Search results

The purpose of this study is to understand why individuals choose to avoid using e-services due to security concerns and perceived risk when these factors are affected by the perceived degree of government cybersecurity preparedness against cyberattacks.

The authors adopt the information systems success model to predict the role of government security preparedness efforts in influencing the determinants of e-services avoidance. The conceptual model includes four variables: security concerns, perceived risk of cyberattacks, perceived government cybersecurity preparedness and e-services avoidance. Data from 774 participants were used to analyze our conceptual model.

First, the findings show that security concerns regarding personal information safety and perceived risk of cyberattacks are barriers to e-services use, with the former having a stronger effect. Second, the findings showed that perceived government cybersecurity preparedness significantly reduces security concerns and perceived risk of cyberattacks. Third, the post hoc group analysis between individuals with a bachelor’s degree or higher versus those without a bachelor’s degree showed that the effect of both security concerns and perceived risk of cyberattacks on e-services avoidance was greater for individuals without a bachelor’s degree. The same relationship between perceived risk of cyberattacks and e-services avoidance was not supported for individuals with a bachelor’s degree or higher.

Extant privacy research fails to adequately examine the role of institutional factors, such as government efforts, and how these mitigate or amplify cybersecurity concerns and risks related to e-services. This research takes the first step toward addressing this limitation by examining the influence of government cybersecurity preparedness efforts on the determinants of e-services avoidance.

To provide financial institutions an overview of the developments in cybersecurity regulation of financial institutions during 2015 by the United States, the United Kingdom, and the European Union, as well as guidance for developing effective cyber-risk management programs in light of evolving cyber-threats and cyber-regulatory expectations.

Reviews US, UK and EU regulatory developments in the cybersecurity area and provides several best practice tips financial institutions should consider and implement to improve their cybersecurity compliance programs.

While cyber-threats and financial regulators’ expectations for cyber-security are constantly evolving, recent guidance and enforcement efforts by the US, UK and EU illustrate the need for financial institutions to develop effective cybersecurity programs that address current regulatory compliance requirements and prepare for emergency cyber responses.

Financial institutions should utilize the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool to assess their cyber-risk profile and cyber-preparedness.

Practical guidance from experienced financial regulatory and privacy lawyers that provides a survey of the current regulatory environment and recommendations for cyber-security compliance.

The purpose of this paper is to explore the extent to which cybercrime laws protect citizens and businesses in the United Arab Emirates (UAE). Pertinent questions over the lax regulatory environment and incomprehensible cybersecurity policies have influenced the discussions.

This paper will first offer a global outlook of cybersecurity laws and legislation. The global outlook will present the basis for examining best practices that the UAE could emulate. The paper will then examine the legislative landscape of cyber laws in the UAE, including cross-country comparisons. The comparisons are critical, as the country’s cybercrime laws are in their infancy phase.

The UAE has taken decisive and proactive measures to deter the threat of cybercrimes and cyberattacks. The UAE strategy comprehensive strategy has been effective in protecting the economy and populations from the adverse effects of cybercrimes. The success lies in the enactment of comprehensive and streamlines laws and regulations with harsher penalties. The stringent legal measures, including longer jail terms, stiffer fines and deportation of foreigners, have ensured robust deterrence to cybercriminals.

The analysis has shown that the UAE has a higher score of preparedness against cybercrimes and cyberattacks. The UAE has specifically crafted a broader and effective legislative framework of cybercrime laws. Although the UAE has comprehensive cybercrime laws, the remarkable level of technological advances in the country makes citizens and businesses lucrative targets. The UAE now has the burden of doubling down its legal efforts to deter emerging cybersecurity risks.

Cyber threats present constantly evolving and unique challenges to national security professionals at all levels of government. Public and private sector entities also face a constant stream of cyberattacks through varied methods by actors with myriad motivations. These threats are not expected to diminish in the near future. As a result, homeland security and national security professionals at all levels of government must understand the unique motivations and capabilities of malicious cyber actors in order to better protect against and respond to cyberattacks. This chapter outlines the most common cyberattacks; explains the motivations behind these attacks; and describes the federal, state, and local efforts to address these threats.

