non-work setting is important because we know that the majority of people will face cyber threats in their use of technology across a range of contexts, and the ability to resist a cyber attack, or quickly recover and
-
Maximizing the benefits from sharing cyber threat intelligence by government agencies and departments Journal of Cybersecurity Pub Date : 2023-04-04 Josiah Dykstra, Lawrence A Gordon, Martin P Loeb, Lei Zhou
The primary objective of the current study is to analytically examine the economic benefits an organization can obtain by receiving and processing cyber threat intelligence (CTI) shared by the US government. Our results show that the benefits from receiving CTI are closely associated with the difference between the threat level indicated by the CTI and the receiving organization’s prior belief of the
-
The Power of Beliefs in US Cyber Strategy: The Evolving Role of Deterrence, Norms, and Escalation Journal of Cybersecurity Pub Date : 2023-03-31 Erica D Lonergan, Jacquelyn Schneider
Cyberspace's role in military power is vociferously debated. But how do these ideas manifest in cyber strategy? In this article, we trace the development of ideas about military cyber power, with a focus on the USA. In particular, we use a decade of US defense cyber strategies as a lens to explore how ideas about the role of the military in promoting cyber norms, the feasibility of cyber deterrence
-
Tell me more, tell me more: repeated personal data requests increase disclosure Journal of Cybersecurity Pub Date : 2023-03-28 Piers Fleming, S Gareth Edwards, Andrew P Bayliss, Charles R Seger
Personal data is of great commercial benefit and potential sensitivity. However, for the consumers who provide their personal data, doing so comes with potential costs, benefits and security risks. Typically, consumers have the option to consent to the use of personal/sensitive data but existing research suggests consumer choices may only be weakly related to their concerns (the privacy paradox). Here
-
Juror interpretations of metadata and content information: implications for the going dark debate Journal of Cybersecurity Pub Date : 2023-02-21 Anne E Boustead, Matthew B Kugler
The rise of consumer encryption has led to a fierce debate over whether the loss of potential evidence due to encryption will be offset by the increase in evidence available from electronic metadata. One major question raised by this debate is how jurors will interpret and value metadata as opposed to content information. Though there are plausible arguments in favor of the persuasive power of each
-
Post-quantum cryptographic assemblages and the governance of the quantum threat Journal of Cybersecurity Pub Date : 2023-02-03 Kristen Csenkey, Nina Bindel
Threats against security in the Internet often have a wide range and can have serious impacts within society. Large quantum computers will be able to break the cryptographic algorithms used to ensure security today, which is known as the quantum threat. Quantum threats are multi-faceted and very complex cybersecurity issues. We use assemblage theory to explore the complexities associated with these
-
The nature of losses from cyber-related events: risk categories and business sectors Journal of Cybersecurity Pub Date : 2023-01-25 Pavel V Shevchenko, Jiwook Jang, Matteo Malavasi, Gareth W Peters, Georgy Sofronov, Stefan Trück
In this study, we examine the nature of losses from cyber-related events across different risk categories and business sectors. Using a leading industry dataset of cyber events, we evaluate the relationship between the frequency and severity of individual cyber-related events and the number of affected records. We find that the frequency of reported cyber-related events has substantially increased
-
Contribution Threat Perception, School Climate and Prejudice as Mediator to Student’s Cyber Aggression Journal of Cybersecurity Pub Date : 2023-01-25 Mardianto Mardianto, Niken Hartati, Farah Aulia, Zulian Fikry, Rahayu Hardianti Utami, Elrisfa Magistarina
This study aims to test students’ cyber aggression models based on previous studies, especially those related to high school students’ Cyber Aggression behavior. Following the stages of adolescent development, this research uses the socio-ecological theoretical perspective of the cyber context. This study determines several predictive variables as risk factors and protective factors that have the most
-
Classifying social media bots as malicious or benign using semi-supervised machine learning Journal of Cybersecurity Pub Date : 2023-01-08 Innocent Mbona, Jan H P Eloff
Users of online social network (OSN) platforms, e.g. Twitter, are not always humans, and social bots (referred to as bots) are highly prevalent. State-of-the-art research demonstrates that bots can be broadly categorized as either malicious or benign. From a cybersecurity perspective, the behaviors of malicious and benign bots differ. Malicious bots are often controlled by a botmaster who monitors
-
SoK: cross-border criminal investigations and digital evidence Journal of Cybersecurity Pub Date : 2022-12-15 Fran Casino, Claudia Pina, Pablo López-Aguilar, Edgar Batista, Agusti Solanas, Constantinos Patsakis
