Search results
11 – 20 of over 2000Kashmira Ganji and Nikhat Afshan
In response to the growing interest in Internet of Things (IoT) technology and its profound implications for businesses and individuals, this bibliometric study focuses on a…
Abstract
Purpose
In response to the growing interest in Internet of Things (IoT) technology and its profound implications for businesses and individuals, this bibliometric study focuses on a critical yet understudied aspect, i.e. cybersecurity. As IoT adoption grows, so do concerns regarding user privacy and data security. This study aims to provide a comprehensive understanding of the current research in this vital area, shedding light on research trends, gaps and emerging themes.
Design/methodology/approach
The study conducted a bibliometric analysis and systematic review of literature spanning over two decades (2013–2023). Bibliometric analysis is conducted using Biblioshiny which is R-software-based advanced analytical tool. Further, VOSviewer is used to conduct network analysis. The study highlights the evolving landscape of IoT cybersecurity, emphasizing interdisciplinary intersections and the ethical dimensions of IoT technologies.
Findings
The study uncovers crucial concerns related to IoT adoption, emphasizing the urgent need for comprehensive cybersecurity protocols. It identifies emerging themes such as artificial intelligence and blockchain integration, indicating a shift toward interdisciplinary solutions. Furthermore, the research highlights ethical gaps in current IoT discussions, emphasizing the importance of responsible innovation.
Research limitations/implications
Businesses can bolster their cybersecurity strategies, policymakers can craft informed regulations and researchers are encouraged to explore IoT’s ethical dimensions.
Originality/value
This study pioneers a nuanced analysis of IoT cybersecurity, filling a crucial gap in the existing business and management literature. By synthesizing a decade of scholarly work, it provides foundational insights for researchers, businesses and policymakers. The research not only informs academic discourse but also offers practical guidance for enhancing IoT security measures and fostering ethical innovation.
Details
Keywords
Fayaz Ahmad Loan, Bashir Bisma and Nasreen Nahida
The purpose of the study is to conduct a scientometric analysis of cybersecurity literature indexed in the core collection of the Web of Science for a period of ten years…
Abstract
Purpose
The purpose of the study is to conduct a scientometric analysis of cybersecurity literature indexed in the core collection of the Web of Science for a period of ten years (2011–2020).
Design/methodology/approach
Cybersecurity is a focused topic of research across the globe. To identify the global research productivity in the field, the terms “cybersecurity, cyber-security, web security, information security, computer security, etc.” were used for retrieving the publications in the advanced search mode of the database “Web of Science”, limiting the time frame for 2011– 2020. The results retrieved were downloaded in the Excel file for further analysis and interpretation. The harvested data was analysed by using scientometric techniques to measure the progress such as growth rate, doubling time and author collaborations. Besides, the Biblioshiny and VOSviewer software were used for mapping networks.
Findings
The research output in the field of cybersecurity has shown an increasing trend during 2011–2020, and the maximum number of scholarly publications was published in 2020 (1,581), i.e. more than 715% of 2011 (221). A good number of countries (93) have contributed globally in cybersecurity research, and the highest share in research publications was reported by the USA (23.55%), followed by China (23.24%), South Korea (5.31%), UK (5.28%) and India (4.25%). The authorship patterns in cybersecurity publications show a collaborative trend, as most articles have been published by multiple authors. Total 5,532 (90.14%) articles have been published in co-authorship, whereas only 605 (9.86%) articles have been published by single authors. Keyword analysis shows that the most common keyword research by the authors is cybersecurity and its variants such as “cyber security” and “cyber-security” (1,698) followed by security (782), computer security (680) and information security (329).
Research limitations/implications
The database studied for the work does not represent the total literary output available on the theme. There are plenty of other databases, such as Scopus, Compendex, INSPEC, IEEE Xplore, arXiv, contributing to the same theme as well.
Practical implications
The findings of the study may help researchers, information technologists, library professionals and information specialists to identify the research progress, authorship patterns, collaborative networks and hot topics of research in the field of cybersecurity. Besides, it will assess the global response to the cybersecurity issue.
Originality/value
The study is the scientometric analysis of the cybersecurity based on current literature and will highlight the progress and development of global research in the said field.
