Search results
1 – 10 of 359Lelia Cristina Díaz-Pérez, Ana Laura Quintanar-Reséndiz, Graciela Vázquez-Álvarez and Rubén Vázquez-Medina
Based on this holistic model, the authors propose and analyze seven key issues related to the admissibility of digital media in cross-border trials considering four Latin American…
Abstract
Purpose
Based on this holistic model, the authors propose and analyze seven key issues related to the admissibility of digital media in cross-border trials considering four Latin American countries.
Design/methodology/approach
The authors apply the modeling process of the soft systems methodology by Checkland in order to develop a holistic model focused on human situation problems involving digital media and information technology devices or systems.
Findings
The authors discuss the status of the identified key issues in each country and offer a perspective on the integration of cross-border work analyzing the contribution of these key issues to the collaboration between countries criminal cases or the use of foreign digital artifacts in domestic trials.
Research limitations/implications
In this study, the authors assumed that the problems of official interaction between agencies of different countries are considered solved. However, for future studies or research, the authors recommend that these issues can be considered as relevant, since they are related to cross-border cooperation topics that will necessarily require unavoidable official arrangements, agreements and formalities.
Practical implications
This work is aimed at defining and analyzing the key issues that can contribute to the application of current techniques and methodologies in digital forensics as a tool to support the legal framework of each country, considering cross-border trials. Finally, the authors highlight the implications of this study lie in the identification and analysis of the key issues that must be considered for digital forensics as a support tool for the admissibility of digital evidence in cross-border trials.
Social implications
The authors consider that digital forensic will have high demand in cross-border trials, and it will depend on the people mobility between the countries considered in this study.
Originality/value
This paper shows that the soft systems methodology allows elaborating a holistic model focused on social problems involving digital media and informatics devices.
Details
Keywords
Jacobus Gerhardus J. Nortje and Daniel Christoffel Myburgh
This paper aims to identify impediments, discuss impediments and make recommendations for the impediments during the execution of a search and seizure warrant for digital evidence…
Abstract
Purpose
This paper aims to identify impediments, discuss impediments and make recommendations for the impediments during the execution of a search and seizure warrant for digital evidence in South African criminal cases.
Design/methodology/approach
The discussion of this article, the second article of two, focuses on a literature review of international and local impediments identified in case law and published research literature and how it is approached in various jurisdictions.
Findings
This study found that impediments identified and addressed internationally during the execution of a search and seizure warrant for digital evidence are relevant to South African criminal cases and still need to be addressed during the execution of a search and seizure warrant for digital evidence in South African criminal cases.
Research limitations/implications
Although searches and seizures for digital evidence are relevant to civil, regulatory and criminal investigations, this study focuses on the search and seizure for digital evidence in criminal matters with an emphasis on the provisions of the Criminal Procedure Act 51 of 1977 and the Cybercrimes Act 19 of 2020.
Originality/value
The originality of this paper lies in the procedures followed during the physical search and seizure of digital information during the execution of search and seizure warrants for digital information in South Africa. If the South African Police Service follows the recommended procedures, it will contribute to the success of the South African Police Service, which would result in the improved quality of investigations and successful prosecution of crime in South Africa.
Details
Keywords
Milad Soltani, Alexios Kythreotis and Arash Roshanpoor
The emergence of machine learning has opened a new way for researchers. It allows them to supplement the traditional manual methods for conducting a literature review and turning…
Abstract
Purpose
The emergence of machine learning has opened a new way for researchers. It allows them to supplement the traditional manual methods for conducting a literature review and turning it into smart literature. This study aims to present a framework for incorporating machine learning into financial statement fraud (FSF) literature analysis. This framework facilitates the analysis of a large amount of literature to show the trend of the field and identify the most productive authors, journals and potential areas for future research.
Design/methodology/approach
In this study, a framework was introduced that merges bibliometric analysis techniques such as word frequency, co-word analysis and coauthorship analysis with the Latent Dirichlet Allocation topic modeling approach. This framework was used to uncover subtopics from 20 years of financial fraud research articles. Furthermore, the hierarchical clustering method was used on selected subtopics to demonstrate the primary contexts in the literature on FSF.
Findings
This study has contributed to the literature in two ways. First, this study has determined the top journals, articles, countries and keywords based on various bibliometric metrics. Second, using topic modeling and then hierarchy clustering, this study demonstrates the four primary contexts in FSF detection.
Research limitations/implications
In this study, the authors tried to comprehensively view the studies related to financial fraud conducted over two decades. However, this research has limitations that can be an opportunity for future researchers. The first limitation is due to language bias. This study has focused on English language articles, so it is suggested that other researchers consider other languages as well. The second limitation is caused by citation bias. In this study, the authors tried to show the top articles based on the citation criteria. However, judging based on citation alone can be misleading. Therefore, this study suggests that the researchers consider other measures to check the citation quality and assess the studies’ precision by applying meta-analysis.
Originality/value
Despite the popularity of bibliometric analysis and topic modeling, there have been limited efforts to use machine learning for literature review. This novel approach of using hierarchical clustering on topic modeling results enable us to uncover four primary contexts. Furthermore, this method allowed us to show the keywords of each context and highlight significant articles within each context.