Digital evidence underpin the majority of crimes as their analysis is an integral part of almost every criminal investigation. Even if we temporarily disregard the numerous challenges in the collection and analysis of digital evidence, the exchange of the evidence among the different stakeholders has many thorny issues. Of specific interest are cross-border criminal investigations as the complexity
-
An IoT Privacy-Oriented selective disclosure credential system Journal of Cybersecurity Pub Date : 2022-10-22 Mohamed Rasslan, Mahmoud M Nasreldin, Heba K Aslan
Personal credentials, such as passports and drivers’ licenses, can be implemented electronically using multi-show protocols. In this paper, we introduce an IoT Privacy-Oriented selective disclosure credential system, i.e. based on bilinear pairings and multilinear maps. The proposed system consists of three protocols, which allow users to be in control of their personal credentials. The Credentials
-
Is there a cyber security dilemma? Journal of Cybersecurity Pub Date : 2022-09-20 Carly E Beckerman
In recent years, scholars, commentators and politicians have discussed the prospect of a ‘cyber security dilemma’. If states race to develop superior cyberattacks, how far might this escalate? Are state-led cyberattacks likely to provoke a full war? To address these related questions, I apply a multi-level Neoclassical Realist framework that progresses from systemic logic to an assessment of leader
-
The illogic of plausible deniability: why proxy conflict in cyberspace may no longer pay Journal of Cybersecurity Pub Date : 2022-09-10 Justin Key Canfil
Cyber proxies—whether mercenaries, patriotic zealots, pranksters, or simply allies of convenience—are thought to be widespread. By outsourcing to proxies, this logic goes, a host government can plausibly deny its involvement in operations that advance its military and foreign policy aims. This presents central challenge to empirical researchers. If the value of proxies derives from their deniability
-
Drivers and barriers for secure hardware adoption across ecosystem stakeholders Journal of Cybersecurity Pub Date : 2022-08-06 Andrew Tomlinson, Simon Parkin, Siraj Ahmed Shaikh
The decisions involved in choosing technology components for systems are poorly understood. This is especially so where the choices pertain to system security and countering the threat of cybersecurity attack. Although common in some commercial products, secure hardware chips provide security functions such as authentication, secure execution and integrity validation on system start, and are increasingly
-
Entanglement: cybercrime connections of a public forum population Journal of Cybersecurity Pub Date : 2022-07-18 Masarah Paquet-Clouston, Serge-Olivier Paquette, Sebastian Garcia, Maria José Erquiaga
Many activities related to cybercrime operations do not require much secrecy, such as developing websites or translating texts. This research provides indications that many users of a popular public internet marketing forum have connections to cybercrime. It does so by investigating the involvement in cybercrime of a population of users interested in internet marketing, both at a micro and macro scale
-
Building a launchpad for satellite cyber-security research: lessons from 60 years of spaceflight Journal of Cybersecurity Pub Date : 2022-06-20 James Pavur, Ivan Martinovic
As the space industry approaches a period of rapid change, securing both emerging and legacy satellite missions will become vital. However, space technology has been largely overlooked by the systems security community. This survey seeks to understand why this is the case and to offer a starting point for technical security researchers seeking impactful contributions beyond the Earth’s mesosphere.
-
Two explanations for the paucity of cyber-military, cross-domain operations Journal of Cybersecurity Pub Date : 2022-06-18 Nori Katagiri
This article investigates why states have launched so few cross-domain operations—in this case, operations between cyber and military domains—when they have launched so many cyberattacks. I explore a set of five hypotheses for why most cyberattacks do not occur at the same time as military strikes. My analysis reveals that of the five, two are compelling. First, state attackers make strategic decisions
-
Developing metrics to assess the effectiveness of cybersecurity awareness program Journal of Cybersecurity Pub Date : 2022-05-23 Sunil Chaudhary, Vasileios Gkioulos, Sokratis Katsikas
Cybersecurity awareness (CSA) is not just about knowing, but also transforming things learned into practice. It is a continuous process that needs to be adjusted in subsequent iterations to improve its usability as well as sustainability. This is possible only if a CSA program is reviewed and evaluated timely. Review and evaluation of an awareness program offer an insight into the program's effectiveness
-
Cybersecurity service level agreements: understanding government data confidentiality requirements Journal of Cybersecurity Pub Date : 2022-05-18 Yudhistira Nugraha, Andrew Martin
Cybersecurity requirements, such as data security, are often used as evidence for the Government's relationship with external service providers to process, store and transmit sensitive government data. However, cybersecurity researchers have not profoundly studied the practical application of government data security requirements (e.g. data confidentiality) in service level agreements (SLAs) in the
