Search results

In 2019, FIU-the Netherlands celebrated its 25th anniversary. This study takes the occasion to reflect on the role of the FIU in financial surveillance and to describe its core practices of collecting, analysing and disseminating financial intelligence.

Because FIU practices are often secret and its transaction data classified as state secrets, the FIU’s daily operational activities remain obscure. Drawing on interviews, public reports and an online training course, this study encircles secrecy and offers a fine-grained analysis of the FIU's core activities.

The article finds that the FIU plays a pivotal role in financial surveillance because it can operate at various intersections. An FIU operates at the intersection of finance and security, in between the public and private sector and at the national and international domain. This pivotal role makes the FIU indispensable in the surveillance of payment systems and spending behavior.

The article poses that the desirability and effectiveness of financial surveillance has to date not received sufficient consideration, while it affects (the privacy of) anyone with a bank account. The article asks: is it ethically justifiable that transaction information is declared suspect, investigated, and shared nationally and internationally, without the individual or entity concerned officially being notified and legally named a suspect?

This case-study is not only relevant for the study of finance/security, AML/CFT and financial surveillance, but also to policy makers and the broader public who merit an understanding of how their financial behaviour is being surveilled.

The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.

The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.

The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.

Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.

The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

This paper aims to investigate how congruent keywords are used in information security policies (ISPs) to pinpoint and guide clear actionable advice and suggest a metric for measuring the quality of keyword use in ISPs.

A qualitative content analysis of 15 ISPs from public agencies in Sweden was conducted with the aid of Orange Data Mining Software. The authors extracted 890 sentences from these ISPs that included one or more of the analyzed keywords. These sentences were analyzed using the new metric – keyword loss of specificity – to assess to what extent the selected keywords were used for pinpointing and guiding actionable advice. Thus, the authors classified the extracted sentences as either actionable advice or other information, depending on the type of information conveyed.

The results show a significant keyword loss of specificity in relation to pieces of actionable advice in ISPs provided by Swedish public agencies. About two-thirds of the sentences in which the analyzed keywords were used focused on information other than actionable advice. Such dual use of keywords reduces the possibility of pinpointing and communicating clear, actionable advice.

The suggested metric provides a means to assess the quality of how keywords are used in ISPs for different purposes. The results show that more research is needed on how keywords are used in ISPs.

The authors recommended that ISP designers exercise caution when using keywords in ISPs and maintain coherency in their use of keywords. ISP designers can use the suggested metrics to assess the quality of actionable advice in their ISPs.

The keyword loss of specificity metric adds to the few quantitative metrics available to assess ISP quality. To the best of the authors’ knowledge, applying this metric is a first attempt to measure the quality of actionable advice in ISPs.

A deteriorating security situation and an increased need for defence equipment calls for new forms of collaboration between Armed Forces and the defence industry. This paper aims to investigate the ways in which the accelerating demand for increased security of supply of equipment and supplies to the Armed Forces requires adaptability in the procurement process that is governed by laws on public procurement (PP).

This paper is based on a review of current literature as well as empirical data obtained through interviews with representatives from the Swedish Defence Materiel Administration and the Swedish defence industry.

Collaboration with the globalized defence industry requires new approaches, where the PP rules make procurement of a safe supply of defence equipment difficult.

The study's empirical data and findings are based on the Swedish context. In order to draw more general conclusions in a defence context, the study should be expanded to cover more nations.

The findings will enable the defence industry and the procurement authorizations to better understand the requirements of Armed Forces, and how to cooperate under applicable legal and regulatory requirements.

The paper extends the extant body of academic knowledge of the security of supply into the defence sector. It serves as a first step towards articulating a call for new approaches to collaboration in defence supply chains.

