Current Issue : January-March Volume : 2025 Issue Number : 1 Articles : 5 Articles
The implementation of cybersecurity standards and directives in the maritime sector plays a crucial role in protecting critical maritime infrastructures from cyber threats. The level of protection depends heavily on humans. However, the effectiveness of cybersecurity training and compliance programmes, an essential component of these standards, is often hindered by challenges related to the sector’s environment, including the established technologies, practices, and norms. This paper aims to identify these challenges through a literature review and set the basis for more effective human risk minimization, responses, and training. We identify 17 challenges and validate them with an online survey (N = 205) capturing real-world perspectives from maritime-related stakeholders. Our findings contribute to enhancing the effectiveness of maritime cybersecurity training and compliance programmes, ultimately strengthening the maritime cybersecurity posture....
In addressing the challenges of cyber threats in the South African construction sector, the study employed a quantitative methodology involving a questionnaire retrieved from 86 of the study’s respondents. It employed tools like mean item score (MIS), standard deviation (SD), and the pattern matrix of exploratory factor analysis (EFA). The findings revealed critical cybersecurity measures, including adherence to international information security standards such as the General Data Protection Regulation (GDPR), ISO 27001, or the Cybersecurity Framework by NIST, two-factor authentication, and strategic planning. The implications of these findings underscore the importance of robust cybersecurity frameworks and heightened awareness. This research contributes insights for enhancing cyber resilience in the construction industry, urging stakeholders to prioritize protective measures against cyber risks....
The rapid adoption of enterprise resource planning (ERP), the necessity for remote access to information systems, and the swift development of digital technologies like IoT and cloud computing have increased cyberattacks on organizations, including universities. Despite not being as heavily targeted as major industries, universities have become more vulnerable due to open ERP systems, insufficient cybersecurity investment, and limited cyber expertise. This study aimed to enhance cybersecurity in Kenyan universities by identifying cybersecurity threats, assessing existing controls, and proposing a cybersecurity framework aligned with the ISO/IEC 27001:2022 standard. A descriptive survey method was used to gather quantitative data, employing Design Science Research Methodology (DSRM) for Information Systems research. The target population comprised 60 chartered Kenyan universities, divided into public and private categories. Purposive sampling selected respondents from each sampled university, while simple random sampling chose universities from each cluster. Out of 48 questionnaires distributed via Google Forms, 45 were returned, yielding a 93.75% response rate. Statistical tools such as frequency, percentages, mean, and standard deviation were used for data analysis, with results presented in tables and figures. Findings revealed that most universities had experienced cyberattacks and faced significant cybersecurity threats. Furthermore, many universities lacked adequate cybersecurity policies and controls, including organizational, human, physical, and technological measures. The proposed cybersecurity framework was evaluated and deemed suitable for mitigating cybersecurity risks in Kenyan universities. The study recommended conducting comparative studies between Kenyan universities and institutions in other countries to identify and adapt best practices to the Kenyan context....
In the relentless quest for digital sovereignty, organizations face an unprecedented challenge in safeguarding sensitive information, protecting against cyber threats, and maintaining regulatory compliance. This manuscript unveils a revolutionary blueprint for cyber resilience, empowering organizations to transcend the limitations of traditional cybersecurity paradigms and forge ahead into uncharted territories of data security excellence and frictionless secrets management experience. Enter a new era of cybersecurity innovation and continued excellence. By seamlessly integrating secrets based on logical environments and applications (assets), dynamic secrets management orchestrates and automates the secrets lifecycle management with other platform cohesive integrations. Enterprises can enhance security, streamline operations, fasten development practices, avoid secrets sprawl, and improve overall compliance and DevSecOps practice. This enables the enterprises to enhance security, streamline operations, fasten development & deployment practices, avoid secrets spawls, and improve overall volume in shipping software with paved-road DevSecOps Practices, and improve developers’ productivity. By seamlessly integrating secrets based on logical environments and applications (assets), dynamic secrets management orchestrates and automates the application secrets lifecycle with other platform cohesive integrations. Organizations can enhance security, streamline operations, fasten development & deployment practices, avoid secrets sprawl, and improve overall volume in shipping software with paved-road DevSecOps practices. Most importantly, increases developer productivity....
The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications....
Loading....