Search results
1 – 10 of 232Ahmed Ali Otoom, Issa Atoum, Heba Al-Harahsheh, Mahmoud Aljawarneh, Mohammed N. Al Refai and Mahmoud Baklizi
The purpose of this paper is to present the educational computer emergency response team (EduCERT) framework, an integrated response mechanism to bolster national cybersecurity…
Abstract
Purpose
The purpose of this paper is to present the educational computer emergency response team (EduCERT) framework, an integrated response mechanism to bolster national cybersecurity through collaborative efforts in the higher education sector. The EduCERT framework addresses this gap by enhancing cyber security and mitigating cybercrime through collaborative incident management, knowledge sharing and university awareness campaigns.
Design/methodology/approach
The authors propose an EduCERT framework following the design science methodology. The framework is developed based on literature and input from focus group experts. Moreover, it is grounded in the principles of the technology-organization-environment framework, organizational learning and diffusion of innovations theory.
Findings
The EduCERT has eight components: infrastructure, governance, knowledge development, awareness, incident management, evaluation and continuous improvement. The framework reinforces national cybersecurity through cooperation between universities and the National Computer Emergency Response Team. The framework has been implemented in Jordan to generate a cybersecurity foundation for higher education. Evaluating the EduCERT framework’s influence on national cybersecurity highlights the importance of adopting comprehensive cyber-security policies and controls. The framework application shows its relevance, effectiveness, adaptability and alignment with best practices.
Research limitations/implications
Despite the impact of applying the framework in the Jordanian context, it is essential to acknowledge that the proposed EduCERT framework’s practical implementation may encounter challenges specific to diverse international educational environment sectors. However, framework customization for global applicability could address varied educational institutions in other countries.
Practical implications
Furthermore, the proposed EduCERT framework is designed with universal applicability that extends beyond the specific country’s context. The principles and components presented in the framework can serve as valuable design advice for establishing collaborative and resilient cybersecurity frameworks in educational settings worldwide. Therefore, the research enhances the proposed framework’s practical utility and positions it as an invaluable contribution to the broader discourse on global cybersecurity in academia.
Originality/value
This paper enhances national cybersecurity in the higher education sector, addressing the need for a more integrated response mechanism. The EduCERT framework demonstrates its effectiveness, adaptability and alignment with best practices, offering valuable guidance for global educational institutions.
Details
Keywords
Michael Herburger, Andreas Wieland and Carina Hochstrasser
Disruptive events caused by cyber incidents, such as supply chain (SC) cyber incidents, can affect firms’ SC operations on a large scale, causing disruptions in material…
Abstract
Purpose
Disruptive events caused by cyber incidents, such as supply chain (SC) cyber incidents, can affect firms’ SC operations on a large scale, causing disruptions in material, information and financial flows and impacting the availability, integrity and confidentiality of SC assets. While SC resilience (SCRES) research has received much attention in recent years, the purpose of this study is to investigate specific capabilities for building SCRES to cyber risks. Based on a nuanced understanding of SC cyber risk characteristics, this study explores how to build SC cyber resilience (SCCR) using the perspective of dynamic capability (DC) theory.
Design/methodology/approach
Based on 79 in-depth interviews, this qualitative study examines 28 firms representing 4 SCs in Central Europe. The researchers interpret data from semistructured interviews and secondary data using the DC perspective, which covers sensing, seizing and transforming.
Findings
The authors identify SCRES capabilities, in general, and SCCR-specific capabilities that form the basis for the realignment of DCs for addressing cyber risks in SCs. The authors argue that SCRES capabilities should, in general, be combined with specific capabilities for SCCR to deal with SC cyber risks. Based on these findings, 10 propositions for future research are provided.
Practical implications
Practitioners should collaborate specifically to address cyber threats and risks in SCs, integrate new SC partners and use new approaches. Furthermore, this study shows that cyber risks need to be treated differently from traditional SC risks.
Originality/value
This empirical study enriches the SC management literature by examining SCRES to cyber risks through the insightful lens of DCs. It identifies DCs for building SCCR, makes several managerial contributions and is among the few that apply the DC approach to address specific SC risks.
Details
Keywords
Neha Chhabra Roy and Sreeleakha P.
This study addresses the ever-increasing cyber risks confronting the global banking sector, particularly in India, amid rapid technological advancements. The purpose of this study…
Abstract
Purpose
This study addresses the ever-increasing cyber risks confronting the global banking sector, particularly in India, amid rapid technological advancements. The purpose of this study is to de velop an innovative cyber fraud (CF) response system that effectively controls cyber threats, prioritizes fraud, detects early warning signs (EWS) and suggests mitigation measures.
Design/methodology/approach
The methodology involves a detailed literature review on fraud identification, assessment methods, prevention techniques and a theoretical model for fraud prevention. Machine learning-based data analysis, using self-organizing maps, is used to assess the severity of CF dynamically and in real-time.
Findings
Findings reveal the multifaceted nature of CF, emphasizing the need for tailored control measures and a shift from reactive to proactive mitigation. The study introduces a paradigm shift by viewing each CF as a unique “fraud event,” incorporating EWS as a proactive intervention. This innovative approach distinguishes the study, allowing for the efficient prioritization of CFs.
Practical implications
The practical implications of such a study lie in its potential to enhance the banking sector’s resilience to cyber threats, safeguarding stability, reputation and overall risk management.
Originality/value
The originality stems from proposing a comprehensive framework that combines machine learning, EWS and a proactive mitigation model, addressing critical gaps in existing cyber security systems.
Details
Keywords
Vikas Kumar, Rahul Sindhwani, Abhishek Behl, Amanpreet Kaur and Vijay Pereira
Small and medium enterprises (SMEs) significantly contribute to economic growth, development, exports and employment of the nations. To maintain competitiveness in today's market…
Abstract
Purpose
Small and medium enterprises (SMEs) significantly contribute to economic growth, development, exports and employment of the nations. To maintain competitiveness in today's market, SMEs must explore and identify enablers to enhance their digital transformation process. This paper aims to shed light on some essential enablers SMEs can use to implement digital resilience successfully.
Design/methodology/approach
The quantitative assessment and validation of the enablers have been done using powerful and novel techniques, namely, the Delphi method, “fuzzy interpretive structural modelling” (F-ISM) method and “cross-impact matrix multiplication applied to classification (MICMAC)” analysis. The F-ISM model is developed using the information drawn from digital transformation experts and practitioners involved in the digital transformation process for SMEs. Furthermore, the F-ISM model provides four paths to complete the pathway to digital resilience.
Findings
The F-ISM and MICMAC analysis revealed four ways to enhance the digital transformation process in SMEs. These enterprises can utilise these path assessments to become digitally resilient in the present dynamic scenario. To enhance digital resilience among SMEs, the study identified ten enablers. Among these, “management competencies” was the most crucial, followed by “knowledge management” and “monitoring and controlling”.
Research limitations/implications
The present study is limited in that the data used to develop the models were collected from a small group of industry experts whose opinions may not exhibit the comprehensive views of the population.
Practical implications
The findings can help SMEs enhance the digital transformation process by taking up different pathways to integrate the various enablers of digital resilience depending on resource availability.
Originality/value
The results indicate the most critical and influential enablers for enhancing digital resilience among SMEs. This research can be valuable to academicians, industry practitioners and researchers for guiding their future work.
Details