A framework for cyber-risk insurance against ransomware: A mixed-method approach

Mukhopadhyay, Arunabha; Jain, Swati

doi:10.1016/j.ijinfomgt.2023.102724

Cited by 9 publications

(1 citation statement)

References 82 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Comprising a series of documents outlining best practices for information technology governance, COBIT is crafted to assist users and management alike [20]. Its role lies in bridging the gap that exists among business risks, control requisites, and intricate technical IT-related aspects [21]. The core objective of this research is to gauge the extent of the current maturity level within system security, utilizing COBIT 2019 standards as a benchmark.…”

Section: Introductionmentioning

confidence: 99%

Evaluation of Governance in Information Systems Security to Minimize Information Technology Risks

Darmi,

Fernandez,

Fathoni

et al. 2024

intensif

View full text Add to dashboard Cite

Information system security within XYZ University constitutes a vital component of its IT framework, exerting significant influence over security levels across all facets of the information systems. Among the numerous implemented information system services at the university, a considerable portion lacks active security measures within operational systems. In pursuit of achieving uniform governance, this study adopts the most recent COBIT 2019 framework. The primary objective of this research is to evaluate the degree to which current information system security management aligns with the process achievement values stipulated in the COBIT 2019 standard. This evaluation entails the calculation of maturity level values that gauge performance levels in managing information system security. Findings from the COBIT 2019 Design assessment conducted at XYZ University's LTIK reveal that individuals scoring above 80 or those requiring Capability Level 4 include APO12 and BAI10. Moreover, the calculation outcomes for each subdomain reveal the presence of 2 subdomains at Level 4, 4 subdomains at Level 3, 15 subdomains at Level 2, and 19 subdomains at Level 1. The identification outcomes underscore the existence of gaps within each domain. Particularly, the APO12 and BAI10 domains exhibit a gap spanning 2 levels.

show abstract

Section: Introductionmentioning

confidence: 99%

Evaluation of Governance in Information Systems Security to Minimize Information Technology Risks

Darmi,

Fernandez,

Fathoni

et al. 2024

intensif

View full text Add to dashboard Cite

show abstract

The types of hackers and cyberattacks in the aviation industry

Florido-Benítez

2024

J Transp Secur

View full text Add to dashboard Cite

The main goal of this study is to analyse the types of hackers and cyberattacks in the aviation industry, to enhance cybersecurity in the air sector. This manuscript has identified 12 different typologies of hackers in the aviation context. First, those hackers who exercise responsibility in proper, effective, ethical, and good practices to improve the safety of citizens and organizations, such as white unicorns, red, blue, green, and nation sponsored hackers. And second, those hackers that are developing and using cyberattacks with bad practices to provoke serious material damage to public and private organizations, consumers, or even terrorist acts to kill people, including black, nation-state, cyberterrorist, whistle-blower, hacktivist, script kiddie, and gray hackers. Furthermore, findings reveal 54 cyberattacks documented in the period analysed (2000 – January 2024). Of the total cyberattacks in the period analysed, 35 were perpetrated at airports (65%) and 19 by airlines (35%). This study also suggests some lines of action to ensure and guarantee the security of data and private information for business-to-consumer (B2C) and business-to-business (B2B) and their transactions in the aviation industry.

show abstract