-
Accessible from the open web: a qualitative analysis of the available open-source information involving cyber security and critical infrastructure Journal of Cybersecurity Pub Date : 2022-04-26 Yuxuan (Cicilia) Zhang, Richard Frank, Noelle Warkentin, Naomi Zakimi
In order to efficiently manage and operate industrial-level production, an increasing number of industrial devices and critical infrastructure (CI) are now connected to the internet, exposed to malicious hackers and cyberterrorists who aim to cause significant damage to institutions and countries. Throughout the various stages of a cyber-attack, Open-source Intelligence (OSINT) tools could gather data
-
Overcoming information-sharing challenges in cyber defence exercises Journal of Cybersecurity Pub Date : 2022-01-28 Agnė Brilingaitė, Linas Bukauskas, Aušrius Juozapavičius, Eduardas Kutka
Active usage of threat intelligence information supports effective prevention, mitigation and defence against cyberattacks by threat actors ranging from individual amateurs to state organizations. However, threat intelligence highly depends on security specialists’ ability to share incident data on threat information-sharing platforms. Unfortunately, business managers and educational institutions undervalue
-
The impact of a cause–effect elaboration procedure on information security risk perceptions: a construal fit perspective Journal of Cybersecurity Pub Date : 2022-01-28 Zhang Hao Goh, Minzheng Hou, Hichang Cho
Cybersecurity breaches are on the rise. Extant literature in the development of strategies to enhance IT users’ online protective behaviours has neglected users’ cognitive processing of cybersecurity risk information. This study demonstrates a cause–effect elaboration procedure based on the concept of construal fit to influence online users’ cybersecurity risk perceptions. Using online experiments
-
Diversification across mining pools: optimal mining strategies under PoW Journal of Cybersecurity Pub Date : 2022-01-01 Panagiotis Chatzigiannis,Foteini Baldimtsi,Igor Griva,Jiasun Li
Abstract Mining is a central operation of all proof-of-work (PoW)-based cryptocurrencies. The vast majority of miners today participate in “mining pools” instead of “solo mining” in order to lower risk and achieve a more steady income. However, this rise of participation in mining pools negatively affects the decentralization levels of most cryptocurrencies. In this work, we look into mining pools
-
A holistic analysis of web-based public key infrastructure failures: comparing experts' perceptions and real-world incidents Journal of Cybersecurity Pub Date : 2021-12-20 Hilda Hadan, Nicolas Serrano, L Jean Camp
Public key infrastructure (PKI) is the foundation of secure and trusted transactions across the Internet. This paper presents an evaluation of web-based PKI incidents in two parts. We began with a qualitative study where we captured security and policy experts' perceptions of PKI in a set of interviews. We interviewed 18 experts in two conferences who include security academics and practitioners. We
-
Cooperation amidst competition: cybersecurity partnership in the US financial services sector Journal of Cybersecurity Pub Date : 2021-12-05 Sean Atkins, Chappell Lawson
The US Financial Services Sector (FSS) is commonly regarded as one of the most successful in addressing cybersecurity through public–private partnership and as a potential model for less advanced sectors. However, how well the sector has actually fared remains poorly understood. Based on publicly available material and in-depth interviews with those intimately involved in business–government collaboration
-
Patching zero-day vulnerabilities: an empirical analysis Journal of Cybersecurity Pub Date : 2021-11-24 Yaman Roumani
Zero-day vulnerabilities remain one of the major security threats that are faced by organizations. Once a vendor learns about a zero-day vulnerability, releasing a timely patch becomes a priority given the risk of zero-day exploits. However, we still lack information on the factors that affect patch release time of such vulnerabilities. The main objective of this study is to examine the impact of other
-
Cyberattacks, cyber threats, and attitudes toward cybersecurity policies Journal of Cybersecurity Pub Date : 2021-10-10 Keren L G Snider, Ryan Shandler, Shay Zandani, Daphna Canetti
Does exposure to cyberattacks influence public support for intrusive cybersecurity policies? How do perceptions of cyber threats mediate this relationship? While past research has demonstrated how exposure to cyberattacks affects political attitudes, the mediating role played by threat perception has been overlooked. This study employs a controlled randomized survey experiment design to test the effect
-
Corrigendum to: do data breaches damage reputation? Evidence from 45 companies between 2002 and 2018 Journal of Cybersecurity Pub Date : 2021-10-06 Christos A Makridis
DOI: https://doi.org/10.1093/cybsec/tyab021
-
Third-party induced cyber incidents—much ado about nothing? Journal of Cybersecurity Pub Date : 2021-09-15 Michel Benaroch
