To see the other types of publications on this topic, follow the link: Cybersecurity behaviour.
Journal articles on the topic 'Cybersecurity behaviour'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Cybersecurity behaviour.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Shah, Pintu, and Anuja Agarwal. "Cybersecurity behaviour of smartphone users in India: an empirical analysis." Information & Computer Security 28, no. 2 (2020): 293–318. http://dx.doi.org/10.1108/ics-04-2019-0041.
Full textAbstract:
Purpose For a good number of Indians, their smartphone is their first digital computing device. They have less experience in dealing with the Internet-enabled device and hence less experience in handling security threats like malware as compared to users of other countries who have gone through the learning curve of handling such security threats using other Internet-enabled devices such as laptop and desktop. Because of this, the inexperienced Indian smartphone user may be vulnerable to Internet-related security breaches, as compared to the citizens of developed economies. Hence, it is essential to understand the attitude, behaviour and security practices of smartphone users in India. Limited research is available about the security behaviour of smartphone users in India as the majority of research in this domain is done outside India. Design/methodology/approach In this empirical study, the researchers identified 28 cybersecurity behaviours and practices through a survey of relevant literature. An online survey of identified cybersecurity behaviours and practices was administered to 300 smartphone users. Frequency analysis of the respondent data was done to understand the adoption of recommended cybersecurity behaviours and practices. Pearson’s chi-square with 5% level of significance has been used to test the hypotheses. Post hoc analysis with Bonferroni correction was conducted for statistically significant associations. Findings Overall, the respondents did not exhibit good cybersecurity behaviour. Respondents have adopted some of the most popular security features of the smartphone such as the use of screen lock. However, respondents have not adopted or are not aware of the technical security controls such as encryption and remote wipe. Statistically significant differences were found between the cybersecurity behaviour and practices and independent variables such as gender, age, mobile operating system (OS) and mother tongue. Respondents reported high level of motivation to protect their device and data, whereas they reported moderate level of threat awareness and the ability to protect to their device and data. Results of the comparative analysis with a similar study in China and the USA are also reported in this study. Research limitations/implications The main limitations of this study are as follows: the respondents' perceptions about their cybersecurity behaviours and practices were measured as opposed to their actual behaviours and practices and the generalizability of the study is limited because the sample size is small as compared to the total number of smartphone users in India. Practical implications The findings of this study may be useful for the design of effective cybersecurity prevention and intervention programs for general smartphone users of India. Originality/value This study provides an insight about cybersecurity behaviour of smartphone users in India. To the knowledge of the researchers, this is the first study to collect such quantitative data of smartphone users in India for a better understanding of the cybersecurity behaviours and practices. This study identified 28 cybersecurity behaviours and practices, which smartphone users should follow to improve cybersecurity.
2
Branley-Bell, Dawn, Lynne Coventry, Matt Dixon, Adam Joinson, and Pam Briggs. "Exploring Age and Gender Differences in ICT Cybersecurity Behaviour." Human Behavior and Emerging Technologies 2022 (October 21, 2022): 1–10. http://dx.doi.org/10.1155/2022/2693080.
Full textAbstract:
Known age differences exist in relation to information and communication technology (ICT) use, attitudes, access, and literacy. Less is known about age differences in relation to cybersecurity risks and associated cybersecurity behaviours. Using an online survey, this study analyses data from 579 participants to investigate age differences across four key cybersecurity behaviours: device securement, password generation, proactive checking, and software updating. Significant age differences were found; however, this is not a straightforward relationship. Older users appear less likely to secure their devices compared to younger users; however, the reverse was found for the other behaviours, with older users appearing more likely to generate secure passwords and show proactive risk awareness and regularly install updates. Gender was not a significant predictor of security behaviour (although males scored higher for self-reported computer self-efficacy and general resilience). Self-efficacy was identified as a mediator between age and three of the cybersecurity behaviours (password generation, proactive checking, and updating). General resilience was also a significant mediator for device securement, password generation, and updating; however, resilience acted as a moderator for proactive checking. Implications of these findings are twofold: firstly, helping to guide the development of training and interventions tailored to different cybersecurity behaviours and secondly informing cybersecurity policy development.
3
Et. al., Siti Daleela Mohd Wahid,. "Cyber Security Behaviorin Online Distance Learning: Utilizing National E-Learning Policy." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 5 (2021): 1719–28. http://dx.doi.org/10.17762/turcomat.v12i5.2167.
Full textAbstract:
This present study discovers cybersecurity awareness in online distance learning (ODL) during the pandemic crisis. ODL is an excellent way of teaching and learning during this catastrophe. The Government has imposed the National E-learning Policy to support ODL procedures. Unfortunately, the policies have not been carefully planned on security elements. Therefore, by utilizing Information Security Awareness Capability Model and Situation Awareness-Oriented Cyber Security Education Model, we able to: (1) design the security elements for National e-Learning Policy (2) develop a conceptual model of security behavior that benefits ODL procedure. Principally, four factors are demanding attention in the domain of cybersecurity features. On the other hand, there are partially supported hypotheses between the dimensions of cybersecurity and behaviour. Nutshell, we believe our paper is extending the body of knowledge in cybersecurity elements, awareness, and behaviour literature. Future direction, limitation, and conclusion have been thoroughly discussed.
4
Branley-Bell, Dawn, Yolanda Gómez, Lynne Coventry, José Vila, and Pam Briggs. "Developing and Validating a Behavioural Model of Cyberinsurance Adoption." Sustainability 13, no. 17 (2021): 9528. http://dx.doi.org/10.3390/su13179528.
Full textAbstract:
Business disruption from cyberattacks is a growing concern, yet cyberinsurance uptake remains low. Using an online behavioural economics experiment with 4800 participants across four EU countries, this study tests a predictive model of cyberinsurance adoption, incorporating elements of Protection Motivation Theory (PMT) and the Theory of Planned Behaviour (TPB) as well as factors in relation to risk propensity and price. During the experiment, participants were given the opportunity to purchase different cybersecurity measures and cyberinsurance products before performing an online task. Participants likelihood of suffering a cyberattack was dependent upon their adoption of cybersecurity measures and their behaviour during the online task. The consequences of any attack were dependent upon the participants insurance decisions. Structural equation modelling was applied and the model was further developed to include elements of the wider security ecosystem. The final model shows that all TPB factors, and response efficacy from the PMT, positively predicted adoption of premium cyberinsurance. Interestingly, adoption of cybersecurity measures was associated with safer behaviour online, contrary to concerns of “moral hazard”. The findings highlight the need to consider the larger cybersecurity ecosystem when designing interventions to increase adoption of cyberinsurance and/or promote more secure online behaviour.
5
Onumo, Aristotle, Irfan Ullah-Awan, and Andrea Cullen. "Assessing the Moderating Effect of Security Technologies on Employees Compliance with Cybersecurity Control Procedures." ACM Transactions on Management Information Systems 12, no. 2 (2021): 1–29. http://dx.doi.org/10.1145/3424282.
Full textAbstract:
The increase in cybersecurity threats and the challenges for organisations to protect their information technology assets has made adherence to organisational security control processes and procedures a critical issue that needs to be adequately addressed. Drawing insight from organisational theory literature, we develop a multi-theory model, combining the elements of the theory of planned behaviour, competing value framework, and technology—organisational and environmental theory to examine how the organisational mechanisms interact with espoused cultural values and employee cognitive belief to influence cybersecurity control procedures. Using a structured questionnaire, we deployed structural equation modelling (SEM) to analyse the survey data obtained from public sector information technology organisations in Nigeria to test the hypothesis on the relationship of socio-organisational mechanisms and techno-cultural factors with other key determinants of employee security behaviour. The results showed that knowledge of cybersecurity and employee cognitive belief significantly influence the employees’ intentions to comply with organisational cybersecurity control mechanisms. The research further noted that the influence of organisational elements such as leadership on employee security behaviour is mediated by espoused cultural values while the impact of employee cognitive belief is moderated by security technologies. For effective cybersecurity compliance, leaders and policymakers are therefore to promote organisational security initiatives that ensure incorporation of cybersecurity principles and practices into job descriptions, routines, and processes. This study contributes to behavioural security research by highlighting the critical role of leadership and cultural values in fostering organisational adherence to prescribed security control mechanisms.
6
Evans, Mark, Leandros A. Maglaras, Ying He, and Helge Janicke. "Human behaviour as an aspect of cybersecurity assurance." Security and Communication Networks 9, no. 17 (2016): 4667–79. http://dx.doi.org/10.1002/sec.1657.
Full text
7
Olivares Rojas, Juan Carlos, ENRIQUE REYES ARCHUNDIA, JOSE ANTONIO GUTIERREZ GNECCHI, ARTURO MENDEZ PATIÑO, JAIME CERDA JACOBO, and ISMAEL MOLINA MORENO. "A METHODOLOGY FOR CYBER HYGIENE IN SMART GRIDS." DYNA 97, no. 1 (2022): 92–97. http://dx.doi.org/10.6036/10085.
