The strategic environment is evolving rapidly with the recognition of cyberspace as a domain of warfare. The increased interest in cyber as a part of defence has heightened the need for theoretical tools suitable to assess cyber threat perceptions and responses to these threats. Drawing from previous research, we will formulate an analytical framework to study the formation of Russian thinking on cyber threats as a part of Russian strategic culture. This article identifies a sense of vulnerability, the narrative of Russia as a besieged fortress and the technological inferiority of Russia as specific factors influencing Russian cyber threat perception.
Because previous academic research does not comment sufficiently on how the relevant content of the European Union (EU) General Data Protection Regulation (GDPR has been properly communicated to the organisations, or how the situational awareness (SA) of GDPR has been built in the organisations, this qualitative empirical research was regarded as a valuable approach for gathering authentic research material on the practical bases of this phenomena. The aim of this empirical case study (CS) is to develop a picture of what processes organisations use to build SA of the GDPR requirements. To guide the CS, we asked how the SA for decision-making was constructed and how it was perceived in organisations. The experiences of eight Finnish organisations showed that the organisations’ practices of building SA and their experiences with the quality and adequacy of SA differed. However, building SA proved to be a critical step for organisations in the overall process of meeting GDPR requirements. Especially the data coming from inside the organisation became very relevant in the SA process, because it supported decision makers to determine how the GDPR requirements should be implemented in the organisation. As a main contribution of this article, based on best practices shared by organisations a model of building SA was built. The proposed model is threefold and was constructed by combining the findings of an empirical CS analysis, the steps of the intelligence process, and the essential elements of the model of creating information security SA. The result is potentially beneficial for building situational understanding of any complex or ambiguous issue, especially in complex and digitalised technological areas, where combining information management with accurate and efficient decision-making is a common challenge. The results can be used by any party who is looking to build SA of an abstract issue in a complex environment.
In 2019, e-criminals adopted new tactics to demand enormous ransoms from large organizations by using ransomware, a phenomenon known as "big game hunting." Big game hunting is an excellent example of a sophisticated and coordinated modern cyber-attack that has a significant impact on the target. Cyber threat intelligence (CTI) increases the possibilities to detect and prevent cyber-attacks and gives defenders more time to act. CTI is a combination of incident response and traditional intelligence. Intelligence modifies raw data into information for decision-making and action. CTI consists of strategic, operational, or tactical intelligence on cyber threats. Security event monitoring, event-based response, and anomaly and signature-based detection can create the basis of the situation in cyberspace.To achieve a uniform situational picture, long-term assessment is required. Strategic CTI informs broad or longterm issues and provides situation awareness as well as an analyzed overview of the threat landscape and early warning of cyber threats. This paper describes how the implementation of artificial intelligence (AI) and machine learning (ML) can be utilized in strategic CTI.The results were arrived at using the design science research methodology. We propose a solution that uses AI as a component of strategic CTI. Furthermore, the paper is a literature survey, integrating research literature on intelligence, cybersecurity, and AI. The paper presents the concept of CTI and its relation to the situational picture of cyberspace. It also addresses the possibilities of natural language understanding for large-scale content analysis and introduces a solution in which an existing enriched dataset provided valuable strategiclevel information about an ongoing malicious cyber event.The paper is part of PhD research concerning comprehensive CTI. Other articles in the dissertation discuss emerging technologies in operational and tactical CTI.