Details
Keywords
Oluwatoyin Esther Akinbowale, Heinz Eckart Klingelhöfer and Mulatu Fekadu Zerihun
This study aims to investigate the feasibility of employing a multi-objectives integer-programming model for effective allocation of resources for cyberfraud mitigation. The…
Abstract
Purpose
This study aims to investigate the feasibility of employing a multi-objectives integer-programming model for effective allocation of resources for cyberfraud mitigation. The formulated objectives are the minimisation of the total allocation cost of the anti-fraud capacities and the maximisation of the forensic accounting capacities in all cyberfraud incident prone spots.
Design/methodology/approach
From the literature survey conducted and primary qualitative data gathered from the 17 licenced banks in South Africa on fraud investigators, the suggested fraud investigators are the organisation’s finance department, the internal audit committee, the external risk manager, accountants and forensic accountants. These five human resource capacities were considered for the formulation of the multi-objectives integer programming (MOIP) model. The MOIP model is employed for the optimisation of the employed capacities for cyberfraud mitigation to ensure the effective allocation and utilisation of human resources. Thus, the MOIP model is validated by a genetic algorithm (GA) solver to obtain the Pareto-optimum solution without the violation of the identified constraints.
Findings
The formulated objective functions are optimised simultaneously. The Pareto front for the two objectives of the MOIP model comprises the set of optimal solutions, which are not dominated by any other feasible solution. These are the feasible choices, which indicate the suitability of the MOIP to achieve the set objectives.
Practical implications
The results obtained indicate the feasibility of simultaneously achieving the minimisation of the total allocation cost of the anti-fraud capacities, or the maximisation of the forensic accounting capacities in all cyberfraud incident prone spots – or the trade-off between them, if they cannot be reached simultaneously. This study recommends the use of an iterative MOIP framework for decision-makers which may aid decision-making with respect to the allocation and utilisation of human resources.
Originality/value
The originality of this work lies in the development of multi-objectives integer-programming model for effective allocation of resources for cyberfraud mitigation.
Details
Keywords
Howard Chitimira and Sharon Munedzi
This paper explores the historical aspects of customer due diligence and related anti-money laundering measures in South Africa. Customer due diligence measures are usually…
Abstract
Purpose
This paper explores the historical aspects of customer due diligence and related anti-money laundering measures in South Africa. Customer due diligence measures are usually employed to ensure that financial institutions know their customers well by assessing them against the possible risks they might pose such as fraud, money laundering, Ponzi schemes and terrorist financing. Accordingly, customer due diligence measures enable banks and other financial institutions to assess their customers before they conclude any transactions with them. Customer due diligence measures that are utilised in South Africa include identification and verification of customer identity, keeping records of transactions concluded between customers and financial institutions, ongoing monitoring of customer account activities, reporting unusual and suspicious transactions and risk assessment programmes. The Financial Intelligence Centre Act 38 of 2001 (FICA) as amended by the Financial Intelligence Centre Amendment Act 1 of 2017 (Amendment Act) is the primary statute that provides for the adoption and use of customer due diligence measures to detect and combat money laundering in South Africa. Prior to the enactment of the FICA, several other statutes were enacted in a bid to prohibit money laundering in South Africa. Against this background, the article provides a historical overview analysis of these statutes to, inter alia, explore their adequacy and examine whether they consistently complied with the Financial Action Task Force Recommendations on the regulation of money laundering.
Design/methodology/approach
The paper provides an overview analysis of the historical aspects of the regulation and use of customer due diligence to combat money laundering in South Africa. In this regard, a qualitative research method as well as the doctrinal research method are used.
Findings
It is hoped that policymakers and other relevant persons will adopt the recommendations provided in the paper to enhance the curbing of money laundering in South Africa.
Research limitations/implications
The paper does not provide empirical research.
Practical implications
The paper is useful to all policymakers, lawyers, law students and regulatory bodies, especially, in South Africa.
Social implications
The paper advocates for the use of customer due diligence measures to curb money laundering in the South African financial markets and financial institutions.
Originality/value
The paper is original research on the South African anti-money laundering regime and the use of customer due diligence measures to curb money laundering in South Africa.
Details
Keywords
Syahril Efendi, Baihaqi Siregar and Heru Pranoto
Innovation in a decentralized blockchain infrastructure can be used by medicine as a prerequisite for the exchange of patient data. Developments in the medical device industry…
Abstract
Innovation in a decentralized blockchain infrastructure can be used by medicine as a prerequisite for the exchange of patient data. Developments in the medical device industry that support the technology of the internet of things and wireless sensor networks also facilitate the examination of patient medical records that no longer require visits to the practice of doctors or hospitals which in some cases takes in a considerable time. Not to mention the consideration of traffic congestion and busy routine in the work. Patients can check their healthcare concerns using only sensors such as e-Health Sensor Shield Platform which then sends recording results through the transmission line to the data lakes. However, this patient’s medical record data is very confidential and may only be accessed by certain parties only. This required the design of the concept of security in the transmission of data so that the data does not leak to parties who are not eligible. This paper attempts to provide an overview of the concept of using encryption with an asymmetric key for securing data from sensors to data lakes before forwarding to a decentralized, interconnected blockchain infrastructure.