Full textAbstract:
Although smart grids offer multiple advantages over traditional grids, there are still challenges to overcome to ensure the quality of service and grid security. In particular, cybersecurity plays an essential role in ensuring grid operation reliability and resilience to external threats. The traditional approach to address cybersecurity issues generally does not consider the human factor as the main component. Recently, the concept of cyber hygiene has emerged, where social and human aspects are fundamental to reduce vulnerabilities and the risk of attacks and breaches. In a similar manner to personal hygiene, which greatly influences people’s health, considering the human factor (i.e., human behaviour, awareness, and training) as a critical cybersecurity component, can significantly improve human operator cybersecurity practices that in turn can result in improved cybersecurity performance. In this paper, the authors propose and test a methodology for implementing cyber hygiene practices in the context of Smart Grid systems, focused on smart metering systems. The results suggest that implementing cyber hygiene practices can improve smart meter cybersecurity and be suitable for implementing other sensitive Smart Grid components. Key Words: Cybersecurity, Cyber Hygiene, Internet of Things, Smart Grid, Smart Meters.
8
Lie, Laksana Budiwiyono, Prio Utomo, and P. M. Winarno. "Investigating the Impact of Cybersecurity Culture on Employees’ Cybersecurity Protection Behaviours: A Conceptual Paper." Conference Series 3, no. 2 (2021): 295–305. http://dx.doi.org/10.34306/conferenceseries.v3i2.598.
Full textAbstract:
As technology and digital applications increase in volume and complexity, organization is facing greater security risks in cyberspace more than ever before. However, organizational cybersecurity requires more than just the latest technology. All the technology available to secure systems will not keep an organization secure if the people in the organization make bad or unexpected decisions that open up the system to attackers. To secure an organization, all employees of the organization must act positively to reduce company risks from cyberattacks. All leaders have a main responsibility to understand and align with the entire organization with cybersecurity objectives. Leaders need to keep continue to invest in security technologies and also need practical solutions for dealing with the human error of cybersecurity. The conceptual paper presented in this paper describes cybersecurity culture, external influencing factors, and organizational mechanisms, the elements that contribute to each employee of the organization that having protection behaviour from cyberattacks.
9
Eggenschwiler, Jacqueline. "Expert commissions and norms of responsible behaviour in cyberspace: a review of the activities of the GCSC." Digital Policy, Regulation and Governance 22, no. 2 (2020): 93–107. http://dx.doi.org/10.1108/dprg-03-2019-0019.
Full textAbstract:
Purpose Against the background of two decades of debates about responsible behaviour in cyberspace, this paper aims to examine the contributions of non-state actors to processes of cybersecurity norm-making. Specifically, it intends to dissect and critically appraise the work of the Global Commission on the Stability of Cyberspace (GCSC), a multistakeholder consortium composed of 28 regionally-diverse scholars, CEOs and (former) policymakers. Inaugurated at the margins of the 2017 Munich Security Conference, the GCSC has been fairly active with regard to developing proposals for norms and policies to enhance international security and stability and guiding responsible conduct in the virtual realm. Design/methodology/approach With a view to engaging in a differentiated analysis of the Commission’s activities, this paper asks: How do non-state actors such as the GCSC contribute to processes of cybersecurity norm-making, i.e. what are their roles and responsibilities, and how effective is their engagement? Since the end of the Cold War, non- state actors have become an issue of great interest to scholars of International Relations and International Law. However, in the context of cybersecurity, their normative engagement has not been scrutinised extensively. This paper seeks to address this gap. Findings Based on a review of secondary literature and case materials, this paper finds that, within a relatively short period of time, the GCSC has managed to exert discernible discursive and political influence over discussions on responsible behaviour in cyberspace and deserves recognition as a shaper of transnational cybersecurity governance. However, while fairly successful across the dimensions of output and outcome, the Commission has struggled to effect far-reaching systemic change (impact). Originality/value In light of significant contestation and fleeting governmental appetite for enacting red lines in the virtual realm, this paper seeks to critically appraise the contributions of non-state actors to processes of cybersecurity norm-making. The motivation to do so stems from two sources: empirical observations that non-state protagonists have become more involved in issues concerning responsible conduct in cyberspace, and realisations that, so far, academic research has offered little examination of their ideational engagement. Exploring the case of the GCSC, this paper argues that non-state actors have to be taken seriously as normative change agents in cybersecurity governance-related contexts.
10
Kasper, Agnes, Anna-Maria Osula, and Anna Molnár. "EU cybersecurity and cyber diplomacy." IDP Revista de Internet Derecho y Política, no. 34 (December 13, 2021): 1–15. http://dx.doi.org/10.7238/idp.v0i34.387469.
Full textAbstract:
Over the last decades cybersecurity has become a cornerstone of European digital development. Alongside with the diffusion of information and communication technologies and the deepening (as well as widening) of the European Union, the initial narrow and sectoral data security policies have expanded into a comprehensive cybersecurity framework addressing issues from resilient infrastructure and technological sovereignty, through tackling cybercrime, to cyber defence capabilities and responsible state behaviour in cyberspace. In this complex web of interrelated policies a relative newcomer at the European Union (EU) level is cyber diplomacy. Sometimes also called public diplomacy 2.0, it factors into the cross-border connectivity of cyberspace and reflects a shift in international relations where the lines between external and internal policies, military and civilian domains are blurred. However, the term cyber diplomacy is fluid and it is not well understood which topics should be under its “umbrella”, in particular in relation to cybersecurity, where it seems to be linked the most. This article aims to map existing and proposed instruments that make up the EU’s arsenal in this broad context to answer the following questions: what is cyber diplomacy and how is it related to the EU cybersecurity? Is cyber diplomacy in the EU becoming something in its own right as a distinct set of tools to secure the EU policy objectives?
11
Addae, Joyce Hoese, Michael Brown, Xu Sun, Dave Towey, and Milena Radenkovic. "Measuring attitude towards personal data for adaptive cybersecurity." Information & Computer Security 25, no. 5 (2017): 560–79. http://dx.doi.org/10.1108/ics-11-2016-0085.
Full textAbstract:
Purpose This paper presents an initial development of a personal data attitude (PDA) measurement instrument based on established psychometric principles. The aim of the research was to develop a reliable measurement scale for quantifying and comparing attitudes towards personal data that can be incorporated into cybersecurity behavioural research models. Such a scale has become necessary for understanding individuals’ attitudes towards specific sets of data, as more technologies are being designed to harvest, collate, share and analyse personal data. Design/methodology/approach An initial set of 34 five-point Likert-style items were developed with eight subscales and administered to participants online. The data collected were subjected to exploratory and confirmatory factor analyses and MANOVA. The results are consistent with the multidimensionality of attitude theories and suggest that the adopted methodology for the study is appropriate for future research with a more representative sample. Findings Factor analysis of 247 responses identified six constructs of individuals’ attitude towards personal data: protective behaviour, privacy concerns, cost-benefit, awareness, responsibility and security. This paper illustrates how the PDA scale can be a useful guide for information security research and design by briefly discussing the factor structure of the PDA and related results. Originality/value This study addresses a genuine gap in research by taking the first step towards establishing empirical evidence for dimensions underlying personal data attitudes. It also adds a significant benchmark to a growing body of literature on understanding and modelling computer users’ security behaviours.
12
Younus, Ahmed Muayad, Ramzi Tarazi, Hala Younis, and Mohanad Abumandil. "The Role of Behavioural Intentions in Implementation of Bitcoin Digital Currency Factors in Terms of Usage and Acceptance in New Zealand: Cyber Security and Social Influence." ECS Transactions 107, no. 1 (2022): 10847–56. http://dx.doi.org/10.1149/10701.10847ecst.
Full textAbstract:
Bitcoin, Dogecoin, Litecoin, Dash coin, Ripple, and Stellar are just a few of the numerous cryptocurrencies available today. Bitcoin is the most widely used cryptocurrency in various parts of the world. The objective, of this research to ascertain analyses the beneficial effects of social affect and cybersecurity on the use and acceptance of bitcoin.to ascertain and analyses the beneficial influence of examines the behavioural intention as a moderating factor, the relationship between social influence and cyber security and bitcoin use behaviour and acceptance in New Zealand. 497 questionnaires were distributed, and 328 completed questionnaires were returned and analysed, yielding a response rate of 68%. respondents provided their information voluntary a unique link emailed to every one of our samples. the survey. Used hierarchical moderated regression analysis to test the hypotheses (H1, H2, H3, H4). Spss were used to test two sets of linear regression models. the data collection instrument for this study was an online questionnaire. according to the findings, behavioural intention has a significant beneficial effect on social influence and cybersecurity on bitcoin use behaviour and acceptance. additionally, social influence, as well as cybersecurity, have a support positive impact of bitcoin use behaviour and acceptance in New Zealand. the implications for the research on the use of bitcoin are expected to provide education about bitcoin. enhance the security of financial transactions, provide informative pertaining for the regulation that permit use and provide benefits for entice and retain customers in terms bitcoin users. Technological advancements have resulted in a significant
13
Sulaiman, Noor Suhani, Muhammad Ashraf Fauzi, Walton Wider, Jegatheesan Rajadurai, Suhaidah Hussain, and Siti Aminah Harun. "Cyber–Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review." Social Sciences 11, no. 9 (2022): 386. http://dx.doi.org/10.3390/socsci11090386.
Full textAbstract:
Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation.
14
Chowdhury, Noman H., Marc T. P. Adam, and Geoffrey Skinner. "The impact of time pressure on cybersecurity behaviour: a systematic literature review." Behaviour & Information Technology 38, no. 12 (2019): 1290–308. http://dx.doi.org/10.1080/0144929x.2019.1583769.
Full text
15
Bella, Giampaolo. "Out to explore the cybersecurity planet." Journal of Intellectual Capital 21, no. 2 (2020): 291–307. http://dx.doi.org/10.1108/jic-05-2019-0127.