Cyberattacks are becoming increasingly widespread, and cybersecurity is therefore increasingly important. Although the technological aspects of cybersecurity are its best-known characteristics, the cybersecurity phenomenon goes beyond the detection of technological impacts, and encompasses all the dimensions of an organization. This study thus focusses on an additional set of organizational elements. The key elements of cybersecurity organizational readiness depicted here are cybersecurity awareness, cybersecurity culture and cybersecurity organizational resilience (OR). This study aims to qualitatively assess small and medium enterprises’ (SMEs) overall level of organizational cybersecurity readiness.

This study focused on conducting a cybersecurity organizational readiness assessment using a sample of 53 Italian SMEs from the information and communication technology sector. Informed mixed method research, this study was conducted consistent with the principles of the explanatory sequential mixed method design, and adopting a quanti-qualitative methodology. The quantitative data were collected through a questionnaire. Qualitative data were subsequently collected through semi-structured interviews.

Although many elements of the technical aspects of cybersecurity OR have yielded very encouraging results, there are still some areas that require improvement. These include those facets that constitute the foundation of cybersecurity awareness, and, thus, a cybersecurity culture. This result highlights that the areas in need of improvement are exactly those that are most important in fighting against cyber threats via organizational cybersecurity readiness.

Although the importance of SMEs is obvious, evidence of such organizations’ attitudes to cybersecurity are still limited. This research is an attempt to depict the organizational issue related to cybersecurity, i.e. overall cybersecurity organizational readiness.

This paper aims to examine the prevailing Rohingya refugee crisis from political and humanitarian perspectives and explores the political and humanitarian aspects of the Rohingya refugee crisis.

Relevant literature has been reviewed for conceptual understanding. This study is descriptive and qualitative in nature and based on secondary sources of data.

The main causes of the Rohingya crisis such as political and humanitarian aspects. Issues such as discrimination and homelessness, and national security concerns that regional politics scapegoated the Rohingya to exacerbate regional tensions. Moreover, armed conflicts, political radicalization, security concerns, human rights violations and low media attention compared to other displaced families have made the future of the Rohingyas very uncertain.

The Rohingya crisis has far-reaching implications for domestic and regional politics as well as for relations with major world powers. In the context of regional security and geopolitics, this study provides insight into the polarization and politicization of the Rohingya minority.

This research offers a vital exploration of the Rohingya refugee crisis, delving into its multifaceted political and humanitarian dimensions, contributing fresh insights to address a pressing global concern.

In order to estimate the value of semi-automated subject indexing in operative library catalogues, the study aimed to investigate five different automated implementations of an open source software package on a large set of Swedish union catalogue metadata records, with Dewey Decimal Classification (DDC) as the target classification system. It also aimed to contribute to the body of research on aboutness and related challenges in automated subject indexing and evaluation.

On a sample of over 230,000 records with close to 12,000 distinct DDC classes, an open source tool Annif, developed by the National Library of Finland, was applied in the following implementations: lexical algorithm, support vector classifier, fastText, Omikuji Bonsai and an ensemble approach combing the former four. A qualitative study involving two senior catalogue librarians and three students of library and information studies was also conducted to investigate the value and inter-rater agreement of automatically assigned classes, on a sample of 60 records.

The best results were achieved using the ensemble approach that achieved 66.82% accuracy on the three-digit DDC classification task. The qualitative study confirmed earlier studies reporting low inter-rater agreement but also pointed to the potential value of automatically assigned classes as additional access points in information retrieval.

The paper presents an extensive study of automated classification in an operative library catalogue, accompanied by a qualitative study of automated classes. It demonstrates the value of applying semi-automated indexing in operative information retrieval systems.