Growing reliance on third-party services, such as cloud computing, is believed to increase client firms’ exposure to third-party induced cyber incidents. However, we lack empirical research on the prevalence and scale of third-party induced cyber incidents. Moreover, we do not know who pays more of the price for experiencing these incidents—the client firm and/or the third-party provider firm. We study
-
Do data breaches damage reputation? Evidence from 45 companies between 2002 and 2018 Journal of Cybersecurity Pub Date : 2021-09-01 Christos A Makridis
While data breaches have become more common, there is little evidence that companies that incur them experience a persistent decline in financial performance or security prices. Using new firm-level data between 2002 and 2018, this paper finds that firms experience a 26–29% increase in reputational intangible capital following an average data breach. However, the largest and most salient breaches are
-
The geopolitics behind the routes data travel: a case study of Iran Journal of Cybersecurity Pub Date : 2021-08-17 Loqman Salamatian, Frédérick Douzet, Kavé Salamatian, Kévin Limonier
In November 2019, in the wake of political demonstrations against the regime, Iran managed to selectively cut off most traffic from the global Internet while fully operating its own domestic network. It seemingly confirmed the main hypothesis our research had led us to, based on prior observation of data routing: Iran’s architecture of connectivity enables selective censorship of international traffic
-
Cyber legalism: why it fails and what to do about it Journal of Cybersecurity Pub Date : 2021-08-06 Lucas Kello
Western nations face a glaring punishment problem in the cyber domain. Repeatedly, other nations assail their political and economic interests. Repeatedly, Western leaders warn about the gravity of such actions. And yet repeatedly, the victims failed to punish to deter the offenders. This article examines why and how this situation arose and what to do about it. The Western approach to cyber conflict
-
User compliance and remediation success after IoT malware notifications Journal of Cybersecurity Pub Date : 2021-07-15 Elsa Rodríguez, Susanne Verstegen, Arman Noroozian, Daisuke Inoue, Takahiro Kasama, Michel van Eeten, Carlos H Gañán
Internet Service Providers (ISPs) are getting involved in remediating Internet of Things (IoT) infections of end users. This endeavor runs into serious usability problems. Given that it is usually unknown what kind of device is infected, they can only provide users with very generic cleanup advice, trying to cover all device types and remediation paths. Does this advice work? To what extent do users
-
Twenty-five years of cyber threats in the news: a study of Swedish newspaper coverage (1995–2019) Journal of Cybersecurity Pub Date : 2021-07-15 Max Boholm
This paper explores how cyber threats are represented in Swedish newspapers. The sample comprises 1269 articles from three newspapers (Aftonbladet, Göteborgs-Posten, and Svenska Dagbladet) covering 25 years (1995–2019). The study provides a text-near and detailed analysis of the threats covered. The study analyzes these threats along several dimensions: their modality (e.g. unauthorized access or manipulation);
-
Prioritizing security over usability: Strategies for how people choose passwords Journal of Cybersecurity Pub Date : 2021-06-03 Rick Wash, Emilee Rader
Passwords are one of the most common security technologies that people use everyday. Choosing a new password is a security decision that can have important consequences for end users. Passwords can be long and complex, which prioritizes the security-focused aspects of a password. They can also be simple—easy to create, remember, and use—which prioritizes the usability aspects of the password. The tradeoff
-
CARAF: Crypto Agility Risk Assessment Framework Journal of Cybersecurity Pub Date : 2021-05-30 Chujiao Ma, Luis Colon, Joe Dera, Bahman Rashidi, Vaibhav Garg
Crypto agility refers to the ability of an entity to replace existing crypto primitives, algorithms, or protocols with a new alternative quickly, inexpensively, with no or acceptable risk exposure. These changes may be driven by regulatory action, advances in computing, or newly discovered vulnerabilities. Yet everyday operational needs may put crypto agility considerations on the back burner when
-
Cybersecurity of consumer products against the background of the EU model of cyberspace protection Journal of Cybersecurity Pub Date : 2021-05-02 Cezary Banasiński, Marcin Rojszczak
The entry into force of Regulation 2019/881 heralded a new stage in the construction of the EU cybersecurity model. At present, at the level of both EU institutions and individual Member States, preparatory work is underway to create the first ICT certification programmes relating to the area of cybersecurity. To date, the role of national competition and consumer protection authorities in helping
-
Attribution and Knowledge Creation Assemblages in Cybersecurity Politics Journal of Cybersecurity Pub Date : 2021-05-01 Florian J Egloff, Myriam Dunn Cavelty