Full textAbstract:
PurposeSecurity ceremonies still fail despite decades of efforts by researchers and practitioners. Attacks are often a cunning amalgam of exploits for technical systems and of forms of human behaviour. For example, this is the case with the recent news headline of a large-scale attack against Electrum Bitcoin wallets, which manages to spread a malicious update of the wallet app. The author therefore sets out to look at things through a different lens.Design/methodology/approachThe author makes the (metaphorical) hypothesis that humans arrived on Earth along with security ceremonies from a very far planet, the Cybersecurity planet. The author’s hypothesis continues, in that studying (by huge telescopes) the surface of Cybersecurity in combination with the logical projection on that surface of what happens on Earth is beneficial for us earthlings.FindingsThe author has spotted four cities so far on the remote planet. Democratic City features security ceremonies that allow humans to follow personal paths of practice and, for example, make errors or be driven by emotions. By contrast, security ceremonies in Dictatorial City compel to comply, hence humans here behave like programmed automata. Security ceremonies in Beautiful City are so beautiful that humans just love to follow them precisely. Invisible City has security ceremonies that are not perceivable, hence humans feel like they never encounter any. Incidentally, the words “democratic” and “dictatorial” are used without any political connotation.Originality/valueA key argument the author shall develop is that all cities but Democratic City address the human factor, albeit in different ways. In the light of these findings, the author will also discuss security ceremonies of our planet, such as WhatsApp Web login and flight boarding, and explore room for improving them based upon the current understanding of Cybersecurity.
16
Coles-Kemp, Lizzie, Debi Ashenden, and Kieron O'Hara. "Why Should I? Cybersecurity, the Security of the State and the Insecurity of the Citizen." Politics and Governance 6, no. 2 (2018): 41–48. http://dx.doi.org/10.17645/pag.v6i2.1333.
Full textAbstract:
Assumptions are made by government and technology providers about the power relationships that shape the use of technological security controls and the norms under which technology usage occurs. We present a case study carried out in the North East of England that examined how a community might work together using a digital information sharing platform to respond to the pressures of welfare policy change. We describe an inductive consideration of this highly local case study before reviewing it in the light of broader security theory. By taking this approach we problematise the tendency of the state to focus on the security of technology at the expense of the security of the citizen. From insights gained from the case study and the subsequent literature review, we conclude that there are three main absences not addressed by the current designs of cybersecurity architectures. These are absences of: consensus as to whose security is being addressed, evidence of equivalence between the mechanisms that control behaviour, and two-way legibility. We argue that by addressing these absences the foundations of trust and collaboration can be built which are necessary for effective cybersecurity. Our consideration of the case study within the context of sovereignty indicates that the design of the cybersecurity architecture and its concomitant service design has a significant bearing on the social contract between citizen and state. By taking this novel perspective new directions emerge for the understanding of the effectiveness of cybersecurity technologies.
17
Kondrotas, Lukas. "European Union policy and the use of the normative power regarding cybersecurity." Análisis Jurídico - Político 4, no. 7 (2022): 143–68. http://dx.doi.org/10.22490/26655489.5504.
Full textAbstract:
The transformation of our societies due to technological progress and worldwide spread of information technologies has established a new domain where states must establish a “normal” way of relating to each other. National legislation has been adapted in order to reach this domain; however, in an international context there are still different manners to interpret what behaviour is normal and acceptable. The European Union has established a framework regarding its own cybersecurity and aims to establish the rule-of-law to progress towards a secure digital world; it has also created sanction rules to punish behaviours which oppose its own view. This paper tries to look at what effects it has had on other major actors in the realm of cybersecurity: The United States, Russia, and China. By looking at the development of the frameworks of these countries and their actions and comparing it to the objectives of the European Union in this matter, it shows that effects have been different in each case and that they are not coercing the actions of the other states, not because of a failed implementation, but due to their own nature.
18
Bakalinska, Olha. "Current legal trends of cyber security and intellectual property." Theory and Practice of Intellectual Property, no. 5 (December 29, 2022): 82–92. http://dx.doi.org/10.33731/52022.270899.
Full textAbstract:
Keywords: informational security, cyberspace, cybersecurity, intellectual property
 The catalyst for changes in the sphere of cyber-security in our countryhas been the hybrid war unleashed by the Russian Federation with the use of bothclassic and non-lethal weapons, through cyberspace and across cyberspace included.Challenges and threats to the national security of Ukraine in the cyberspaceled to the creation of the Cybersecurity Strategy of Ukraine.The cyberwar in Ukraine showed the ineffectiveness of the current internationallegal deterrence mechanism. The most important aspect of the development ofinternational humanitarian law is the formation of modern principles of counteractionto unfriendly actions of aggressors in cyberspace. Encouraging innovative activityand protecting rights holders from cyber threats is the main direction ofstate (national) intellectual property strategies, as a significant foundation for therapid development of industrial potential. Cybersecurity prevents the infringementof intellectual property rights and also ensures the privacy of databases,trade secrets and know-how to rights holders. It is the effective state position inthis area that will ensure the rapid recovery of our state after the end of the war.Legislative regulation of cyber protection in Ukraine corresponds to internationalstandards and modern cybersecurity strategies of the EU and NATO. In ouropinion, the most promising directions of development of the national cyber defencesystem are: improvement of the legal basis of cyber defence for critical infrastructurefacilities; implementation of the system of independent information security;development of international cooperation in the field of cybersecurity; increasein digital literacy of citizens and culture of safe behaviour in the cyberspace.The cyberwar in Ukraine has shown the ineffectiveness of the current internationallegal deterrence mechanism. The most important aspect of the developmentof international humanitarian law is the formation of modern principles of counteractionin cyberspace and the protection of the interests of small countries fromunfriendly actions.
19
Mphatheni, Mandlenkosi Richard, and Witness Maluleke. "Cybersecurity as a response to combating cybercrime." International Journal of Research in Business and Social Science (2147- 4478) 11, no. 4 (2022): 384–96. http://dx.doi.org/10.20525/ijrbs.v11i4.1714.
Full textAbstract:
Cybercrime is touted as any harmful behaviour that is in some way related to a computer but does not have a specific legal reference. Therefore, the objective of this study was to explore cybersecurity as a response to combating cybercrime, focusing on demystifying the prevailing threats, while offering recommendations to the African regions. Moreover, this qualitative study employed a non-empirical research design: Systematic review methodology to analyse grey literature and primary research studies peer-reviewed and published, restricted from 2010-2022, not following yearly sequential consideration. The Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) and Critical Appraisal Skill Programme (CASP) were employed to ensure the trustworthiness of the findings of this study based on reviewed conventional and seminal literature studies on this subject. The main findings of this study rest on a lack of a common universal definition of cybercrime, this has an impact on its prevention and ignores enormous economic value associated with the commission of this crime across the world, African regions included. It was also observed that this criminal act is presently committed with internet usage, consisting of copyright infringements, computer-related fraud, child or adult pornography, and network security violations, amongst others. Equally, addressing this scourge in African regions requires advanced skills and knowledge; exceeding the average computer and internet user. It is also critical to recognise the importance of implementing efficient cybersecurity methods, as policing this crime remains an important component of the Law Enforcement Agencies (LEA), and more innovative strategies are required and a globally coordinated response to this problem is urgently sought.
20
Cuinas, Inigo. "An Introduction to Cybersecurity at Physical Layer: Obstacles at Radio Channel to Mitigate Hackers’ Chance." Elektronika ir Elektrotechnika 26, no. 6 (2020): 58–65. http://dx.doi.org/10.5755/j01.eie.26.6.28006.
Full textAbstract:
Cybersecurity commonly focuses on higher layers of Open Systems Interconnection (OSI) model, as it is a discipline associated to Computer Science. However, physical layer is the front line of the defence of a system against external attacks, and Electrical Engineering, concretely Radiofrequency Engineering, can provide tools to reinforce radio networks also in terms of information security. This paper analyses different techniques related to site shielding. From hard traditional shielding, similar to Faraday cages, to different soft shielding solutions as vegetation fences and frequency selective surfaces (FSS), the variety of solutions is broad and would be useful in actual deployments. Finally, Building Information Modelling (BIM) appears as an interesting tool that could be incorporated along the design and construction of an office building to improve the electromagnetic behaviour, and subsequently the cybersecurity issues of the communication networks hosted by the building itself.
21
Vuță, Daniela Roxana, Eliza Nichifor, Ovidiu Mircea Țierean, et al. "Extending the Frontiers of Electronic Commerce Knowledge through Cybersecurity." Electronics 11, no. 14 (2022): 2223. http://dx.doi.org/10.3390/electronics11142223.
Full textAbstract:
As technology becomes more sophisticated so do cyber-attacks. The resilience of electronic commerce organisations represents a critical point nowadays because it influences consumer and digital business behaviour. In this context, the cybersecurity and electronic commerce knowledge were reviewed as a unit. The main aim of this paper is to support researchers and managers in understanding the theoretical framework and to provide a knowledge-based model. To achieve this aim, the authors performed an analysis of 14,585 papers from the Web of Science Core Collection that generated two visualized networks, analyzed with the metrics mean silhouette, modularity, betweenness centrality, and citation bursts in the context of digital resilience. The mapping process results show that the human factor represents the central junction with the fear of cyber-attacks and the perception of online shopping as risky. The adoption of electronic commerce and mobile commerce are two challenging research lines in the global economic resilience. Their adoption enabled by big data, artificial intelligence, machine learning, and even blockchain technology can strengthen resilience even when cybersecurity education is needed.