To examine the COVID-19 pandemic’s effects on regulated entities within the context of cybersecurity, US Securities and Exchange Commission (SEC) compliance, and parallel proceedings.

Describes the SEC’s ability to conduct its operations within the telework environment, its commitment and ability to monitor the securities market, its enhanced monitoring of the adverse effects of SEC-regulated companies from COVID-19, its guidance to public companies of disclosure obligations related to cybersecurity risks and incidents, the SEC Office of Compliance and Examinations’s (OCIE’s) focus on broker-dealers’ and investment advisories’ cybersecurity preparedness, the role and activities of the SEC Division of Enforcement’s Cyber Unit, and parallel proceedings on cyberbreaches and incidents by different agencies, branches of government or private litigants.

SEC-regulated entities face many challenges in trying to maintain their ongoing business operations and infrastructure due to severe financial pressures, the threat of infection to employees and customers, and cybersecurity risks posed by remote operations from hackers and fraudsters. The SEC has reemphasized that its long-standing focus on cybersecurity and resiliency within the securities industry will continue, including ongoing vigilance over companies’ efforts to identify, assess, and address the inherent, heightened cybersecurity risks of teleworking and the resource reallocation that business need to sustain their operations until a safe and effective vaccine is developed for COVID-19.

Expert analysis and guidance from experienced lawyers with expertise in securities, litigation, government enforcement, information technology, data protection, privacy and cybersecurity.

This study aims to develop a framework for cybersecurity risk assessment in an organization. Existing cybersecurity frameworks are complex and implementation oriented. The framework can be systematically used to assess the strategic orientation of a firm with respect to its cybersecurity posture. The goal is to assist top-management-team with tailoring their decision-making about security investments while managing cyber risk at their organization.

A thematic analysis of existing publications using content analysis techniques generates the initial set of keywords of significance. Additional factor analysis using the keywords provides us with a framework comprising of five pillars comprising prioritize, resource, implement, standardize and monitor (PRISM) for assessing a firm’s strategic cybersecurity orientation.

The primary contribution is the development of a novel PRISM framework, which enables cyber decision-makers to identify and operationalize a tailored approach to address risk management and cybersecurity problems. PRISM framework evaluation will help organizations identify and implement the most tailored risk management and cybersecurity approach applicable to their problem(s).

The new norm is for companies to realize that data stratification in cyberspace extends throughout their organizations, intertwining their need for cybersecurity within business operations. This paper fulfills an identified need improve the ability of company leaders, as CIOs and others, to address the growing problem of how organizations can better handle cyber threats by using an approach that is a methodology for cross-organization cybersecurity risk management.

To alert broker-dealers to several regulatory developments relating to cybersecurity threats.

Reviews four regulatory developments in the cybersecurity area and provides several steps broker-dealers should undertake to review and improve their cybersecurity and information technology protocols and practices.

While FINRA’s new cybersecurity sweep appears to be an exploratory and learning exercise to obtain regulatory knowledge and intelligence, firms should be cognizant of the fact that both FINRA and the SEC have imposed significant sanctions against Firms when it has found inadequate cyber security policies and procedures.

Broker-dealers should review the White House’s recent Framework for Improving Critical Infrastructure Cybersecurity and evaluate their own cybersecurity preparedness under the key areas of the Framework.

Practical guidance from experienced privacy and securities regulatory lawyers that consolidates several recent developments in one piece.

This paper aims to investigate the relationship of female participation in labor force with the cybersecurity maturity of nations and the enabling role of e-government development in moderating the same.

The authors have conducted fixed-effects regression using archival data for 149 countries taken from secondary sources. Furthermore, the authors have grouped the sample countries into four levels of cybersecurity maturity (unprepared, reactive, anticipatory and innovative) using clustering techniques, and studied the influence of their interest variables for individual groups.

Results show that female participation in labor force positively influences national cybersecurity maturity, and e-government development positively moderates the said relationship, thereby enabling the empowerment of women.

Encouraging broader participation of women in the labor force and prioritizing investments in e-government development are essential steps that organizations and governments may take to enhance a country’s cybersecurity maturity level.

This study empirically demonstrates the impact of the nuanced interplay between female participation in labor force and the e-government development of a nation on its cybersecurity maturity.