TiivistelmäKyberturvallisuusstrategian vision mukaan Suomen tulee kyetä suojaamaan elintärkeät toimintonsa kyberuhkaa vastaan kaikissa tilanteissa. Terveydenhuolto on yksi elintärkeistä toiminnoista. Terveystoimiala on kyberhyökkäysten top-5-listalla ensimmäisenä. Hyökkäysten keskeisin motivaatio on potilastietojen arvo pimeillä markkinoilla. Vuonna 2015 varastettiin yli satamiljoonaa potilastietoa, jotka sisältävät rikollisille arvokkaita tietoja, kuten luottokorttinumeroita, työnantajatietoja ja sairaushistoriatietoja. Tässä artikkelissa kuvataan terveydenhuoltoon liittyviä kyberuhkia, kyberhaavoittuvuuksia ja toteutuneita kyberhyökkäyksiä kybermaailman eri ulottuvuudet kattaen.Tarkastelussa käytetään kybermaailman viisikerroksista verkostomallia, joka sisältää fyysisen, syntaktisen, semanttisen, palvelu-ja kognitiivisen kerroksen. Malli kattaa laajasti koko kybermaailman fyysisen kerroksen laitteista ja verkoista kognitiivisen kerroksen inhimillisiin ongelmanratkaisu-ja tulkintaympäristöihin. Haavoittuvuuksia ja toteutuneita hyökkäyksiä voidaan mallin mukaan jaotella laitekohtaisista haavoittuvuuksista aina koulutuksen puutteista johtuviin haavoittuvuuksiin ja pelottelu-ja kalasteluohjelmilla tapahtuneisiin hyökkäyksiin. Paljon julkisuutta ovat saaneet myös terveydenhuoltoon kohdistuneet kiristyshaittaohjelmahyökkäykset.Kyberuhkia vastaan voidaan suojautua useilla eri tasoilla ja tavoilla. Lähtökohtana on se, että jokainen organisaatio huolehtii oman toimintansa kyberturvallisuudesta tehden yhteistyötä muiden toimijoiden kanssa uhkien tunnistamisessa ja torjumisessa. Terveydenhuollon kyberturvallisuuden rakentaminen on systeemin hallintaa, jossa tulee keskittyä järjestelmien kokonaisuuteen yksittäisten laitteiden sijaan. Yhteistoiminnan tavoitteena on, että kokonaisosaaminen tukee yksittäisen toimijan toimintaedellytyksiä yhteistä uhkaa vastaan. Terveydenhuollon kyberturvallisuuden jatkuva parantaminen ja tietoisuuden lisääminen ovat kaikkien kansalaisten etuja, jotka vaativat vahvaa ymmärrystä niin tietoturvasta kuin terveydenhuollon toimintatavoistakin. Tämän vuoksi tietoisuuden kohottamisen ja henkilökunnan kouluttamisen tuleekin olla keskeisellä sijalla organisaatioiden kyberturvallisuudessa. AbstractFinland's cyber security strategy states that Finland has to be capable of protecting the vital functions of society, such as health care, against cyber threats. Currently, health care heads the TOP-5 list of cyber attacks because of the value of patient data in dark markets. In this article, we describe actual cyber threats, cyber vulnerabilities, and cyber attacks covering different dimensions of the cyber world.In this study, we use a five-layer cyber world network-model including physical, syntactic, semantic, service, and cognitive layers. The model covers widely the devices and networks from the physical layer to the human problem solving and interpretation environments in the cognitive layer. Also, the vulnerabilities of e.g. device-specific or human factor-related and realised attacks like phishing can...
The cumulative cyber deterrence can be seen as a concept in which increasing the weight of different means and their use increases the deterrent effect on a common level or on selected adversaries. Cumulative cyber deterrence may include all traditional options of deterrence, and can be active or passive. Active deterrence can be characterized as targeting specific threats and actors, as a deterrent consisting of several different methods, while passive deterrence is a form of deterrence commonly targeted at all the potential adversaries. The cumulative cyber deterrence can be an independent type of deterrence or part of a state’s overall deterrence. This paper approaches the concept of cumulative cyber deterrence from a military perspective. The purpose is to determine what factors can be formed by cumulative cyber deterrence. It describes how cumulative deterrence will change and be affected and what problems can be associated with that concept. The aim is to find answers to these questions by looking at the way how Israel and Russia use cumulative cyber deterrence as part of their overall deterrence. In its theoretical context, this paper is based on the theory of the character of war. Through the theory of character of war and utilizing the concept of reflexive control, an attempt is made to explain the position of cumulative cyber deterrence as part of overall deterrence. Integrative literature analysis has been used as the research method. The key conclusion of the paper is that creating a credible cyber deterrent is an affect and cost-effective way to increase overall deterrence. However, this presupposes that the state also has offensive cyber methods at its disposal and is able to credibly communicate their existence and the will to use them if necessary. The concept of cumulative cyber deterrence depends on the other means of deterrence available to the state. Both Israel and Russia have all these qualities. A key difference in the deterrence strategies of these states is that Israel uses cumulative methods to make it clear where the red lines are, while Russia’s strategic goal is to blur them
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.