22
Reid, Rayne, and Johan Van Niekerk. "Decoding audience interpretations of awareness campaign messages." Information & Computer Security 24, no. 2 (2016): 177–93. http://dx.doi.org/10.1108/ics-01-2016-0003.
Full textAbstract:
Purpose This research aims to determine whether the educational influence of the cybersecurity awareness campaign on the audience (their knowledge, behaviour and potential cybersecurity culture) matches the campaign’s educational objectives. The research focuses on the knowledge component of this metric by examining the awareness campaign audience’s interpretative role in processing the campaign content, through the lens of active audience theory (AAT). Design/methodology/approach Using reflective practices, this research examines a single longitudinal case study of a cybersecurity awareness and education campaign which aims to raise awareness amongst school learners. Artefacts from a single sample are examined. Findings Reflexive practices using theories such as active audience can assist in identifying deviations between the message a campaign intends to communicate and the message that the campaign audience receives. Research limitations/implications Using this research approach, measurements could only be obtained for campaign messages depicted in artefacts. Future interventions should be designed to facilitate a more rigorous analysis of the audiences’ interpretation of all campaign messages using ATT. Originality/value This paper applied principles of ATT to examine the audience’s interpretative role in processing an awareness campaign’s content based on artifacts they created after exposure to the campaign. Conducting such analyses as part of a reflective process between cyber awareness/education campaign cycles provides a way to identify areas or topics within the campaign that require corrective action.
23
Nifakos, Sokratis, Krishna Chandramouli, Charoula Konstantina Nikolaou, et al. "Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review." Sensors 21, no. 15 (2021): 5119. http://dx.doi.org/10.3390/s21155119.
Full textAbstract:
Background: Cybersecurity is increasingly becoming a prominent concern among healthcare providers in adopting digital technologies for improving the quality of care delivered to patients. The recent reports on cyber attacks, such as ransomware and WannaCry, have brought to life the destructive nature of such attacks upon healthcare. In complement to cyberattacks, which have been targeted against the vulnerabilities of information technology (IT) infrastructures, a new form of cyber attack aims to exploit human vulnerabilities; such attacks are categorised as social engineering attacks. Following an increase in the frequency and ingenuity of attacks launched against hospitals and clinical environments with the intention of causing service disruption, there is a strong need to study the level of awareness programmes and training activities offered to the staff by healthcare organisations. Objective: The objective of this systematic review is to identify commonly encountered factors that cybersecurity postures of a healthcare organisation, resulting from the ignorance of cyber threat to healthcare. The systematic review aims to consolidate the current literature being reported upon human behaviour resulting in security gaps that mitigate the cyber defence strategy adopted by healthcare organisations. Additionally, the paper also reviews the organisational risk assessment methodology implemented and the policies being adopted to strengthen cybersecurity. Methods: The topic of cybersecurity within healthcare and the clinical environment has attracted the interest of several researchers, resulting in a broad range of literature. The inclusion criteria for the articles in the review stem from the scope of the five research questions identified. To this end, we conducted seven search queries across three repositories, namely (i) PubMed®/MED-LINE; (ii) Cumulative Index to Nursing and Allied Health Literature (CINAHL); and (iii) Web of Science (WoS), using key words related to cybersecurity awareness, training, organisation risk assessment methodologies, policies and recommendations adopted as counter measures within health care. These were restricted to around the last 12 years. Results: A total of 70 articles were selected to be included in the review, which addresses the complexity of cybersecurity measures adopted within the healthcare and clinical environments. The articles included in the review highlight the evolving nature of cybersecurity threats stemming from exploiting IT infrastructures to more advanced attacks launched with the intent of exploiting human vulnerability. A steady increase in the literature on the threat of phishing attacks evidences the growing threat of social engineering attacks. As a countermeasure, through the review, we identified articles that provide methodologies resulting from case studies to promote cybersecurity awareness among stakeholders. The articles included highlight the need to adopt cyber hygiene practices among healthcare professionals while accessing social media platforms, which forms an ideal test bed for the attackers to gain insight into the life of healthcare professionals. Additionally, the review also includes articles that present strategies adopted by healthcare organisations in countering the impact of social engineering attacks. The evaluation of the cybersecurity risk assessment of an organisation is another key area of study reported in the literature that recommends the organisation of European and international standards in countering social engineering attacks. Lastly, the review includes articles reporting on national case studies with an overview of the economic and societal impact of service disruptions encountered due to cyberattacks. Discussion: One of the limitations of the review is the subjective ranking of the authors associated to the relevance of literature to each of the research questions identified. We also acknowledge the limited amount of literature that focuses on human factors of cybersecurity in health care in general; therefore, the search queries were formulated using well-established cybersecurity related topics categorised according to the threats, risk assessment and organisational strategies reported in the literature.
24
Chignell, Mark H., Mu-Huan Chung, Yuhong Yang, Greg Cento, and Abhay Raman. "Human Factors in Interactive Machine Learning: A Cybersecurity Case Study." Proceedings of the Human Factors and Ergonomics Society Annual Meeting 65, no. 1 (2021): 1495–99. http://dx.doi.org/10.1177/1071181321651206.
Full textAbstract:
Cybersecurity is emerging as a major issue for many organizations and countries. Machine learning has been used to recognize threats, but it is difficult to predict future threats based on past events, since malicious attackers are constantly finding ways to circumvent defences and the algorithms that they rely on. Interactive Machine learning (iML) has been developed as a way to combine human and algorithmic expertise in a variety of domains and we are currently applying it to cybersecurity. In this application of iML, implicit knowledge about human behaviour, and about the changing nature of threats, can supplement the explicit knowledge encoded in algorithms to create more effective defences against cyber-attacks. In this paper we present the example problem of data exfiltration where insiders, or outsiders masquerading as insiders, who copy and transfer data maliciously, against the interests of an organization. We will review human factors issues associated with the development of iML solutions for data exfiltration. We also present a case study involving development of an iML solution for a large financial services company. In this case study we review work carried out on developing visualization dashboards and discussing prospects for further iML integration. Our goal in writing this paper is to motivate future researchers to consider the role of the human more fully in ML, not only in the data exfiltration and cybersecurity domain but also in a range of other applications where human expertise is important and needs to combine with ML prediction to solve challenging problems.
25
Padayachee, Keshnee. "Understanding the Relationship Between the Dark Triad of Personality Traits and Neutralization Techniques Toward Cybersecurity Behaviour." International Journal of Cyber Warfare and Terrorism 10, no. 4 (2020): 1–19. http://dx.doi.org/10.4018/ijcwt.2020100101.
Full textAbstract:
This study considers the framework of neutralization techniques, which responds to the attitude/rationalization leg of the fraud triangle with respect to the dark triad of personality traits' predictability toward compliant cybersecurity behaviour. Logically, organizations focus on reducing the insider's motivation and opportunities for malfeasance. However, it may be prudent to consider the rationalization for insider crime, which is arguably the most obscure element. This study is a unique contribution as it considers both the roles of neutralization techniques and the dark triad of personality traits with respect to insider threats and compliance intention. Furthermore, the specific categories of neutralization techniques will be considered as antecedents towards insider maleficence.
26
Dzidzah, Esther, Kwame Owusu Kwateng, and Benjamin Kofi Asante. "Security behaviour of mobile financial service users." Information & Computer Security 28, no. 5 (2020): 719–41. http://dx.doi.org/10.1108/ics-02-2020-0021.
Full textAbstract:
Purpose The inception of mobile financial services (MFSs) has positively provoked economic growth and productivity, nonetheless, it has pessimistically caused an upward surge in cybersecurity threat. Customers are progressively becoming conscious of some of the threat and several of them now shun away from some suspicious activities over the internet as a form of protection. This study aims to explore the factors that influence users’ to adopt security behaviour. Design/methodology/approach A synthesis of theories – Self-efficacy and technology threat avoidance theories – was used to examine the security behaviour of users of MFSs. Data was gathered from 530 students in Ghana using convenience sampling technique. Data analysis was carried out using descriptive statistics, inferential statistics and structural equation model. Findings Outcome of the investigation indicate that both mastery experience and verbal persuasion have substantial effect on the avoidance motivation of MFSs users. It was, however, found that emotional state and vicarious experience of users do not influence their avoidance motivation. Also, it was established that avoidance motivation is a positive prognosticator of avoidance behaviour. Practical implications Understanding the security behaviour of MFS users will help the operators to outline strategies to sustain the successes achieved. Originality/value Studies on user security behaviour are rare, especially in sub Saharan Africa, thus, this study will contribute to extant literature by adding a new dimension of user security behaviour.
27
Gahardina, Ayu, and Ilman Zuhri Yadi. "Analisis Graph Clustering Terhadap User Behavior Di Official Account Facebook Universitas Bina Darma Palembang." Journal of Computer and Information Systems Ampera 1, no. 2 (2020): 63–76. http://dx.doi.org/10.51519/journalcisa.v1i2.35.
Full textAbstract:
At a time when the times are increasing, it cannot be denied that almost some people use social media as a means of communication. Not only is it a means of communication, even social media is a place to show their habits. Without realizing it, the more information that is spread on social media regarding self-information, it will make information that can benefit others. User Behavior Analytics as defined by Gartner is a cybersecurity process of detection of insider threats, targeted attacks and financial fraud. The UBA solution looks at patterns of human behaviour and then applies algorithms and statistical analysis to detect meaningful anomalies of those patterns. Gephi is an open-source network visualization platform that can be used to analyze various cases using graph visualization. One of these analyzes can be done by using data that has been scraped from social media, Facebook, social media, Bina Darma University to get data visualization of the cases being tested. From these results, the graph clustering process is carried out in Gephi to obtain data clusters. The results will then be analyzed and identified so that they can become material for information about social media user behaviour.
