Search results

The purpose of this paper is to propose a holistic cyber security implementation framework (HCS-IF) that lays out the ground for a conceptual, coherent, systematic, overarching and consolidated approach to implement cyber security strategies (CSSs).

The HCS-IF is conceptually proposed to address the actual needs that are extracted from literature review. The HCS-IF uses and integrates a set of high-level conceptual security controls, solutions, processes, entities, tools, techniques or mechanisms that are already known in the domains of information security management, software engineering and project management to address the identified needs.

The HCS-IF components and controls collectively interact and cooperate to implement CSSs. The proposed framework is compared with other related frameworks, and the results show that the HCS-IF outperforms other frameworks on most of the suggested comparison criteria.

From a practical standpoint, governments and practitioners alike stand to gain from the findings of this research. Governments who want to implement CSSs on a national level will find the proposed framework useful in overseeing cyber security implementation. Practitioners will be prepared to address the anticipated cyber security implementation challenges and the required controls needed to facilitate cyber-security implementation in a holistic overarching manner.

The study focuses on influential factors of collaboration on government data security by the Chinese government.

The article explores the case of e-government in the Chinese centralized unitary state system context, using a structured–pragmatic–situational (SPS) approach and the boundary theory as an analytical lens.

The findings indicate that e-government operates in highly interconnected environments where the safe flow of government data requires collaborative and cross-boundary strategies. Any organization is a potential “weakest link”. In addition, collaboration is fragmented by ambiguous accountability and organizational inertia across government departments, resources differences and limited visibility and measurability of security efforts across government levels and conflicts and uncertainties in principal–agent relationships. The solutions for those obstacles are also discussed from the multi-function, multi-level and multi-actor dimensions, respectively. A multi-dimensional overarching security model for the flow of government data is proposed.

The study advances the technology-oriented micro-analysis of previous studies on government data security to cross-organizational revealing at the macrolevel by connecting streams of research in information systems and public administration. These findings will contribute to making the safe flow of government data more resilient in the transformation of e-government.

This paper aims to report on a study that aimed at analyzing the relationships between information security and records management (RM), both as programs/functions established in organizations. Similar studies were not found in relevant literature.

The study used the classic grounded theory methodology. Pursuing the general curiosity about the information security-RM relationship in organizations, the study selected the United States (US) Federal Government as its field of entrance and followed the process of the classic grounded theory methodology that starts from the letting of the emergence of the research question to the formulation of a substantive theory that answered the question.

On the emergent question that why, despite the legislative establishment of agency RM programs and the use of the term records in their work, the US Federal Government information security community considered RM a candidate for deletion (CFD), the study coded the truncated application of the encompassing definition of records as the underlying reason. By this code, along with its three properties, i.e. limitations by the seemingly more encompassing coverage of information, insufficient legislative/regulatory support and the use of the terms of evidence and preservation in the records definition, the CFD consideration and the associated phenomena of unsound legislative/regulatory conceptualization, information shadow, information ignorance and archival shadow were explained.

The study results suggested the data for subsequent theoretical sampling to be the operational situations of individual agency RM programs.

The rationale presented in the study regarding the encompassing nature of records and the comprehensive scope of RM program can be used for building strong RM business cases.

The study appears to be the first of its kind, which examined the RM–information security relationship in a very detailed setting.

With the conceptualization of the blockchain as a socio-technical assemblage, this study aims to critically examine the blockchain initiatives in Korea in terms of the opportunities, risks and challenges embedded in their development.

This paper analyzes blockchain design and development from socioecological views: social, technological and cultural phenomena that represent the strategic interaction among people, technology and society. The qualitative data were collected from a variety of sources and diverse means.

The results imply that blockchain needs a close socio-technical examination to avoid simplistic assumptions of its promises and pitfalls. The development of blockchains in Korea will need to consider a range of socio-technical issues to facilitate the best outcomes for blockchain in society.

Despite proactive drives, new risks, such as security, privacy and transparency, emerge as critical concerns of the social implications of the blockchain and their impact on the new digital environment. Questions are raised as to how to govern blockchains, and how to address the unexpected outcomes that such a policy choice may have on society and industry.

The sociopolitical implications of Korean blockchains are examined to identify key concerns and issues as the country progresses rapidly toward a blockchain-driven society.

Introduction: The frequency and complexity of cyber assaults have grown in recent years. Consequently, organisations have increased their expenditures in more robust infrastructure to protect themselves from these cyber assaults. These organisations’ assets, data, and reputations are at risk due to rapidly increasing cybercrimes. However, complete protection from these many and ever-changing threats is very challenging as a result. To deal with them, companies are taking steps to reduce risks and limit company losses in their occurrence.

Purpose: Progressively, the insurance sector organisations are including digital protection as a component of the board’s general danger technique. Protection enterprises, then again, depend on accurately expecting risks, while a significant number of them depend on normalised approaches. Because of the exceptional attributes of the digital assaults, transporters now and again depend on subjective strategies dependent on master decisions. There is an unmistakeable absence of observational information on digital protection, specifically subjective examinations planning to comprehend and depict necessities, impediments, and cycles applicable for digital protection.