Details
Keywords
Bharadwaj R.K. Mantha and Borja García de Soto
The aim of this study is o examine the advantages and disadvantages of different existing scoring systems in the cybersecurity domain and their applicability to the AEC industry…
Abstract
Purpose
The aim of this study is o examine the advantages and disadvantages of different existing scoring systems in the cybersecurity domain and their applicability to the AEC industry and to systematically apply a scoring system to determine scores for some of the most significant construction participants.
Design/methodology/approach
This study proposes a methodology that uses the Common Vulnerability Scoring System (CVSS) to calculate scores and the likelihood of occurrence based on communication frequencies to ultimately determine risk categories for different paths in a construction network. As a proof of concept, the proposed methodology is implemented in a construction network from a real project found in the literature.
Findings
Results show that the proposed methodology could provide valuable information to assist project participants to assess the overall cybersecurity vulnerability of construction and assist during the vulnerability-management processes. For example, a project owner can use this information to get a better understanding of what to do to limit its vulnerability, which will lead to the overall improvement of the security of the construction network.
Research limitations/implications
It has to be noted that the scoring systems, the scores and categories adopted in the study need not necessarily be an exact representation of all the construction participants or networks. Therefore, caution should be exercised to avoid generalizing the results of this study.
Practical implications
The proposed methodology can provide valuable information and assist project participants to assess the overall cyber-vulnerability of construction projects and support the vulnerability-management processes. For example, a project owner can use this approach to get a better understanding of what to do to limit its cyber-vulnerability exposure, which will ultimately lead to the overall improvement of the construction network's security. This study will also help raise more awareness about the cybersecurity implications of the digitalization and automation of the AEC industry among practitioners and construction researchers.
Social implications
Given the amount of digitized services and tools used in the AEC industry, cybersecurity is increasingly becoming critical for society in general. In some cases, (e.g. critical infrastructure) incidents could have significant economic and societal or public safety implications. Therefore, proper consideration and action from the AEC research community and industry are needed.
Originality/value
To the authors' knowledge, this is the first attempt to measure and assess the cybersecurity of individual participants and the construction network as a whole by using the Common Vulnerability Scoring System.
Details
Keywords
The transformation of the United Arab Emirates (UAE) into an important global economic player has been accompanied by digitalization that has also left it at a risk to cybercrime…
Abstract
Purpose
The transformation of the United Arab Emirates (UAE) into an important global economic player has been accompanied by digitalization that has also left it at a risk to cybercrime. Concurrent with the rise in technology use, the UAE fast became one of the most targeted countries in the world. The purpose of this paper is to discuss how the UAE has tried to cope with accelerating levels of cyber threat using legislative and regulatory efforts as well as public- and private-sector initiatives meant to raise cybersecurity awareness.
Design/methodology/approach
The paper surveys the UAE’s cybersecurity legislative, regulatory and educational initiatives from 2003 to 2019.
Findings
Because the human factor still remains the number one reason for security breaches, robust cyber laws alone are not enough to protect against cyber threats. Building public awareness and educating internet users about cyber risks and safety have become essential components of the UAE's efforts in building a more secure cyber environment for the country.
Research limitations/implications
The paper relies on English-language translations of primary sources (laws) originally in Arabic, as well as English-language studies from local media. This should not be considered a problem, as English is established as the language of business and commerce in the UAE.
Practical implications
The paper provides a detailed overview of the country’s cybersecurity environment to guide and aide practitioners with risk assessment and legal and regulatory compliance.
Originality/value
The paper presents a comprehensive overview of the UAE’s cybersecurity legislative, regulatory and educational environment. It also surveys government and private sector initiatives directed in protecting the country’s cyberspace.
Details
Keywords
Godwin Thomas and Mary-Jane Sule
This paper proposes a holistic, proactive and adaptive approach to cybersecurity from a service lens, given the continuously evolving cyber-attack techniques, threat and…
Abstract
Purpose
This paper proposes a holistic, proactive and adaptive approach to cybersecurity from a service lens, given the continuously evolving cyber-attack techniques, threat and vulnerability landscape that often overshadow existing cybersecurity approaches.
Design/methodology/approach
Through an extensive literature review of relevant concepts and analysis of existing cybersecurity frameworks, standards and best practices, a logical argument is made to produce a dynamic end-to-end cybersecurity service system model.