28
Hanzu-Pazara, Radu, Gabriel Raicu, and Remus Zagan. "The Impact of Human Behaviour on Cyber Security of the Maritime Systems." Advanced Engineering Forum 34 (October 2019): 267–74. http://dx.doi.org/10.4028/www.scientific.net/aef.34.267.
Full textAbstract:
Nowadays, there are threats everywhere around us, on land, in the air and at sea. The most important and dangerous ones at the same time are the threats with impact on security and safety. At sea, more than in other fields, these threats are very different, starting with piracy, armed robbery and taking hostages up to different forms of terrorist or cybercrime acts. Piracy and other violent activities appear specifically in particular geographical areas, mostly based on different conflicts inside seaside countries. For the other threats considered, such as different types of terrorist activities, there are not geographical areas of interest defined. They can appear all over the world. The terrorist acts in the maritime field are not necessarily to be treated as a direct action, background systems may also be used, like information or operative computer control systems, which have a great importance and impact on the proper functionality of the maritime systems. Nowadays, there are some serious cybersecurity incidents with major impact on a worldwide scale. In the last decade there was a limited approach to address such major issues, most of them based on several methods, which had a centralized point of failure: the lack of knowledge and adaptability versus new ways of system penetration. For the technical vulnerabilities there are different solutions already developed, or being developed, for data protection and information security. Despite some important developments on data security, many of the important sectors remain under high risk regarding cybersecurity. The maritime sector today is considered one of the most exposed sectors to cyber threats, due to the global nature of the business as well as a great economical, geopolitical and environmental influence. Here, the higher vulnerability remains the human element, as an operative part of the data systems. Humans will always be a source for mistakes and errors. “To err is human” can be successfully applied in many activity fields, included the maritime one. The main purpose of any study on these matters, human factor and cyber protection is to start from the unpredictability of the human behaviour. It would be almost impossible to provide a totally secure information system, as long as such a system is exposed to the human factor. This paper intends to analyse possible models of human behaviour with impact on data systems’ protection in the maritime field and how systems can be improved and highly secured for any vulnerabilities based on these models.
29
Marnewick, Annlizé, and Suné Von Solms. "The Development of Cybersecurity Awareness Measurement Model in the Water Sector." International Conference on Cyber Warfare and Security 17, no. 1 (2022): 211–18. http://dx.doi.org/10.34190/iccws.17.1.43.
Full textAbstract:
:Cyber-attacks are one of the main threats to information systems, and humans have been identified as the weakest link with regards to information security. This study aims to develop a measurement instrument to evaluate the level of cyber security awareness (CSA) in the water sector in South Africa. There are lots of synergies with regards to cyber system usage across industries, and as a result this study will take a broad base approach in configuring an instrument that can be used to adequately assess the sample space in question. Having a reliable instrument to measure cyber security awareness helps mitigate the failed attempts at preparing employees for imminent cyber disruptions by pin-pointing areas where the training is needed before campaigns can be organised. This study will show that the psychology of employees with respect to cyber security awareness is compartmentalised into three traits: knowledge, attitude, and behaviour. These three traits were assessed under the following eight focus areas to check employee resilience to cyber security: IS policy adherence, Password management, Email use, Internet use, social media use, mobile devices, information handling, and incident reporting. In practice, employees will be required to answer questions formulated under these focus areas to the evaluate their cyber security awareness (CSA) level. The model proposed in this paper was developed to test cybersecurity awareness in the water sector, but can be utilised in other sectors for cybersecurity awareness testing.
30
Robles-Durazno, Andres, Naghmeh Moradpoor, James McWhinnie, Gordon Russell, and Jorge Porcel-Bustamante. "Implementation and Evaluation of Physical, Hybrid, and Virtual Testbeds for Cybersecurity Analysis of Industrial Control Systems." Symmetry 13, no. 3 (2021): 519. http://dx.doi.org/10.3390/sym13030519.
Full textAbstract:
Industrial Control Systems are an essential part of our daily lives and can be found in industries such as oil, utilities, and manufacturing. Rapid growth in technology has introduced industrial components with network capabilities that allow them to communicate with traditional computer networks, thus increasing their exposure to cyber-attacks. Current research on Industrial Control Systems suffer from lack of technical information as these systems are part of critical infrastructures. To overcome this, researchers have employed different types of testbeds to develop their mechanisms of cyber-attack detection and prevention. This manuscript describes, implements, and evaluates physical, hybrid, and virtual application of a clean water supply system developed for cybersecurity research. The results show that physical testbeds allow an understanding of the behaviour and dynamics of control components like sensors and actuators, which might be affected by external influences such as noise, vibration, temperature, and non-ideal device behaviour. Although, hybrid testbeds reduce the cost of implementation, they ignore the physical dynamics of the system as explained above. Virtual testbeds are the cheapest option in comparison with physical and hybrid testbeds; however, they provide a limited view of the control system operation that could have negative consequences when developing a detection/prevention system.
31
Yuliana, Yuliana. "Pentingnya Kewaspadaan Berinternet untuk Kesehatan Mental Anak dan Remaja." Jurnal Ilmu Medis Indonesia 2, no. 1 (2022): 25–31. http://dx.doi.org/10.35912/jimi.v2i1.1218.
Full textAbstract:
Abstract: Purpose: To describe the ways in increasing the internet awareness for the mental health of the children and adolescent. Methodology/approach: It is a narrative literature review. Articles were taken from the Science Direct and Google Scholar databases. Inclusion criteria are review and research articles. The excluded articles that were not peer-reviewed and unavailable full-text paper. Articles were read twice to reduce the bias. The selected articles were summarized and narrated descriptively. Results/findings: Results revealed that cybersecurity awareness can be increased by digital literacy training. Children should be taught how to avoid risky online behaviour to increase the mental health of the children. The cybersecurity awareness program is good to be given to children in avoiding phishing, pornography, cyberbullying, identity theft, and breaking to privacy. Children must be taught how to keep their passwords safe and private. They also need to be more cautious when playing online games. Limitations: It is a narrative literature review, the result is not as accurate as a study. Contribution: The contribution is the digital literation and cyber security program can be taught to the children to keep the good mental health during the COVID-19 pandemic and the time beyond. Keywords: 1. adolescent 2. children 3. internet awareness 4. digital literacy
32
Vega Vega, Rafael Alejandro, Pablo Chamoso-Santos, Alfonso González Briones, et al. "Intrusion Detection with Unsupervised Techniques for Network Management Protocols over Smart Grids." Applied Sciences 10, no. 7 (2020): 2276. http://dx.doi.org/10.3390/app10072276.
Full textAbstract:
The present research work focuses on overcoming cybersecurity problems in the Smart Grid. Smart Grids must have feasible data capture and communications infrastructure to be able to manage the huge amounts of data coming from sensors. To ensure the proper operation of next-generation electricity grids, the captured data must be reliable and protected against vulnerabilities and possible attacks. The contribution of this paper to the state of the art lies in the identification of cyberattacks that produce anomalous behaviour in network management protocols. A novel neural projectionist technique (Beta Hebbian Learning, BHL) has been employed to get a general visual representation of the traffic of a network, making it possible to identify any abnormal behaviours and patterns, indicative of a cyberattack. This novel approach has been validated on 3 different datasets, demonstrating the ability of BHL to detect different types of attacks, more effectively than other state-of-the-art methods.
33
Cervini, James, Aviel Rubin, and Lanier Watkins. "Don’t Drink the Cyber: Extrapolating the Possibilities of Oldsmar’s Water Treatment Cyberattack." International Conference on Cyber Warfare and Security 17, no. 1 (2022): 19–25. http://dx.doi.org/10.34190/iccws.17.1.29.
Full textAbstract:
Water treatment represents an essential critical infrastructure sector which has a direct impact on the health and well-being of its customers. Water treatment is often performed by municipalities with very limited budgets for cybersecurity resources. These underfunded, high-impact, targets represent an emerging cyber warfare attack-surface paradigm which poses a direct threat to the quality of life for millions of people. On February 5th, 2021, a water treatment plant in Oldsmar, Florida was the victim of an attempted cyberattack. This attack commanded the system to add a dangerous amount ofsodium hydroxide to water which supplied thousands. Direct exposure to sodium hydroxide causes painful burns to the exposed area with permanent internal damage likely upon ingestion. A system operator noticed this malicious behaviour and corrected the situation, minimizing the attack’s impact. This paper outlines the attack and illustrates how minor modifications to the attacker’s tactics, techniques, and procedures could have resulted in a cyber-derived catastrophe for thousands of unsuspecting citizens. Lastly, this paper explores the effectiveness of various low-cost cyber-physical security technologies when pitted against differing attacker models in these theoretical scenarios. These cybersecurity solutions are evaluated by cost, ease of use, implementation difficulty, and ability to support safe operation continuity when faced with adversary behaviour. The results of this evaluation illuminate a path forward for low-cost threat mitigation which increases the difficulty to compromise these critical cyber-physical systems. With attacks targeting industrial control systems on the rise, the Oldsmar water treatment cyberattack represents more than an individual incident, it can be viewed as a reflection of the current status of thousands of similar critical infrastructure systems that have yet to be caught in crosshairs of a competent and willing adversary with financial incentives and cyber warfare mission requirements serving as impetus for adversary willingness and any resulting large-scale cyber cataclysm.
