Cyber Security: Advice from the Front Line

ITNOW ◽  
2020 ◽  
Vol 62 (1) ◽  
pp. 38-39
Author(s):  
Johanna Hamilton
Keyword(s):  
Cyber Security ◽  
Financial Institution ◽  
Front Line ◽  
Security Advice

Abstract Joseph Rose is a Senior Security Architect for a large financial institution. Johanna Hamilton AMBCS asks him about the challenges of cyber security for the decade and why humans pose more problems than quantum.

scholarly journals An Exploratory Study of the Effects of Knowledge Sharing Methods on Cyber Security Practice

2021 ◽  
Vol 25 ◽  
Author(s):  
Hiep Cong Pham ◽  
Irfan Ulhaq ◽  
Minh Nguyen ◽  
Mathews Nkhoma
Keyword(s):  
Social Media ◽  
Knowledge Sharing ◽  
Cyber Security ◽  
Self Efficacy ◽  
Global Economy ◽  
Security Measures ◽  
Security Practices ◽  
Security Infrastructure ◽  
Group Interviews ◽  
Security Advice

In a networked global economy, cyber security threats have accelerated at an enormous rate. The security infrastructure at organisational and national levels are often ineffective against these threats. As a result, academics have focused their research on information security risks and technical perspectives to enhance human-related security measures. To further extend this trend of research, this study examines the effects of three knowledge sharing methods on user security practices: security training, social media communication, and local security experts (non-IT staff). The study adopts a phenomenological method employing in-depth focus group interviews with 30 participants from eight organisations located in Ho Chi Minh city, Vietnam. The study expands on understanding factors contributing to self-efficacy and security practice through various knowledge sharing channels. Current methods of periodical training and broadcast emails were found to be less effective in encouraging participants to develop security self-efficacy and were often ignored. Security knowledge sharing through social media and local experts were identified as supplementary methods in maintaining employees’ security awareness. In particular, social media is suggested as a preferred channel for disseminating urgent security alerts and seeking peer advice. Local security experts are praised for providing timely and contextualised security advice where member trust is needed. This study suggests that provisions of contemporary channels for security information and knowledge sharing between organisations and employees can gain regular attention from employees, hence leading to more effective security practices.

scholarly journals Towards a More Systematic Approach to Secure Systems Design and Analysis

2013 ◽  
Vol 4 (1) ◽  
pp. 11-30 ◽  
Author(s):  
Simon Miller ◽  
Susan Appleby ◽  
Jonathan M. Garibaldi ◽  
Uwe Aickelin
Keyword(s):  
Cyber Security ◽  
Systematic Approach ◽  
Systems Design ◽  
Software Systems ◽  
Security Risks ◽  
Secure Systems ◽  
Secure Systems Design ◽  
Consensus View ◽  
Security Advice

The task of designing secure software systems is fraught with uncertainty, as data on uncommon attacks is limited, costs are difficult to estimate, and technology and tools are continually changing. Consequently, experts may interpret the security risks posed to a system in different ways, leading to variation in assessment. This paper presents research into measuring the variability in decision making between security professionals, with the ultimate goal of improving the quality of security advice given to software system designers. A set of thirty nine cyber-security experts took part in an exercise in which they independently assessed a realistic system scenario. This study quantifies agreement in the opinions of experts, examines methods of aggregating opinions, and produces an assessment of attacks from ratings of their components. The authors show that when aggregated, a coherent consensus view of security emerges which can be used to inform decisions made during systems design.

Several Simple Shared Stable Decision Premises for Technochange

2011 ◽  
pp. 373-383
Author(s):  
Richard Diamond
Keyword(s):  
Cost Saving ◽  
Software Development ◽  
Financial Institution ◽  
Front Line ◽  
Business Ownership ◽  
Development Delays

This study explores decision premises that were used to manage and stabilise a complex technochange programme in a financial institution. Decision premises were extracted from business maxims, principles and rules using linguistic techniques. In the paper, the premises are juxtaposed with their consequences. The evidence of documents, observable practices and software configurations supports the analysis. It is found that decision premises form a hierarchical, self-causal as well as self-contradictory system of reasoning that was applied over any individual situation, particularly a conflict. By virtue of being several but not many, decision premises reinforce the 80-20 rule of many consequences stemming a few causes. In the case firm, decision premises were used in order to make technochange efficient as well as institute cost-saving and business ownership of software development. But there were drawbacks of intensified politics, software development delays, short-sighted capability decisions and work fragmentation for the front-line employees.

Sign in / Sign up

Export Citation Format

Share Document