Details
Keywords
Garret Murray, Malin Falkeling and Shang Gao
The purpose of this paper is to provide an overview of the trends and challenges relating to research into the human aspects of ransomware.
Abstract
Purpose
The purpose of this paper is to provide an overview of the trends and challenges relating to research into the human aspects of ransomware.
Design/methodology/approach
A systematic mapping study was carried out to investigate the trends in studies into the human aspects of ransomware, identify challenges encountered by researchers and propose directions for future research. For each of the identified papers from this study, the authors mapped the year of publication, the type of paper, research strategy and data generation method, types of participants included, theories incorporated and lastly, the authors mapped the challenges encountered by the researchers.
Findings
Fifty-nine papers published between 2006 and 2022 are included in the study. The findings indicate that literature on the human aspects of ransomware was scarce prior to 2016. The most-used participant groups in this area are students and cybersecurity professionals, and most studies rely on a survey strategy using the questionnaire to collect data. In addition, many papers did not use theories for their research, but from those that did, game theory was used most often. Furthermore, the most reported challenge is that being hit with ransomware is a sensitive topic, which results in individuals and organisations being reluctant to share their experiences.
Research limitations/implications
This mapping study reveals that the body of literature in the area of human aspects of ransomware has increased over the past couple of years. The findings highlight that being transparent about ransomware attacks, when possible, can help others. Moreover, senior management plays an important role in shaping the information security culture of an organisation, whether to have a culture of transparency or of secrecy.
Originality/value
This study is the first of its kind of systematic mapping studies contributing to the body of knowledge on the human aspects of ransomware.
Details
Keywords
Bennet Simon von Skarczinski, Arne Dreißigacker and Frank Teuteberg
Literature repeatedly complains about the lack of empirical data on the costs of cyber incidents within organizations. Simultaneously, managers urgently require transparent and…
Abstract
Purpose
Literature repeatedly complains about the lack of empirical data on the costs of cyber incidents within organizations. Simultaneously, managers urgently require transparent and reliable data in order to make well-informed and cost-benefit optimized decisions. The purpose of this paper is to (1) provide managers with differentiated empirical data on costs, and (2) derive an activity plan for organizations, the government and academia to improve the information base on the costs of cyber incidents.
Design/methodology/approach
The authors analyze the benchmark potential of costs within existing literature and conduct a large-scale interview survey with 5,000 German organizations. These costs are directly assignable to the most severe incident within the last 12 months, further categorized into attack types, cost items, employee classes and industry types. Based on previous literature, expert interviews and the empirical results, the authors draft an activity plan containing further research questions and action items.
Findings
The findings indicate that the majority of organizations suffer little to no costs, whereas only a small proportion suffers high costs. However, organizations are not affected equally since prevalence rates and costs according to attack types, employee classes, and other variables tend to vary. Moreover, the findings indicate that board members and IS/IT-managers show partly different response behaviors.
Originality/value
The authors present differentiated insights into the direct costs of cyber incidents, based on the authors' knowledge, this is the largest empirical survey in continental Europe and one of the first surveys providing in-depth cost information on German organizations.
Details
Keywords
Fatima M. Isiaka, Salihu Abdullahi Audu and Mustafa Ahmed Umar
The dependence on the use of information systems for nearly every activity and functions in the internet is increasingly high. This form of interconnectedness has bolstered…
Abstract
Purpose
The dependence on the use of information systems for nearly every activity and functions in the internet is increasingly high. This form of interconnectedness has bolstered national economies, enhanced how governments interact with their citizens and how ordinary people connect with friends and family. However, this dependence has equally resulted to a high rise in vulnerability, threat and risk associated with more use of information and communication technology. Cyber-attacks that have the potential to disrupt or damage information system infrastructure are getting more complex with some level of sophistication. Traditional protection of information system infrastructure is no longer sufficient; systems have proven to be immune to failure or incidents. This paper aims to ensure that there is a continuous availability of services through a fail-safe proof.
Design/methodology/approach
MYSQL replication technique was used to develop a model based on three-tier layers using the principle of network interdependency and the replication techniques. Tier 1 depicts a Telecom organization serving as service provider that provides internet service to Tier 2 organization – a Bank; Tier 3 is the financial App that can be used by bank staff and customers. The fail-safe mode integrated mechanism enables Tier 3 to continue to render its services in the event of an attack on Tier 1 such as DDoS without disruption.
Findings
This technique succeeded in mitigating the loss of data if cyber incident occurred or reception of uninterrupted services is countered, which give rise to future master-to-master architecture.
Research limitations/implications
The study conducted is limited to the design and development of a fail-safe system for interdependent networks or systems using MYSQL replication technique.
Originality/value
In an interdependent environment such as the cyberspace, the sectors are interdependent for optimal results. The originality of the work ensures that there is availability of services which is sustained and that data integrity is assured using the fail-safe technique based on MySQL replication method.
Details