34
Adebiyi, Sulaimon Olanrewaju, and Gloria Amaka Olayemi. "Predicting the Consequences of Perceived Data Privacy Risks on Consumer Behaviour: An Entropy-TOPSIS Approach." Studia Humana 11, no. 2 (2022): 25–48. http://dx.doi.org/10.2478/sh-2022-0008.
Full textAbstract:
Abstract Advancement in internet of things (IoT) and proliferation in the use of smart devices have raised concerns about the data privacy of online users. This study predicts the consequences of perceived data privacy risks on consumer behaviours in Lagos State, Nigeria using the integrated Entropy-Technique for Order Preference by Similarity to Ideal Solution (TOPSIS). We employed Entropy to assign weights to each criterion. Subsequently, responses were systematically ranked to arrive at an inference using TOPSIS. 84.8% agree that any perceived cyber security threat or a breach in their data privacy would stop them from proceeding with the transaction or activity online, or the use of a digital product. Similarly, (86.7%), agree it is critical that online businesses only ask for customer information that is relevant to the use of the product or service. Thus, the findings indicate that the privacy paradox of enlightened online consumers tends to diminish when they are faced with perceived data privacy and cybersecurity risks.
35
Mulaji, Sarah Mulombo, and Sumarie Roodt. "Factors Affecting Organisations’ Adoption Behaviour toward Blockchain-Based Distributed Identity Management: The Sustainability of Self-Sovereign Identity in Organisations." Sustainability 14, no. 18 (2022): 11534. http://dx.doi.org/10.3390/su141811534.
Full textAbstract:
Blockchain-based Distributed Identity Management (BDIDM) can enhance sustainable identification and authentication of users on organisations’ digital systems. But there is not a clear consensus on how organisations perceive the value proposition of such technology, nor what might affect their adoption behaviour toward it. This research explains how technological, organisational and environmental (TOE) factors affect organisations’ adoption behaviour toward BDIDM. This study aims to determine the most critical factors affecting the behaviour while assessing the effectiveness and appropriateness of the model involved, i.e., TOE-BDIDM. Online questionnaires are used to survey 111 information and cybersecurity practitioners within South African organisations. The analysis combines binary logistic regression modelling, Structural Equation Modelling of the measurement model, and chi-squared tests. The results suggest TOE factors positively or negatively affect adoption behaviour. The behaviour is significantly affected by technology characteristics, i.e., BDIDM’s disruptive nature, and is associated with Blockchain type. Indeed, the majority of participants intended to recommend BDIDM to their organisations yet paradoxically preferred private-permissioned blockchain the most, revealing resistance to decentralised and privacy-preserving BDIDM models like Self-Sovereign Identity (SSI). The latter might be utopian or unsustainable for organisations. TOE-BDIDM was found relatively appropriate and effective but arguably ‘incomplete’ for explaining the adoption of disruptive technologies like SSI in organisations. TOE should extend to TOEU by including the User factors.
36
Visky, Gabor, Arturs Lavrenovs, Erwin Orye, Dan Heering, and Kimberly Tam. "Multi-Purpose Cyber Environment for Maritime Sector." International Conference on Cyber Warfare and Security 17, no. 1 (2022): 349–57. http://dx.doi.org/10.34190/iccws.17.1.26.
Full textAbstract:
The cyber attack surface in a maritime environment is constantly growing. More current information and computer technologies are being used on cargo and passenger ships to save on operational costs and increase navigational safety. Along with the growing reliance on automation, the risk of a disruption to a vessel's critical systems by drawing on the wrong inputs from sensors to change the behaviour of the actuators has significantly increased. Traditional operational technological systems are much more complicated to update than the automatic software updates we see in information technology systems. To better understand existing cyber threats in the maritime sector and increase cybersecurity resilience, this paper aims to replicate the digital components of a ship's bridge to examine scenarios when the bridge system loses connectivity, receives the wrong inputs from sensors, or the internal system becomes compromised. The simulator differentiates fundamentally from traditional simulators or digital twins in the maritime sector that focus on training seafarers. This environment generates data streams that are similar to those on board a ship. Those data streams can be analysed, modified and spoofed to observe the effects. The effects can be technical but it is equally necessary to analyse how human beings would react in specific circumstances. Our work provides the opportunity to isolate the ship network traffic, conduct penetration testing, find cybersecurity vulnerabilities on devices, and execute cyber attacks without the dangers associated with running such scenarios on a vessel in the open sea.
37
Gerka, Alicja. "Searching for optimal machine learning algorithm for network traffic classification in intrusion detection system." ITM Web of Conferences 21 (2018): 00027. http://dx.doi.org/10.1051/itmconf/20182100027.
Full textAbstract:
The main problem associated with the development of an effective network behaviour anomaly detection-based IDS model is the selection of the optimal network traffic classification method. This article presents the results of simulation research on the effectiveness of the use of machine learning algorithms in the network attacks detection. The research part of the work concerned finding the optimal method of network packets classification possible to implement in the intrusion detection system’s attack detection module. During the research, the performance of three machine learning algorithms (Artificial Neural Network, Support Vector Machine and Naïve Bayes Classifier) has been compared using a dataset from the KDD Cup competition. Attention was also paid to the relationship between the values of algorithm parameters and their effectiveness. The work also contains an short analysis of the state of cybersecurity in Poland.
38
de la Torre-Abaitua, Gonzalo, Luis F. Lago-Fernández, and David Arroyo. "On the application of compression-based metrics to identifying anomalous behaviour in web traffic." Logic Journal of the IGPL 28, no. 4 (2020): 546–57. http://dx.doi.org/10.1093/jigpal/jzz062.
Full textAbstract:
Abstract In cybersecurity, there is a call for adaptive, accurate and efficient procedures to identifying performance shortcomings and security breaches. The increasing complexity of both Internet services and traffic determines a scenario that in many cases impedes the proper deployment of intrusion detection and prevention systems. Although it is a common practice to monitor network and applications activity, there is not a general methodology to codify and interpret the recorded events. Moreover, this lack of methodology somehow erodes the possibility of diagnosing whether event detection and recording is adequately performed. As a result, there is an urge to construct general codification and classification procedures to be applied on any type of security event in any activity log. This work is focused on defining such a method using the so-called normalized compression distance (NCD). NCD is parameter-free and can be applied to determine the distance between events expressed using strings. As a first step in the concretion of a methodology for the integral interpretation of security events, this work is devoted to the characterization of web logs. On the grounds of the NCD, we propose an anomaly-based procedure for identifying web attacks from web logs. Given a web query as stored in a security log, a NCD-based feature vector is created and classified using a support vector machine. The method is tested using the CSIC-2010 data set, and the results are analyzed with respect to similar proposals.
39
Столярова, Валерия Фуатовна, Александра Витальевна Торопова, and Александр Львович Тулупьев. "A Model for Estimating the Posting Frequency in an Online Social Media with Incomplete Data Using Objective Determinants of Users’ Behaviour." Fuzzy Systems and Soft Computing, no. 2 (December 28, 2021): 77–95. http://dx.doi.org/10.26456/fssc81.
Full textAbstract:
Профилирование пользователя онлайн социальной сети включает задачу оценки частоты (интенсивности) различных действий, в частности, публикации постов. Однако в силу ресурсных ограничений, может быть доступна только неполная информация о времени публикации нескольких последних постов, полученная, например, в рамках интервью. Оценка интенсивности постинга на основании таких данных востребована при анализе индивидуального риска, связанного с использованием онлайн социальных сетей. В статье предложена расширенная байесовская сеть доверия, которая использует не только информацию о времени публикации последних постов, но и объективные данные из профиля пользователя: пол, возраст, число друзей. Для обучения и демонстрации работы модели были собраны данные о публикации постов случайных пользователей в онлайн социальной сети ВКонтакте. Расширенная структура имеет более высокое значение информационного критерия Акаике по сравнению с упрощенной. User profiling is related to the problem of estimation of frequency of certain user’s actions in an online social media, like posting. But due to limited resources the only information available may be imprecise information on several last episodes of posting, that can be gathered via an interview. The frequency of posting estimates with such limited data may be used in the individual risk assessment that is connected with the use of online social media, for example, in medicine or cybersecurity. In the paper the Bayes belief network (BBN) for this problem is constructed, that incorporates not only the limited data on times of several last posts in an online social media, but the objective data about the user’s profile: age, sex, and friends count. With the training dataset gathered via API VKontakte we estimated conditional probability tables for two expert BBN structures (existing reduced structure based only on dates of several last posts and novel extended structure with objective behavior determinants incorporated) and automatically learned the optimal structure for the training data. Both extended models (expert and learned) showed lower values of the information criteria (Akaike information criteria and bayesian information criteria). Then with the test dataset the classification problem of the true frequency value was assessed. All three models showed similar results based on accuracy, kappa and average accuracy characteristics. This result is related to the weak strength of arcs between frequency variable and objective behavior determinants. But nevertheless the use of such variables is important in the application in order to construct the comprehensive structure of the knowledge in the area of interest. The practical significance of the work lies in the possibility of applying the proposed model to assess the posting frequency in the online social network, in particular in the tasks of modeling risk in the field of public health and socio-cybersecurity.
