Current Issue : January-March Volume : 2024 Issue Number : 1 Articles : 5 Articles
To ensure operational continuity, reduce risks to businesses, and optimize investment returns and business opportunities, information security is an essential element in ensuring the protection of information from different threats. Information protection may be facilitated by the implementation of international standard frameworks, given that a set of standards or provisions is needed to achieve and maintain an adequate level of safeguards for the use of assets. The Ministry of XYZ is handling various important, highly confidential, and sensitive data. Therefore, information protection is not only essential but also mandatory. The organization has implemented ISO 27001:2013 in Pusat Data dan Teknologi Informasi (Pusdatin) and called the security management standard Sistem Manajemen Keamanan Informasi (SMKI). However, according to the Cyber Security Maturity assessment result by a public institution in 2022, there is still a wide gap between the technical implementation and the governance itself. Therefore, to improve the good governance of information security, we need to specifically evaluate the maturity of SMKI itself. This study will use the ISO 27001:2013 Compliance Checklist....
Information security is one of the key areas of consideration to assure reliable and dependable information systems (IS). Achieving an appropriate level of IS security requires concurrent consideration of the technical aspects of IS and the human aspects related to the end users of IS. These aspects can be described in the form of information security requirements. We propose an approach that helps select and balance information security software requirements (iSSR) and information security training requirements (iSTR) according to the information security performance of end users. The approach was tested in an experiment involving 128 IS professionals. The results showed that using the proposed approach helps IS professionals with limited experience in information security make significantly better decisions regarding iSSR and iSTR....
Every year brings numerous security breaches that lead to highly destructive ransomware attacks, data leaks, and reputational damage to governments, companies, and other organizations around the world. As a result, there is a growing need to ensure that workers comply with critical policies put in place to avoid such incidents. This study investigated how factors from social bond theory and involvement theory affected compliance with information security policies and procedures. All of the factors examined were found to have a significant influence on attitudes about compliance, and attitude had a significant impact on intention to comply. The findings of this study revealed that it is vital to raise employees’ awareness about compliance with security policies by improving their information security behavior. Moreover, all the factors were found to have a significant influence on the attitude of employees towards compliance with their organizational information security policies and procedures....
The proliferation of video sharing on social networks has created a novel avenue for covert communication. Since most social networking channels are lossy, researchers have devoted efforts to robust video steganography to establish covert communication on social networks. Although there are various methods available, they often overlook the differences between frames in a video and are designed for a single frame. In this paper, we explore the general process of video recompression and present the frame quantization step (FQS) and interframe mutual information (IFMI) to measure the frame difference in the process of video recompression. Based on the two proposed metrics, we design a heuristic frame selection strategy and then propose a new robust video steganographic method in the DWT-SVD domain. Extensive experiments demonstrate that heuristic frame selection can effectively improve the robustness and reduce the computational complexity of video steganography. Our proposed method provides better robustness and higher efficiency than existing methods for building reliable covert communication on social networks, such as YouTube and Vimeo....
The purpose of this paper is to examine cyber security issues related to smart grids (SGs), such as prior cyber-attacks, possible vulnerability issues, and enhanced cyber-security procedures for SGs on a technical and management basis. When designing public policies for SGs, it is important to consider both the motivations and obstacles to cyber protection and socio-economic conditions. Furthermore, the importance of suggested policies is viewed from various perspectives. The present paper provides an assessment of a group of policies specified by various stakeholders as having the potential for developing SG cyber security. The methodology for the formation of such a group of policies includes a perfect examination of global experience and meetings with experts from various fields. Subsequently, such policies are evaluated using a Delphi questionnaire aimed at assessing their advantages in pursuing investment goals for cyber security. The first result is that every policy is considered a positive effect of all goals, different in the priority assigned to each of them. The policies that received the most attention were: “regulatory changes policy to foster innovation in cyber security of SGs,” “regulation of new business models to improve cyber security and detect malicious attacks” and “establish a cyber-security governance strategy.”...
Loading....