Attribution is central to cybersecurity politics. It establishes a link between technical occurrences and political consequences by reducing the uncertainty about who is behind an intrusion and what the likely intent was, ultimately creating cybersecurity “truths” with political consequences. In a critical security studies’ spirit, we purport that the “truth” about cyber-incidents that is established
-
Private active cyber defense and (international) cyber security—pushing the line? Journal of Cybersecurity Pub Date : 2021-03-30 Dennis Broeders
Private sector Active Cyber Defence (ACD) lies on the intersection of domestic security and international security and is a recurring subject, often under the more provocative flag of ‘hack back’, in the American debate about cyber security. This article looks at the theory and practice of private cyber security provision and analyses in more detail a number of recent reports and publications on ACD
-
Exponential discounting in security games of timing Journal of Cybersecurity Pub Date : 2021-03-17 Jonathan Merlevede, Benjamin Johnson, Jens Grossklags, Tom Holvoet
Strategic game models of defense against stealthy, targeted attacks that cannot be prevented but only mitigated are the subject of a significant body of recent research, often in the context of advanced persistent threats (APTs). In these game models, the timing of attack and defense moves plays a central role. A common assumption, in this literature, is that players are indifferent between costs and
-
Simulation for cybersecurity: state of the art and future directions Journal of Cybersecurity Pub Date : 2021-03-14 Hamdi Kavak, Jose J Padilla, Daniele Vernon-Bido, Saikou Y Diallo, Ross Gore, Sachin Shetty
In this article, we provide an introduction to simulation for cybersecurity and focus on three themes: (1) an overview of the cybersecurity domain; (2) a summary of notable simulation research efforts for cybersecurity; and (3) a proposed way forward on how simulations could broaden cybersecurity efforts. The overview of cybersecurity provides readers with a foundational perspective of cybersecurity
-
Hacking for good: Leveraging HackerOne data to develop an economic model of Bug Bounties Journal of Cybersecurity Pub Date : 2021-03-11 Kiran Sridhar, Ming Ng
We ran a study of bug bounties, programs where gig economy security researchers are compensated for pinpointing and explaining vulnerabilities in company code bases. Bug bounty advocates have argued that they are a cost-effective means for companies of all types to shore up their security posture. Our research—which analyzes a large, proprietary dataset and which leverages instrumental variables to
-
Why international law and norms do little in preventing non-state cyber attacks Journal of Cybersecurity Pub Date : 2021-03-11 Nori Katagiri
In this article, I investigate why international law and norms have failed to keep cyberspace peaceful. The problem comes mainly from their failure to address what non-state actors, such as individual hackers and technology firms, do in cyberspace. Created by the extensive input of government officials decades ago with heavy focus on states as primary actors of international politics, international
-
Reconciliation of anti-money laundering instruments and European data protection requirements in permissionless blockchain spaces Journal of Cybersecurity Pub Date : 2021-03-11 Iwona Karasek-Wojciechowicz
This article is an attempt to reconcile the requirements of the EU General Data Protection Regulation (GDPR) and anti-money laundering and combat terrorist financing (AML/CFT) instruments used in permissionless ecosystems based on distributed ledger technology (DLT). Usually, analysis is focused only on one of these regulations. Covering by this research the interplay between both regulations reveals
-
Restraint under conditions of uncertainty: Why the United States tolerates cyberattacks Journal of Cybersecurity Pub Date : 2021-03-11 Monica Kaminska
The United States struggles to impose meaningful costs for destructive or disruptive cyber operations. This article argues that the United States' restrained responses stem from a desire to avoid risk in an inherently uncertain operational environment. The societal desire for risk avoidance is the prism through which policymakers address the cyber domain and deliberate responses to attacks. The article
-
A three-tiered intrusion detection system for industrial control systems Journal of Cybersecurity Pub Date : 2021-03-01 Eirini Anthi, Lowri Williams, Pete Burnap, Kevin Jones
This article presents three-tiered intrusion detection systems, which uses a supervised approach to detect cyber-attacks in industrial control systems networks. The proposed approach does not only aim to identify malicious packets on the network but also attempts to identify the general and finer grain attack type occurring on the network. This is key in the industrial control systems environment as
-
Risk and uncertainty can be analyzed in cyberspace Journal of Cybersecurity Pub Date : 2021-02-23 Aaron F Brantly
Perceptions of risk and uncertainty are pervasive in all international interactions. How states perceive risk and uncertainty and how they respond to these conditions impacts their policies and diplomatic behaviors. Despite a robust literature encompassing of risk and uncertainty within conventional state to state interactions including conflict, state interactions in cyberspace have received less