40
MAROZ, Nataliya. "A Critical Analysis of the Need for a Stronger International Legal Framework for Cyber Ethics in Times of Pandemic." Revista Etică și Deontologie 2021, no. 1 (2021): 60–73. http://dx.doi.org/10.52744/red.2021.01.08.
Full textAbstract:
Cyber technologies have changed both social and international relations dramatically. The influence of information and telecommunication technologies (hereafter – ICTs) extends from daily life to fundamental freedoms, economies, public administration and political relations. Recent changes brought by coronavirus has emphasized the world’s heavy dependence on ICTs. The technologies provide a virtual environment for normal working processes, ensure e-procurement for medical equipment and supplies, raise awareness of coronavirus prevention, maintain people’s life at hospitals etc. However, ICTs not only provide considerable benefits to society as a whole, but also can be used for criminal purposes as well as in manner inconsistent with the Charter of the United Nations to inflict substantial damage to critical infrastructure of a state, interfere in elections, block e-government and bank services etc. The pandemic has led to the introduction of new cyber challenges and risks. At the same time, there is no international treaty on cybersecurity as well as on combating cybercrime concluded under the auspices of the United Nations that could be applicable to cope with these newly emerged threats. In this situation, cybersecurity challenges might be addressed through ethical norms, which are more flexible than international legal norms. Thus, in the absence of comprehensive legal response to cyber risks cyber ethics is particularly important. Therefore, the article analyzes international legal basis for international cyber ethics. It distinguishes the types of international relations that are regulated by ethical norms. The research defines new risks to cyber security that have emerged during the pandemic and discusses possible ways to respond them through cyber ethics. The paper expresses a view that ethical rules concerning friendly and responsible state behaviour in the context of combating cybercrime should be reflected in an international convention on countering the use of information and communications technologies for criminal purposes, which is going to be developed under the auspices of the United Nations.
41
Dr. Kiss, Attila, and Csaba Dr. Krasznay. "A felhasználói viselkedéselemzés kiberbiztonsági előnyei és adatvédelmi kihívásai." Információs Társadalom 17, no. 1 (2017): 55. http://dx.doi.org/10.22503/inftars.xvii.2017.1.4.
Full textAbstract:
Az elmúlt években a kiberbiztonság védelmi oldalán állók olyan lemaradásba kerültek a támadó oldallal szemben, amit soha korábban nem tapasztalhattunk. A távolság csökkentésére évről évre újabb megoldások kerülnek kidolgozásra, de jelenleg az egyik legkomolyabb „csodafegyvernek” a felhasználói viselkedéselemzést tartják. Felvetődik azonban a kérdés, hogy hogyan lehet a felhasználók magánszférájának, adatainak védelmét is biztosítani úgy, hogy a technológia teljes egészében a megfigyelésen alapul? Tanulmányunkban bemutatjuk a kiberbiztonság aktuális problémáit, az ezekre adott Big Data alapú lehetséges megoldásokat, valamint áttekintjük az adatvédelemmel kapcsolatos legfontosabb jelenlegi és az EU Általános Adatvédelmi Rendelete által 2018 májusától előírt jogi követelményeket.
 
 ---
 
 Cybersecurity Advantages and Privacy Challenges of User Behaviour Analytics
 
 In recent decades those responsible for the defence of IT systems and infrastructure have significantly failed to keep up with those attacking them. New technologies appear from time to time in order to reduce this gap. According to our current knowledge, user behaviour analytics and/or entity behaviour analytics could mean light at the end of the tunnel. These tools, however, raise the question of how to ensure privacy and protect the personal data of users when technology is completely based only the constant surveillance of their digital world. This paper presents some of the recent IT security challenges together with possible solutions based on Big Data methods, then summarizes the key principles of data protection in light of the forthcoming General Data Protection Regulation of the EU in order to find a legal and ethically correct application of these IT security tools.
42
Boakye-Boateng, Kwasi, Ali A. Ghorbani, and Arash Habibi Lashkari. "A Trust-Influenced Smart Grid: A Survey and a Proposal." Journal of Sensor and Actuator Networks 11, no. 3 (2022): 34. http://dx.doi.org/10.3390/jsan11030034.
Full textAbstract:
A compromised Smart Grid, or its components, can have cascading effects that can affect lives. This has led to numerous cybersecurity-centric studies focusing on the Smart Grid in research areas such as encryption, intrusion detection and prevention, privacy and trust. Even though trust is an essential component of cybersecurity research; it has not received considerable attention compared to the other areas within the context of Smart Grid. As of the time of this study, we observed that there has neither been a study assessing trust within the Smart Grid nor were there trust models that could detect malicious attacks within the substation. With these two gaps as our objectives, we began by presenting a mathematical formalization of trust within the context of Smart Grid devices. We then categorized the existing trust-based literature within the Smart Grid under the NIST conceptual domains and priority areas, multi-agent systems and the derived trust formalization. We then proposed a novel substation-based trust model and implemented a Modbus variation to detect final-phase attacks. The variation was tested against two publicly available Modbus datasets (EPM and ATENA H2020) under three kinds of tests, namely external, internal, and internal with IP-MAC blocking. The first test assumes that external substation adversaries remain so and the second test assumes all adversaries within the substation. The third test assumes the second test but blacklists any device that sends malicious requests. The tests were performed from a Modbus server’s point of view and a Modbus client’s point of view. Aside from detecting the attacks within the dataset, our model also revealed the behaviour of the attack datasets and their influence on the trust model components. Being able to detect all labelled attacks in one of the datasets also increased our confidence in the model in the detection of attacks in the other dataset. We also believe that variations of the model can be created for other OT-based protocols as well as extended to other critical infrastructures.
43
Győrffy, Krisztina, Ferenc Leitold, and Anthony Arrott. "Individual awareness of cyber-security vulnerability - Citizen and public servant." Central and Eastern European eDem and eGov Days 325 (February 14, 2018): 411–22. http://dx.doi.org/10.24989/ocg.v325.34.
Full textAbstract:
Cyber-security is not concerned so much with average or median vulnerability in an organization. Rather more important is identifying the weakest links. Individual user susceptibility and user behaviour risk assessment are key to measuring the effectiveness of cyber-security awareness programs and policies. Increasingly, it has been demonstrated that managing individual user susceptibility is as critical to organization well-being as maintaining patched IT infrastructure or responding to specific immediate cyber-threat alerts.
 Despite IT systems audits, human factor studies, training courses, user policies, and user documentation, managing user cyber-security awareness remains one of the weakest links in protecting organizations from cyber-threats. Most employees are not aware of the cyber-threats they are most likely to encounter while performing their work. They are susceptible to malicious manipulation (social engineering threats) and they tend not to follow standard procedures (either through ignorance or in attempting to circumvent security procedures to achieve more productivity). Typically, employees only recognize the importance of cyber-security policies and practices after an incident has happened to themselves.
 With the increasing availability and utility of IT network traffic analysis tools and active user behaviour probes (e.g., fake-phishing), employees can be given direct and individual feedback to increase their cyber-security awareness and improve their cyber-security practices. Beyond an organization’s employees, the same holds for a country’s citizens, or a government’s public servants. At their best, these user behaviour monitoring tools can be used in an open and transparent way to increase awareness of individual vulnerability before actual incidents occur.
 In addition to presenting results from the application of user behaviour monitoring tools to cybersecurity, this paper examines the efficacy of the privacy protection safeguards that they incorporate. These results are applied to public sector approaches to: (a) public awareness of citizen cyber-health; (b) securing online pubic services; and (c) public servant awareness of their own vulnerability to cyber-threats.
44
Mashiane, Thulani, and Elmarie Kritzinger. "IDENTIFYING BEHAVIORAL CONSTRUCTS IN RELATION TO USER CYBERSECURITY BEHAVIOR." EURASIAN JOURNAL OF SOCIAL SCIENCES 9, no. 2 (2021): 98–122. http://dx.doi.org/10.15604/ejss.2021.09.02.004.
Full textAbstract:
A behavior such as enabling two factor authentication has a positive impact on a users’ information security. It is assumed that given the benefits, users will want to perform this cybersecurity related behavior. However, some users choose not to perform the beneficial security behavior. Varied explanations have been provided as to why users choose to perform or not perform cybersecurity behaviors. The factors that influence users in the decision making of whether to perform or not perform a cybersecurity related behavior are referred to as constructs. This study seeks to combine the results of selected studied, with the aim of identifying prominent user cybersecurity behavior constructs, as well as the relationships between the constructs. The contributions made by the study is the consolidated visualization of behavior constructs that have an influence on user cybersecurity behavior. Furthermore, the study also provides practical applications of the cybersecurity behavior constructs. To achieve the goals of the study, a literature review is used as the study methodology. Data from previous studies is systematically collected, and analyzed. The study makes use of the Theoretical Domains Theory as a tool, which aids in consolidating the different behavior constructs found in cybersecurity literature. The constructs Beliefs about Capabilities, Beliefs about Consequences, Reinforcements, Social Influences, Intentions, Emotions, Social/Professional Role and Identity, Knowledge and Skills are found to have influence on cybersecurity behavior.
45
Ramlo, Susan, and John B. Nicholas. "The human factor: assessing individuals’ perceptions related to cybersecurity." Information & Computer Security 29, no. 2 (2021): 350–64. http://dx.doi.org/10.1108/ics-04-2020-0052.
