Purpose This paper aims to identify and appropriately respond to any socio-technical gaps within organisational information and cybersecurity practices. This culminates in the equal emphasis of both the social, technical and environmental factors affecting security practices. Design/methodology/approach The socio-technical systems theory was used to develop a conceptual process model for analysing organisational practices in terms of their social, technical and environmental influence. The conceptual process model was then applied to specifically analyse some selected information and cybersecurity frameworks. The outcome of this exercise culminated in the design of a socio-technical systems cybersecurity framework that can be applied to any new or existing information and cybersecurity solutions in the organisation. A framework parameter to help continuously monitor the mutual alignment of the social, technical and environmental dimensions of the socio-technical systems cybersecurity framework was also introduced. Findings The results indicate a positive application of the socio-technical systems theory to the information and cybersecurity domain. In particular, the application of the conceptual process model is able to successfully categorise the selected information and cybersecurity practices into either social, technical or environmental practices. However, the validation of the socio-technical systems cybersecurity framework requires time and continuous monitoring in a real-life environment. Practical implications This research is beneficial to chief security officers, risk managers, information technology managers, security professionals and academics. They will gain more knowledge and understanding about the need to highlight the equal importance of both the social, technical and environmental dimensions of information and cybersecurity. Further, the less emphasised dimension is posited to open an equal but mutual security vulnerability gap as the more emphasised dimension. Both dimensions must, therefore, equally and jointly be emphasised for optimal security performance in the organisation. Originality/value The application of socio-technical systems theory to the information and cybersecurity domain has not received much attention. In this regard, the research adds value to the information and cybersecurity studies where too much emphasis is placed on security software and hardware capabilities.
With the rapid advancement of technologies in the era of Industry 4.0, the interconnected nature of operations and systems is introducing a rapidly changing landscape of digitized and connected systems. Cybercrime is considered as possibly the greatest threat to connected systems worldwide, and therefore there exists a large drive in engineering to include cybersecurity in the design, development and maintenance of smart cyber-physical systems. Traditionally, the cybersecurity space was considered the responsibility of Information Technology (IT) professionals, where the greater IT infrastructure was required to keep these engineering systems safe. However, through the evolution of engineering and control systems, the IT infrastructure has started to become more integrated with these systems, improving the efficiency of the systems, but also making them more susceptible to cyber-attacks. These changes mean that securing these systems cannot remain the sole responsibility of the IT professionals, as systems must be designed with cybersecurity in mind. Considering that engineers are designing and developing more integrated systems, there exists a knowledge gap in the field of cybersecurity engineering and engineers' understanding of their cybersecurity responsibilities. This study aimed to determine the level of security that is currently considered in standard electrical engineering projects in a typical academic environment. This baseline serves as a motivation to develop a practical approach to assist engineering students in considering cybersecurity when developing engineering systems and products. INDEX TERMS Engineering education, Engineering design, Security, Secure software design.
In 1950, approximately 1.8 billion lived in rural areas and subsequently, rural population growth averaged 1.0 per cent per year, with the result that the rural population nearly doubled, reaching 3.4 billion in 2018 and is expected to peak in 2021 at just over 3.4 billion. Rural villages are lacking behind urban areas when it come to the stages of industrial revolutions and societal development with respect to technological advancement. Today, the world is faced with the new wave of advanced technological revolution called Industry 4.0. Despite the impressive work being implemented successfully to create smart cities and smart villages in various countries, there are still no developed standard indicators that can be used to define smart rural village concept. The objective of the study is to develop indicators for smart rural villages aligned with Industry 4.0 technologies using systematic literature review, the 2030 agenda for sustainable development, as well as the ISO 37122, smart cities indicator's standard. The translation method developed prioritized indicators according to sustainability, smartness and connectivity from the Information and Communication Technology. The main contribution is the method and indicators developed over 2-year period for smart rural villages. The resulting indicators makes it possible to answer what a smart rural village is: village that has access to affordable energy, adequate housing, safe drinking water, an inquisitive rural culture, early warning systems against adverse weather conditions, against drinking water pollution as well as the predictable schedule for local doctor, taxi/bus.
