View Post

Challenges Policy Makers face to Counter Cybercrime

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 1 of 18 in the series Human Aspects in Cybersecurity

Pfleeger (2005) reminds us that modern cyber-criminals can often be individuals that are difficult to detect.  They “wear business suits, have university degrees, and appear to be pillars of their communities.”  In addition to this, because of the wide spread accessibility to the internet and communications, it makes it easier for these criminals to operate in groups spread across the …

Share
View Post

Risks, Threats and Vulnerabilities

In Cybersecurity by Ian Carnaghan1 Comment

This entry is part 3 of 18 in the series Human Aspects in Cybersecurity

According to SANS (2009) attacks against websites and web applications constitute more than 60% of total attacks observed on the internet.  The risk of attack is generally based on the probability that a threat of some kind will exploit a vulnerability or weakness in a system or network.  In recent years risks have been taken more seriously with many businesses …

Share
View Post

Security Policies

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 4 of 18 in the series Human Aspects in Cybersecurity

Bosworth et al (2009) stress the importance of formality that should be adopted when creating an ethics policy.  They emphasize that clear documentation, clear motivation, clear sanctions, and clear management support at every level, including the top, are all important pieces of an effective policy. 

Share
View Post

Cost and Challenges with E-Government

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 5 of 18 in the series Human Aspects in Cybersecurity

There is no doubt that E-Government provides conveniences today that many take for granted, however there is an underlying cost for these services.  First of all, government sites are attractive targets for malicious activities, whether or not this involves deliberate disruption of service, or the stealing of sensitive information for profit. 

Share
View Post

One audit standard fits all?

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 7 of 18 in the series Human Aspects in Cybersecurity

Computer applications are constantly evolving; while web based systems continue to grow in complexity.  It is essential that these systems are properly secured both at the server level as well as at the code or application level, therefore Information Systems audit standards, more specifically focused on application and development measures provide some of the most useful valuable information at an …

Share
View Post

Mobile Security

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 8 of 18 in the series Human Aspects in Cybersecurity

Underlying vulnerabilities in mobile device software has also opened up the door to potential security breaches.  In an article describing mobile application security flaws, (Westervelt, 2010) wrote that it was discovered that many mobile application security vulnerabilities were similar to those found in early web applications.

Share
View Post

Will the Mandiant Report Raise Public Awareness?

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 9 of 18 in the series Human Aspects in Cybersecurity

The Mandiant report: APT1: Exposing One of China’s Cyber Espionage Units, has stirred up a lot of media attention over the past few weeks.  The report was originally released to show evidence that a specific Chinese military unit has been behind many major Advanced Persistent Threats (APTs) within the United States. 

Share