Full textAbstract:
Purpose The purpose of this paper is to reveal and describe the divergent viewpoints about cybersecurity within a purposefully selected group of people with a range of expertise in relation to computer security. Design/methodology/approach Q methodology [Q] uses empirical evidence to differentiate subjective views and, therefore, behaviors in relation to any topic. Q uses the strengths of qualitative and quantitative research methods to reveal and describe the multiple, divergent viewpoints that exist within a group where individuals sort statements into a grid to represent their views. Analyses group similar views (sorts). In this study, participants were selected from a range of types related to cybersecurity (experts, authorities and uninformed). Findings Four unique viewpoints emerged such that one represents cybersecurity best practices and the remaining three viewpoints represent poor cybersecurity behaviors (Naïve Cybersecurity Practitioners, Worried but not Vigilant and How is Cybersecurity a Big Problem) that indicate a need for educational interventions within both the public and private sectors. Practical implications Understanding the divergent views about cybersecurity is important within smaller groups including classrooms, technology-based college majors, a company, a set of IT professionals or other targeted groups where understanding cybersecurity viewpoints can reveal the need for training, changes in behavior and/or the potential for security breaches which reflect the human factors of cybersecurity. Originality/value A review of the literature revealed that only large, nation-wide surveys have been used to investigate views of cybersecurity. Yet, surveys are not useful in small groups, whereas Q is designed to investigate behavior through revealing subjectivity within smaller groups.
46
Reeves, A., P. Delfabbro, and D. Calic. "Encouraging Employee Engagement With Cybersecurity: How to Tackle Cyber Fatigue." SAGE Open 11, no. 1 (2021): 215824402110000. http://dx.doi.org/10.1177/21582440211000049.
Full textAbstract:
Cybersecurity fatigue is a form of work disengagement specific to cybersecurity. It manifests as a weariness or aversion to cybersecurity-related workplace behaviors or advice and occurs as a result of prior overexposure to cybersecurity-related work demands or training. While some previous theoretical conceptualizations of cybersecurity fatigue are available, this article is the first to capture all dimensions of the phenomenon in a four-component model. The model holds that cybersecurity fatigue can result from overexposure to workplace cybersecurity advice (e.g., training) or cybersecurity actions (e.g., forced password updates). Similarly, we argue that there can be two types of cybersecurity fatigue: attitudinal (e.g., a belief that cybersecurity is not important) and cognitive (e.g., habituated bad behaviors). We present a multidisciplinary review, which draws on research from management, psychology, and information systems. Practitioners can use the four-component model to identify the type of cybersecurity fatigue that may be occurring in employees and adapt workplace processes accordingly to improve behavior. In addition, we present three illustrative case studies, adapted from employee experiences, to demonstrate the application of the four-component model to an organizational context. The review presents a framework for coordinating the existing approaches to cybersecurity fatigue in the current literature.
47
He, Wu, Ivan Ash, Mohd Anwar, et al. "Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training." Journal of Intellectual Capital 21, no. 2 (2019): 203–13. http://dx.doi.org/10.1108/jic-05-2019-0112.
Full textAbstract:
Purpose An organization’s ability to successfully manage intellectual capital is determined by the actions of its employees to prevent or minimize information security incidents. To prevent more data breaches to intellectual capital, organizations must provide regular cybersecurity awareness training for all personnel. The purpose of this paper is to investigate the effect of different evidence-based cybersecurity training methods on employees’ cybersecurity risk perception and self-reported behavior. Design/methodology/approach The study participants were randomly assigned into four groups (i.e. malware report, malware videos, both malware report and malware videos and no interventions) to assess the effects of cybersecurity training on their perceptions of vulnerability, severity, self-efficacy, security intention as well as their self-reported cybersecurity behaviors. Findings The results show that evidence-based malware report is a relatively better training method in affecting employees’ intentions of engaging in recommended cybersecurity behaviors comparing with the other training methods used in this study. A closer analysis suggests whether the training method contains self-relevant information could make a difference to the training effects. Originality/value This paper reports an in-depth investigation on how different evidence-based cybersecurity training methods impact employees’ perceptions of susceptibility, severity, self-efficacy, security intention as well as on their self-reported cybersecurity behaviors.
48
Alhuwail, Dari, Eiman Al-Jafar, Yousef Abdulsalam, and Shaikha AlDuaij. "Information Security Awareness and Behaviors of Health Care Professionals at Public Health Care Facilities." Applied Clinical Informatics 12, no. 04 (2021): 924–32. http://dx.doi.org/10.1055/s-0041-1735527.
Full textAbstract:
Abstract Objectives This study investigated information security behaviors of professionals working in the public health sector to guide policymakers toward focusing their investments in infrastructure and training on the most vulnerable segments. We sought to answer the following questions: (1) Are certain professional demographics more vulnerable to cybersecurity threats? (2) Do professionals in different institution types (i.e., hospitals vs. primary care clinics) exhibit different cybersecurity behaviors? (3) Can Internet usage behaviors by professionals be indicative of their cybersecurity awareness and the risk they introduce? Methods A cross-sectional, anonymous, paper-based survey was distributed among professionals working in public health care organizations in Kuwait. Data were collected about each professional's role, experience, work environment, cybersecurity practices, and understanding to calculate a cybersecurity score which indicates their level of compliance to good cybersecurity practices. We also asked about respondents' internet usage and used K-means cluster analysis to segment respondents into three groups based on their internet activities at work. Ordinary least squares regression assessed the association between the collected independent variables in question on the overall cybersecurity behavior. Results A total of 453/700 (64%) were responded to the survey. The results indicated that professionals with more work experience demonstrated higher compliance with good cybersecurity practices. Interestingly, nurses demonstrate higher cybersecurity aptitude relative to physicians. Professionals that were less inclined to use the internet for personal use during their work demonstrated higher cybersecurity aptitude. Conclusion Our findings provide some guidance regarding how to target health care professional training to mitigate cybersecurity risks. There is a need for ensuring that physicians receive adequate cybersecurity training, despite the opportunity costs and other issues competing for their attention. Additionally, classifying professionals based on their internet browsing patterns may identify individuals vulnerable to cybersecurity incidents better than more discrete indicators such as age or gender.
49
Antunes, Mário, Carina Silva, and Frederico Marques. "An Integrated Cybernetic Awareness Strategy to Assess Cybersecurity Attitudes and Behaviours in School Context." Applied Sciences 11, no. 23 (2021): 11269. http://dx.doi.org/10.3390/app112311269.
Full textAbstract:
Digital exposure to the Internet among the younger generations, notwithstanding their digital abilities, has increased and raised the alarm regarding the need to intensify the education on cybersecurity in schools. Understanding of the human factor and its influence on children, namely their attitudes and behaviors online, is pivotal to reinforce their awareness towards cyberattacks, and to promote their digital citizenship. This paper aims to present an integrated cybersecurity and cyberawareness strategy composed of three major steps: (1) Cybersecurity attitude and behavior assessment, (2) self-diagnosis, and (3) teaching/learning activities. The following contributions are made: Two questionnaires to assess risky attitudes and behaviors regarding cybersecurity; a self-diagnosis to measure students’ skills on cybersecurity; a lesson plan addressing cyberawareness to be applied on Information and Communications Technology (ICT) and citizenship education curricular units. Cybersecurity risky attitudes and behaviors were evaluated in a junior high school population of 164 students attending the sixth and ninth grades. The assessment focused on two main subjects: To identify the attitudes and behaviors that raise the risk on cybersecurity among the participating students; to characterize the acquired students’ cybersecurity and cyberawareness skills. Global and individual scores and the histograms for attitudes and behaviors are presented. The items in which we have observed significant differences between sixth and ninth grades are depicted and quantified by their corresponding p-values obtained through the Mann–Whitney non-parametric test. Regarding the results obtained on the assessment of attitudes and behaviors, although positive, we observed that the attitudes and behaviors in ninth grade students are globally inferior compared to those attained by sixth grade students. The deployed strategy for cyberawareness was applied in a school context; however, the same approach is suitable to be applied in other types of organizations, namely enterprises, healthcare institutions and public sector.
50
Mkhize, Simangele, and Nirmala Gopal. "Cyberbullying Perpetration: Children and Youth at Risk of Victimization during Covid-19 Lockdown." International Journal of Criminology and Sociology 10 (April 30, 2021): 525–37. http://dx.doi.org/10.6000/1929-4409.2021.10.61.
Full textAbstract:
The Covid-19 is believed to have emerged in Wuhan, China, and has affected many countries across the globe. In response to this pandemic, governments in different countries have implemented social distancing measures to stop the spread of the virus. The closure of schools and switch to remote learning of universities to protect youth and children from exposure to the virus might also open opportunities for certain crimes such as cyberbullying. The study aimed at exploring the risks of victimization of children and youth through cyberbullying during the lockdown. A qualitative approach, non-participant observation was utilised. Data was collected from three social media platforms which include Facebook, Twitter, and Instagram from posts since the beginning of lockdown. Keywords such as 'ama2000s', '2000s' and '90s vs 2000s' were used to search for content. Facebook groups for '2000s' where most young people engage were also used. The study found that with the increase of the use of social media among children and youth during the lockdown, most have been victims of cyberbullying. In these platforms where young people engage, most posts and comments carried content which includes sexting, sexual comments on young girls' pictures, trending of videos of school children fighting, and insulting each other. A significant finding was the use of fake accounts to perpetrate cyberbullying. The study recommends that addressing cyberbullying through educating children and youth about acceptable online behaviour, signs of cyberbullying, responses to it, and cybersecurity should be prioritised.