Search results
1 – 10 of 112Hedaia-t-Allah Nabil Abd Al Ghaffar
The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.
Abstract
Purpose
The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.
Design/methodology/approach
The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.
Findings
The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.
Practical implications
Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.
Originality/value
The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.
Details
Keywords
Herbert Mattord, Kathleen Kotwica, Michael Whitman and Evan Battaglia
The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.
Abstract
Purpose
The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.
Design/methodology/approach
This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence?
Findings
In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel.
Research limitations/implications
This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn.
Practical implications
Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations.
Social implications
Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats.
Originality/value
Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.
Details
Keywords
Miguel Calvo and Marta Beltrán
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it…
Abstract
Purpose
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.
Design/methodology/approach
The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.
Findings
The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.
Originality/value
The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.
Details
Keywords
Elena Stefana, Paola Cocca, Federico Fantori, Filippo Marciano and Alessandro Marini
This paper aims to overcome the inability of both comparing loss costs and accounting for production resource losses of Overall Equipment Effectiveness (OEE)-related approaches.
Abstract
Purpose
This paper aims to overcome the inability of both comparing loss costs and accounting for production resource losses of Overall Equipment Effectiveness (OEE)-related approaches.
Design/methodology/approach
The authors conducted a literature review about the studies focusing on approaches combining OEE with monetary units and/or resource issues. The authors developed an approach based on Overall Equipment Cost Loss (OECL), introducing a component for the production resource consumption of a machine. A real case study about a smart multicenter three-spindle machine is used to test the applicability of the approach.
Findings
The paper proposes Resource Overall Equipment Cost Loss (ROECL), i.e. a new KPI expressed in monetary units that represents the total cost of losses (including production resource ones) caused by inefficiencies and deviations of the machine or equipment from its optimal operating status occurring over a specific time period. ROECL enables to quantify the variation of the product cost occurring when a machine or equipment changes its health status and to determine the actual product cost for a given production order. In the analysed case study, the most critical production orders showed an actual production cost about 60% higher than the minimal cost possible under the most efficient operating conditions.
Originality/value
The proposed approach may support both production and cost accounting managers during the identification of areas requiring attention and representing opportunities for improvement in terms of availability, performance, quality, and resource losses.
Details
Keywords
Prajakta Chandrakant Kandarkar and V. Ravi
Industry 4.0 has put forward a smart perspective on managing supply chain networks and their operations. The current manufacturing system is primarily data-driven. Industries are…
Abstract
Purpose
Industry 4.0 has put forward a smart perspective on managing supply chain networks and their operations. The current manufacturing system is primarily data-driven. Industries are deploying new emerging technologies in their operations to build a competitive edge in the business environment; however, the true potential of smart manufacturing has not yet been fully unveiled. This research aims to extensively analyse emerging technologies and their interconnection with smart manufacturing in developing smarter supply chains.
Design/methodology/approach
This research endeavours to establish a conceptual framework for a smart supply chain. A real case study on a smart factory is conducted to demonstrate the validity of this framework for building smarter supply chains. A comparative analysis is carried out between conventional and smart supply chains to ascertain the advantages of smart supply chains. In addition, a thorough investigation of the several factors needed to transition from smart to smarter supply chains is undertaken.
Findings
The integration of smart technology exemplifies the ability to improve the efficiency of supply chain operations. Research findings indicate that transitioning to a smart factory radically enhances productivity, quality assurance, data privacy and labour efficiency. The outcomes of this research will help academic and industrial sectors critically comprehend technological breakthroughs and their applications in smart supply chains.
Originality/value
This study highlights the implications of incorporating smart technologies into supply chain operations, specifically in smart purchasing, smart factory operations, smart warehousing and smart customer performance. A paradigm transition from conventional, smart to smarter supply chains offers a comprehensive perspective on the evolving dynamics in automation, optimisation and manufacturing technology domains, ultimately leading to the emergence of Industry 5.0.
Details
Keywords
Matthew Ikuabe, Clinton Ohis Aigbavboa, Chimay Anumba and Ayodeji Emmanuel Oke
The quest for improved facilities management (FM) delivery is receiving immense focus through the incorporation of innovative technologies such as cyber-physical systems (CPS)…
Abstract
Purpose
The quest for improved facilities management (FM) delivery is receiving immense focus through the incorporation of innovative technologies such as cyber-physical systems (CPS). The system’s high computational capabilities can aid in the abatement of some of the challenges plaguing FM functions. However, the requisite ingredients for the uptake of the system for FM have still not gained scholarly attention. Because performance measurement is a vital index in determining the outcome of FM methods, this study aims to investigate the influence of performance measurement indicators that are influential to the uptake of CPS for delivering FM functions.
Design/methodology/approach
A qualitative technique was adopted using the Delphi technique. The panel of experts for the study was selected through a well-defined process based on stipulated criteria. The experts gave their opinions in two rounds before consensus was attained on the identified performance measurement indicators, whereas methods of data analysis were measures of central tendency, inter-quartile deviation and Mann–Whitney U test.
Findings
Results from this study showed that 11 of the performance indicators were of very high significance in the determination of the uptake of CPS for FM functions, whereas 5 of the indicators were proven to be of high significance. Furthermore, there was no statistical difference in the opinions of the experts based on their affiliation with academic institutions and professional practice.
Practical implications
The findings of this study contribute practically by aiding policymakers, facility managers and relevant stakeholders with the vital knowledge of delivery mandates for efficient FM services that can spur the uptake of digital technologies such as CPS.
Originality/value
This study contributes to the body of knowledge as it unveils a roadmap of the expected performance output and its accompanying evaluation that would drive the adoption of a promising technology such as CPS in the delivery of FM tasks.
Details
Keywords
Amir Schreiber and Ilan Schreiber
In the modern digital realm, while artificial intelligence (AI) technologies pave the way for unprecedented opportunities, they also give rise to intricate cybersecurity issues…
Abstract
Purpose
In the modern digital realm, while artificial intelligence (AI) technologies pave the way for unprecedented opportunities, they also give rise to intricate cybersecurity issues, including threats like deepfakes and unanticipated AI-induced risks. This study aims to address the insufficient exploration of AI cybersecurity awareness in the current literature.
Design/methodology/approach
Using in-depth surveys across varied sectors (N = 150), the authors analyzed the correlation between the absence of AI risk content in organizational cybersecurity awareness programs and its impact on employee awareness.
Findings
A significant AI-risk knowledge void was observed among users: despite frequent interaction with AI tools, a majority remain unaware of specialized AI threats. A pronounced knowledge difference existed between those that are trained in AI risks and those who are not, more apparent among non-technical personnel and sectors managing sensitive information.
Research limitations/implications
This study paves the way for thorough research, allowing for refinement of awareness initiatives tailored to distinct industries.
Practical implications
It is imperative for organizations to emphasize AI risk training, especially among non-technical staff. Industries handling sensitive data should be at the forefront.
Social implications
Ensuring employees are aware of AI-related threats can lead to a safer digital environment for both organizations and society at large, given the pervasive nature of AI in everyday life.
Originality/value
Unlike most of the papers about AI risks, the authors do not trust subjective data from second hand papers, but use objective authentic data from the authors’ own up-to-date anonymous survey.
Details