Findings
Cyberspace has provided great value for businesses and individuals. The COVID-19 pandemic has significantly motivated the move to cyberspace by organizations. However, the extension to cyberspace comes with additional risks as traditional protection techniques are insufficient and isolated, generally focused on an organization's perimeter with little attention to what is out there. More so, cyberattacks continue to grow in complexity creating overwhelming consequences. Existing cybersecurity approaches and best practices are limited in scope, and implementation strategies, differing in strength and focus, at different levels of granularity. Nevertheless, the need for a proactive, adaptive and responsive cybersecurity solution is recognized.
Originality/value
This paper presents a model that promises proactive, adaptive and responsive end-to-end cybersecurity. The proposed cybersecurity continuity and management model premised on a service system, leveraging on lessons learned from existing solutions, takes a holistic analytical view of service activities from source (service provider) to destination (Customer) to ensure end-to-end security, whether internally (within an organization) or externally.
Details
Keywords
The issue of cybersecurity has been cast as the focal point of a fight between two conflicting governance models: the nation-state model of national security and the global…
Abstract
Purpose
The issue of cybersecurity has been cast as the focal point of a fight between two conflicting governance models: the nation-state model of national security and the global governance model of multi-stakeholder collaboration, as seen in forums like IGF, IETF, ICANN, etc. There is a strange disconnect, however, between this supposed fight and the actual control over cybersecurity “on the ground”. This paper aims to reconnect discourse and control via a property rights approach, where control is located first and foremost in ownership.
Design/methodology/approach
This paper first conceptualizes current governance mechanisms through ownership and property rights. These concepts locate control over internet resources. They also help us understand ongoing shifts in control. Such shifts in governance are actually happening, security governance is being patched left and right, but these arrangements bear little resemblance to either the national security model of states or the global model of multi-stakeholder collaboration. With the conceptualization in hand, the paper then presents case studies of governance that have emerged around specific security externalities.
Findings
While not all mechanisms are equally effective, in each of the studied areas, the author found evidence of private actors partially internalizing the externalities, mostly on a voluntary basis and through network governance mechanisms. No one thinks that this is enough, but it is a starting point. Future research is needed to identify how these mechanisms can be extended or supplemented to further improve the governance of cybersecurity.
Originality/value
This paper bridges together the disconnected research communities on governance and (technical) cybersecurity.
Details
Keywords
Hafiz Syed Mohsin Abbas, Zahid Hussain Qaisar, Xiaodong Xu and Chunxia Sun
E-government development (EGD) is vital in enhancing the institutional quality and sustainable public service (SPS) delivery by eradicating corruption and cybersecurity crimes.
Abstract
Purpose
E-government development (EGD) is vital in enhancing the institutional quality and sustainable public service (SPS) delivery by eradicating corruption and cybersecurity crimes.
Design/methodology/approach
The present study applied econometric fixed-effect (FE) regression analysis and random forest (RF) algorithm through machine learning for comprehensive estimations in achieving SPS. This study gauges the nexus between the EGD as an independent variable and public service sustainability (PSS) as a proxy of public health services as a dependent variable in the presence of two moderators, corruption and cybersecurity indices from 47 Asian countries economies from 2015 to 2019.
Findings
The computational estimation and econometric findings show that EGD quality has improved with time in Asia and substantially promoted PSS. It further explores that exercising corruption control measures and introducing sound cybersecurity initiatives enhance PSS's quality and support the EDG effect much better.
Practical implications
The study concludes that E-Government has positively impacted PSS (healthcare) in Asia while controlling cybersecurity and institutional malfunctioning made an E-Government system healthier and SPS development in Asia.
Originality/value
This study added a novel contribution to existing E-Government and public services literature by comprehensively applied FE regression and RF algorithm analysis. Moreover, E-Government and cybersecurity improvement also has taken under consideration for PSS in Asian economies.
Details
Keywords
Rajni Goel, Anupam Kumar and James Haddow
This study aims to develop a framework for cybersecurity risk assessment in an organization. Existing cybersecurity frameworks are complex and implementation oriented. The…
Abstract
Purpose
This study aims to develop a framework for cybersecurity risk assessment in an organization. Existing cybersecurity frameworks are complex and implementation oriented. The framework can be systematically used to assess the strategic orientation of a firm with respect to its cybersecurity posture. The goal is to assist top-management-team with tailoring their decision-making about security investments while managing cyber risk at their organization.
Design/methodology/approach
A thematic analysis of existing publications using content analysis techniques generates the initial set of keywords of significance. Additional factor analysis using the keywords provides us with a framework comprising of five pillars comprising prioritize, resource, implement, standardize and monitor (PRISM) for assessing a firm’s strategic cybersecurity orientation.