I historically compare changes in institutional frameworks creating academic positions linked to temporary employment by analyzing university employment statistics in Chile, Colombia, Germany, and the USA. I find that temporary academic positions were institutionalized through the creation of previously inexistent academic categories called a contrata in Chile, de cátedra in Colombia, “junior professor” without tenure in Germany and “postdoc” in the USA; used in higher education and employment laws since 1989, 1992, 2002, and 1974, respectively. Under institutional frameworks demanding the maximization of students and research, universities have increasingly contracted academics through temporary contracts under rationales that differ between regions. In Colombia and Chile, public university leaders and owners of private universities contract such teaching positions to expand student numbers through lowering costs. In Germany and the USA, employment insecurity is mostly driven by temporary scientific positions under a main rationale of scientific expansion. The share of temporary positions has increased exponentially in Colombia and Germany in recent decades, whereas in the USA there has only been an increase since 2012. Moreover, in Chile, the share of permanent positions has decreased since 2012. The common trend is one of isomorphism of vertical academic structures sharing a pyramidal form, with a wide base of academics working under conditions of contractual insecurity. Such trends follow a rationale for maximization of student numbers as well as administration, and scientific production that is in tension with prioritizing wellbeing and improvement of academics’ working conditions. Yet, in these environments, the institution of tenure in the USA and recent Chilean regulations on accreditation represent mechanisms counteracting precarious employment.

An unreliable supply of grid electricity has a strong negative impact on industrial and commercial profitability as well as on household activities and government services that rely on electricity supply. This unreliable grid electricity could be a result of technical and security factors affecting the grid network. Therefore, this study aims to investigate the effects of technical and security factors on the transmission and distribution of grid electricity in Uganda.

This study used the ordinary least squares (OLS) and autoregressive distributed lag (ARDL) models to examine the effects of technical and security factors on grid electricity reliability in Uganda. The study draws upon secondary time series monthly data sourced from the Uganda Electricity Transmission Company Limited (UETCL) government utility, which transmits electricity to both distributors and grid users. Additionally, data from Umeme Limited, the largest power distribution utility in Uganda, were incorporated into the analysis.

The findings revealed that technical faults, failed grid equipment, system overload and theft and vandalism affected grid electricity reliability in the transmission and distribution subsystems of the Ugandan power grid network. The effect was computed both in terms of frequency and duration of power outages. For instance, the number of power outages was 116 and 2,307 for transmission and distribution subsystems, respectively. In terms of duration, the power outages reported on average were 1,248 h and 5,826 h, respectively, for transmission and distribution subsystems.

This paper investigates the effects of technical and security factors on the transmission and distribution grid electricity reliability, specifically focusing on frequency and duration of power outages, in the Ugandan context. It combines both OLS and ARDL models for analysis and adopts the systems reliability theory in the area of grid electricity reliability research.

This paper aims to provide a maturity model for information security awareness (MMISA), based on the literature, expert interviews and feedback. In addition to developing the MMISA, the authors investigate the role of the three decisive factors that affect ISA maturity level: risk management mechanism, organizational structure and ISA.

The research methodology is a combined one; qualitative and quantitative methods were applied, including surveying the literature, interviews and developing a survey to collect quantitative data about decisive factors that affect ISA maturity level. The authors perform a variance-based partial least squares-structural equation modeling (PLS-SEM) investigation of the relationships between these factors.

The investigation of decisive factors of ISA maturity levels revealed that if the authors identify a strong risk assessment mechanism (through a documented methodology and reliable results), the authors can expect a high level of ISA. If there is a well-defined organizational structure with clear responsibilities, this supports the linking of a risk management mechanism with the level of ISA. The connection between organizational structure and ISA maturity level is supported by ISA activities: an increased level of awareness actions strengthens an organizational structure via the best practices learned by the staff.

The main contribution of the proposed MMISA model is that the model offers controls and audit evidence for maturity levels. Beyond that, the authors distinguish in the MMISA model controls supporting knowledge and controls supporting attitude, emphasizing that this is not enough to know what to do, but the proper attitude is required too. The authors didn't find any other ISA maturity model which has a similar feature. The contribution of the authors' work is that the authors provide a method for solving this complex measurement problem via the MMISA, which also offers direct guidance for the daily practices of organizations.