Methodology: There are various unanswered inquiries and worries about the oversight and legitimate and administrative assessment of network safety weaknesses in the protection business. In the wake-up of looking over all these worries and issues, steps to alleviate them are laid out after an extensive literature survey and secondary data sources. In this study, the authors have principally viewed the executive parts of the associations as the danger. While considering network protection, their insight of needs was taken as one among a few dangerous treatment systems, just as the necessities of the organisations’ protection in assessing the danger level of likely customers.

Findings: This section analyses past research in network safety and information security in the protection market. The danger of the executives’ strategies, the numerical models, and the forecasts of digital occassions are illustrated in this section. Lastly, the future headings are likewise expressed momentarily.

Practical implications: This review might be valuable for additional examination and logical discussion, yet additionally for down-to-earth applications. Moreover, it could be gainful to organisations as a supportive instrument for better agreement on what digital protection is and how to get ready to take on network safety and information security procedures in the association.

Significance: These associations’ resources, information, and notoriety are in danger because of quickly expanding cybercrimes. Cybercriminals are utilising more refined approaches to start digital assaults. Digital protection was anticipated to affect security conduct before any proof was gathered. Progressively, organisations are including digital protection as a feature of their general danger to the executive system. Because of the exceptional attributes of the digital assaults, transporters as often as possible depend on subjective methods dependent on master decisions. Thus, this space of network safety and information security is vital uniquely in the protection market.

Amidst the clamber to join the high‐tech world of e‐commerce, companies have neglected to apply common sense to their endeavours. It is arguably the lack of common sense rather than the lack of sophistication of e‐commerce security which potentially will scupper e‐trade development.

Border security is a crucial part of the country’s broader homeland security efforts. It is a multifaceted and complex issue which attempts to accomplish two seemingly contradictory objectives – the prevention of people and goods from entering the country, while at the same time, facilitating lawful travel and trade. Although it is primarily a federal responsibility, securing the border crosses over multiple homeland security domains, as well jurisdictions. In recent years, numerous strategies and structures have been implemented to foster a whole-of-government approach to border security. This chapter presents border security in the larger context of homeland security. It examines the strategies and coordinating structures developed to create a secured border and an overview of the interaction of law enforcement agencies at the various jurisdictional levels. Although these structures create a robust network of mutually supportive agencies to effectuate border security, a major strategic challenge to securing the nation’s borders still persists.

A legal obligation to adopt reasonable information security procedures exists in a variety of laws around the world, such as the EU Data Directive (Directive 95/46), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and sectoral and state privacy laws in the U.S. The latter include security breach notification laws, and laws establishing a general duty of security. This paper compares and contrasts the privacy and information security landscape inside and outside the U.S. and offers suggestions for corporate “best practices” in data security designed to enhance consumer trust and minimize liability.

Border environments differ as foci for conflict discourse. While classic realist theories are used to account for mechanisms of securitized borders, socially oriented theories are often invoked to characterize relaxed borders. This distinguishing pattern regarding securitization reflects a deeply rooted focus on idealized borders, based on implicit expectations that relaxed borders are a viable option and goal for all. This orientation is prone to mistaken assumptions regarding local, national and regional interests and ultimately threatens delicately balanced states of stability. This paper aims to question this somewhat simplified categorization and posit that securitized borders are longstanding realities which warrant more complex theoretical conceptualization.

The analysis is based on documentary study and qualitative field research, mapping and evaluating Israel–Jordan cross-border interactions conducted during 2006-2014. Local civilian interactions were studied using three tools: interviews, non-participant observations and a sector-based analysis of original and secondary sources. In the course of research, many tours and observations of the border region were conducted, and key actors in Israel and Jordan were interviewed: entrepreneurs, local residents, local and national government officials, security personnel and representatives of non-governmental organizations involved in the administration and funding of normalization-promoting initiatives.

In light of internal and external security threats which challenge states and border regions in conflict environments and in normalized settings, there is increasing value in recognizing multi-level power relations (“bringing the state back in”) that design, inhibit and ultimately control the inevitability, circumstance and social–political effectivity of any cross-border interaction. Cross-border cooperation (CBC), which evolves gradually, monitored by the border regime and reflecting actual levels of inter-state political dialogue, is a slower yet safer option and a more realistic expectation for CBC, especially in regions of minimal communication between cross-border neighbors. In the backdrop of the Middle East turmoil, Israel and Jordan mark 20 years of peaceful relations, enjoying stability based on shared political and security interests, yet displaying no apparent tendency toward increased cross-border interaction. Given the stark differences in regimes and ongoing regional unrest, this securitized border fulfills local and regional needs and is far from a temporary “second-best” reality.

The analysis is based on original fieldwork and documentary study, mapping and evaluating Israel–Jordan cross-border interactions conducted during 2006-2014.