Findings
The primary contribution is the development of a novel PRISM framework, which enables cyber decision-makers to identify and operationalize a tailored approach to address risk management and cybersecurity problems. PRISM framework evaluation will help organizations identify and implement the most tailored risk management and cybersecurity approach applicable to their problem(s).
Originality/value
The new norm is for companies to realize that data stratification in cyberspace extends throughout their organizations, intertwining their need for cybersecurity within business operations. This paper fulfills an identified need improve the ability of company leaders, as CIOs and others, to address the growing problem of how organizations can better handle cyber threats by using an approach that is a methodology for cross-organization cybersecurity risk management.
Details
Keywords
Elina Haapamäki and Jukka Sihvonen
This paper aims to update the cybersecurity-related accounting literature by synthesizing 39 recent theoretical and empirical studies on the topic. Furthermore, the paper provides…
Abstract
Purpose
This paper aims to update the cybersecurity-related accounting literature by synthesizing 39 recent theoretical and empirical studies on the topic. Furthermore, the paper provides a set of categories into which the studies fit.
Design/methodology/approach
This is a synthesis paper that summarizes the research literature on cybersecurity, introducing knowledge from the extant research and revealing areas requiring further examination.
Findings
This synthesis identifies a research framework that consists of the following research themes: cybersecurity and information sharing, cybersecurity investments, internal auditing and controls related to cybersecurity, disclosure of cybersecurity activities and security threats and security breaches.
Practical implications
Academics, practitioners and the public would benefit from a research framework that categorizes the research topics related to cybersecurity in the accounting field. This type of analysis is vital to enhance the understanding of the academic research on cybersecurity and can be used to support the identification of new lines for future research.
Originality/value
This is the first literature analysis of cybersecurity in the accounting field, and it has significant implications for research and practice by detailing, for example, the benefits of and obstacles to information sharing. This synthesis also highlights the importance of the model for cybersecurity investments. Further, the review emphasizes the role of internal auditing and controls to improve cybersecurity.
Details
Keywords
Stylianos Karagiannis and Emmanouil Magkos
This paper aims to highlight the potential of using capture the flag (CTF) challenges, as part of an engaging cybersecurity learning experience for enhancing skills and knowledge…
Abstract
Purpose
This paper aims to highlight the potential of using capture the flag (CTF) challenges, as part of an engaging cybersecurity learning experience for enhancing skills and knowledge acquirement of undergraduate students in academic programs.
Design/methodology/approach
The approach involves integrating interactivity, gamification, self-directed and collaborative learning attributes using a CTF hosting platform for cybersecurity education. The proposed methodology includes the deployment of a pre-engagement survey for selecting the appropriate CTF challenges in accordance with the skills and preferences of the participants. During the learning phase, storytelling elements were presented, while a behavior rubric was constructed to observe the participants’ behavior and responses during a five-week lab. Finally, a survey was created for getting feedback from the students and for extracting quantitative results based on the attention, relevance, confidence and satisfaction (ARCS) model of motivational design.
Findings
Students felt more confident about their skills and were highly engaged to the learning process. The outcomes in terms of technical skills and knowledge acquisition were shown to be positive.
Research limitations/implications
As the number of participants was small, the results and information retrieved from applying the ARCS model only have an indicative value; however, specific challenges to overcome are highlighted which are important for the future deployments.
Practical implications
Educators could use the proposed approach for deploying an engaging cybersecurity learning experience in an academic program, emphasizing on providing hands-on practice labs and featuring topics from real-world cybersecurity cases. Using the proposed approach, an educator could also monitor the progress of the participants and get qualitative and quantitative statistics regarding the learning impact for each exercise.
Social implications
Educators could demonstrate modern cybersecurity topics in the classroom, closing further the gap between theory and practice. As a result, students from academia will benefit from the proposed approach by acquiring technical skills, knowledge and experience through hands-on practice in real-world cases.
Originality/value
This paper intends to bridge the existing gap between theory and practice in the topics of cybersecurity by using CTF challenges for learning purposes and not only for testing the participants’ skills. This paper offers important knowledge for enhancing cybersecurity education programs and for educators to use CTF challenges for conducting cybersecurity exercises in academia, extracting meaningful statistics regarding the learning impact.
Details