The consequences of Industry 4.0 have adverse side effects on cybercrime growth, which requires creating an effective cybersecurity system for companies. Therefore, this study aims to develop a composite indicator of company cybersecurity to assess its development needs. For this purpose, the authors modified Porter's method by constructing a superposition matrix based on the growth rates of cyber threats and risks, calculating their quantitative characteristics and a composite indicator. The computations are based on indicators for 2016-2022 characterizing cybersecurity vulnerabilities and the consequences of cyber threats: the share of companies experiencing one, six or more successful cyberattacks, considering the likely and very likely success of cyberattacks on them in the next 12 months, security threat and concern indices, the share of companies with a growing security budget affected by ransomware and experiencing a shortage of skilled IT security personnel, the cost of stolen or compromised credentials. As a result, cybersecurity needs increased significantly for 2020-2022, mainly due to digital transformation and the cyber threats growth after the COVID-19 pandemic. A comparative analysis of the proposed indicator with those characterizing the development of Industry 4.0 showed that the need for a reliable cybersecurity system is much more important than the active development of modern technologies. Spending on IT is also increasing, but not enough to meet the needs of cybersecurity development, except for the 2022 results. The proposed indicator is defined for companies worldwide, but its versatility allows the methodology to be applied to enterprises of various industries and sizes.
This interview between Rubén Arcos and Spain’s National Cryptologic Centre (CCN) was conducted via email on 24 October 2022. CCN is part of Spain’s National Intelligence Centre (CNI), and through its national alert and response centre against cyberattacks and cyber threats, CCN-CERT, it contributes to the cybersecurity of Spain. The discussion focuses on Spain’s approach to cybersecurity, existing tools for information sharing/management of cyber incidents and tools supporting the production of intelligence on cyber threats. It also deals with current and emerging trends in the cyber domain and developments and activities in the fields of prevention, detection and response. Finally, the interview highlights measures in the March 2022 National Cybersecurity Plan and initiatives against potential cyber-attacks during elections.
O cyberzagrożeniach łatwo mówić, gdy doszło już do incydentu bezpieczeństwa. Wówczas dowiadujemy się, że firma musiała zapłacić okup za uzyskanie klucza do zaszyfrowanych przez złośliwe oprogramowanie danych. Biznes na chwilę obniża poziom ciśnienia krwi, a cyberprzestępca liczy wpływy. Jak wynika z rynku zachodniego i badań zajmującej się cyberbezbieczeństwem firmy Infrascale: już 78% małych i średnich przedsiębiorców działających w modelu B2B zapłaciło pierwsze okupy w wyniku cyber ataku1.
The starting point of the paper is the recognition of the growing threat of cyberattacks to commercial maritime. Constantly growing dependency on technology has obvious advantages, on the other hand, however, it makes commercial maritime vessels progressively more vulnerable to cyber-crime, including GPS signal interference, malware attacks or even gaining control over ships’ systems and networks. The main objective of the paper is to present and discuss the Guidelines on Cyber Security Onboard Ships developed by the International Maritime Organization, including best practices for implementation of cyber risk management. The article’s goal is to summarize the guidelines and to familiarize the reader with the reasons why and the methods how they should be implemented. The paper is concluded with an example how the Guidelines can be adopted by national authorities, i.e., a brief presentation of “Code of Practice: Cyber Security for Ships” – a document developed by the British government that transposes the IMO guidelines.
The article herein presents the method and algorithms for forming the feature space for the base of intellectualized system knowledge for the support system in the cyber threats and anomalies tasks. The system being elaborated might be used both autonomously by cyber threat services analysts and jointly with information protection complex systems. It is shown, that advised algorithms allow supplementing dynamically the knowledge base upon appearing the new threats, which permits to cut the time of their recognition and analysis, in particular, for cases of hard-to-explain features and reduce the false responses in threat recognizing systems, anomalies and attacks at informatization objects. It is stated herein, that collectively with the outcomes of previous authors investigations, the offered algorithms of forming the feature space for identifying cyber threats within decisions making support system are more effective. It is reached at the expense of the fact, that, comparing to existing decisions, the described decisions in the article, allow separate considering the task of threat recognition in the frame of the known classes, and if necessary supplementing feature space for the new threat types. It is demonstrated, that new threats features often initially are not identified within the frame of existing base of threat classes knowledge in the decision support system. As well the methods and advised algorithms allow fulfilling the time-efficient cyber threats classification for a definite informatization object.
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.