This paper introduces a control framework for digital forensics. It proposes a taxonomy for control objectives, categorized within the phases of the digital forensic process: planning and preparation, incident response , investigation and juridical/evidentiary. Using the taxonomy as a basis, a digital forensic reference framework, consisting of control groupings, control objectives and detailed control objectives, is defined. The control framework is intended to provide a sound theoretical basis for digital forensics as well as a reference framework for digital forensics governance within organizations.
Purpose For many innovative organisations, Industry 4.0 paves the way for significant operational efficiencies, quality of goods and services and cost reductions. One of the ways to realise these benefits is to embark on digital transformation initiatives that may be summed up as the intelligent interconnectivity of people, processes, data and cyber-connected things. Sadly, this interconnectivity between the enterprise information technology (IT) and industrial control systems (ICS) environment introduces new attack surfaces for critical infrastructure (CI) operators. As a result of the ICS cybersecurity risk introduced by the interconnectivity between the enterprise IT and ICS networks, the purpose of this study is to identify the cybersecurity capabilities that CI operators must have to attain good cybersecurity resilience. Design/methodology/approach A scoping literature review of best practice international CI protection frameworks, standards and guidelines were conducted. Similar cybersecurity practices from these frameworks, standards and guidelines were grouped together under a corresponding National Institute of Standards and Technology (NIST) cybersecurity framework (CF) practice. Practices that could not be categorised under any of the existing NIST CF practices were considered new insights, and therefore, additions. Findings A CI cybersecurity capability framework comprising 29 capability domains (cybersecurity focus areas) was developed as an adaptation of the NIST CF with an added dimension. This added dimension emphasises cloud computing and internet of things (IoT) security. Each of the 29 cybersecurity capability domains is executed through various capabilities (cybersecurity processes and procedures). The study found that each cybersecurity capability can further be operationalised by a set of cybersecurity controls derived from various frameworks, standards and guidelines, such as COBIT®, CIS®, ISA/IEC 62443, ISO/IEC 27002 and NIST Special Publication 800-53. Practical implications CI sectors are immediately able to adopt the CI cybersecurity capability framework to evaluate their levels of resilience against cyber-attacks, given new attack surfaces introduced by the interconnectivity of cyber-connected things between the enterprise and ICS levels. Originality/value The authors present an added dimension to the NIST framework for CI cyber protection. In addition to emphasising cryptography, IoT and cloud computing security aspects, this added dimension highlights the need for an integrated approach to CI cybersecurity resilience instead of a piecemeal approach.
The fabrication of formal and confidential information can occur in a matter of seconds owing to the ease and versatility of the electronic medium. Security-related risks increase when we incorporate Internet use into our daily lives. A lack of awareness plays a major role in the security and privacy breach of online users.A comprehensive amount of knowledge is therefore important to enable the user to mitigate online security and privacy-related risks. Every user must understand the environment of the intangible medium of the World Wide Web, in order to decrease the number of people who fall victim to online crimes. This knowledge is covered in the Information Security Awareness Portal (ISAP).
Residential coal combustion is one of the most significant sources of carbonaceous aerosols in the Highveld region of South Africa, significantly affecting the local and regional climate. This study investigated single coal-burning particles emitted when using different fire-ignition techniques (top-lit up-draft versus bottom-lit up-draft) and air ventilation rates (defined by the number of air holes above and below the fire grate) in selected informal braziers. Aerosol samples were collected on nucleopore filters at the Sustainable Energy Technology and Research Centre Laboratory, University of Johannesburg. The individual particles (~700) were investigated using a scanning electron microscope equipped with energy-dispersive X-ray spectroscopy (EDX). Two distinct forms of spherical organic particles (SOPs) were identified, one less oxidized than the other. The particles were further classified into electronically dark and bright. The EDX analysis showed that 70% of the dark spherical organic particles had higher (~60%) relative oxygen content than in the bright SOPs. The morphology of spherical organic particles were quantified and classified into four categories: ~50% were bare single particles; ~35% particles were aggregated and formed diffusion accretion chains; 10% had inclusions, and 5% were deformed due to impaction on filter material during sampling. This study concludes that there are two distinct kinds of coal burning spherical organic particles and that dark SOPs are less volatile than bright SOPs. The authors also show that these spherical organic particles are similar in nature and characteristics to tar balls observed in biomass combustion and that they have the potential to absorb sunlight thereby affecting the earth’s radiative budget and climate. This study provides insights into the mixing states, morphology, and possible formation mechanisms of these organic particles from residential coal combustion in informal stoves.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
