This chapter demonstrates how the elements of a cybersecurity incident can be analysed systematically, and suggests an alternative way to mitigate the causes and consequences of such incidents. Cybersecurity incidents can be explained in terms of a sequence of elements linking the attacking agents to their objectives: the attacking agent uses tools to exploit vulnerabilities, causing actions on a specific target to obtain unauthorized results, achieving their objectives. Cyber security can be improved by stopping the flow of the attack by mitigating one or more elements that make up the process. Unfortunately, most of these elements have characteristics that limit the opportunities for mitigation. The least difficult element to mitigate is vulnerability. The current model of vulnerability mitigation has behaved for the corporate environment, which can pay for specialized tools and consulting. This is an excellent business model but inaccessible to the public. A new model is necessary to prevent cybersecurity incidents on a broader, more inclusive level. The main proposal for vulnerability mitigation is multisector cooperation to create an independent, trustworthy, and secure vulnerability database, based on a new vulnerability report protocol developed in accordance with researchers, companies, governments, and society. However, this proposal creates some social, political, and technical challenges.
Esse trabalho propõe uma nova abordagem de detecção de desfiguração de páginas web, baseada na análise de imagens, identificando a simetria entre o estado inicial da página web e o estado atual. Esse trabalho difere dos demais, devido à sua simplicidade, mantendo a eficácia.
Resumo: Este estudo qualitativo apresenta o caso do Simulador de Operações Cibernéticas (SIMOC) adotado pelo Exército Brasileiro no treinamento de pessoal em defesa cibernética, sob a perspectiva da gamificação. Investigou-se a ocorrência de onze elementos de jogos e de outras práticas associadas à gamificação do ensino e da instrução a fim de determinar se o caso SIMOC é um exemplo de gamificação. Foram coletadas evidências em documentos e por meio de entrevistas realizadas com membros da equipe que trabalha com o SIMOC e com alunos que participaram de treinamentos em que o simulador foi utilizado.Palavras-chave: gamificação; segurança cibernética; jogos; espaço cibernético de treinamento; estudo de caso. Gamification Analysis in the Cyber Operations Simulator (SIMOC)Abstract: This qualitative study presents the case of the Cyber Operations Simulator (SIMOC) adopted by the Brazilian Army in staff training in cyber defense, under the perspective of the gamification. The occurrence of eleven elements of games and of other practices associated with the gamification of learning and instruction were investigated to determine whether the SIMOC case is an example of gamification. Evidence were collected from documents and through interviews made with the members of SIMOC work team and with students who participated in training sessions in which the simulator was used.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.