Cybersecurity capabilities and cyber-attacks as drivers of investment in cybersecurity systems: A UK survey for 2018 and 2019

Arroyabe, Ignacio Fernandez de; Arranz, Carlos F. A.; Arroyabe, Marta F.; Arróyabe, Juan Carlos Fernández de

doi:10.1016/j.cose.2022.102954

Cited by 22 publications

(11 citation statements)

References 85 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When employees have their roles and duties clearly defined (Malaivongs et al, 2022), comprehensive processes, strategies and responsibilities improve employees' information security behaviors (Ahmad et al, 2019) and cybersecurity compliance (Heymann et al, 2022;B elanger et al, 2022). In addition, established procedures, rules and governance resources that represent an organization's cyber-capabilities help to decrease the number of information security policy violations (Al-Mukahal and Alshare, 2015) and can positively impact investment in cybersecurity systems (Fernandez De Arroyabe et al, 2023). Regular review and updates of cybersecurity policies and procedures are also crucial for effective cybersecurity compliance in organizations (Chowdhury et al, 2022).…”

Section: Thematic Framework Of Cybersecuritymentioning

confidence: 99%

“…The fifth subtheme under organizational factors that can affect cybersecurity compliance is the security monitoring team. An organization's decision-making in cybersecurity is heavily influenced by its existing cybersecurity capabilities (Fernandez De Arroyabe et al, 2023). Sadok et al's (2020) study stressed the importance of having a security response team.…”

Section: Thematic Framework Of Cybersecuritymentioning

confidence: 99%

See 1 more Smart Citation

Building a thematic framework of cybersecurity: a systematic literature review approach

Khaw,

Amran,

Teoh

2024

JSIT

View full text Add to dashboard Cite

Purpose This paper aims to explore the factors affecting cybersecurity implementation in organizations in various countries and develop a cybersecurity framework to improve cybersecurity practices within organizations for cybersecurity risk management through a systematic literature review (SLR) approach. Design/methodology/approach This SLR adhered to RepOrting Standards for Systematics Evidence Syntheses (ROSES) publication standards and used various research approaches. The study’s article selection process involved using Scopus, one of the most important scientific databases, to review articles published between 2014 and 2023. Findings This review identified the four main themes: individual factors, organizational factors, technological factors and governmental role. In addition, nine subthemes that relate to these primary topics were established. Originality/value This research sheds light on the multifaceted nature of cybersecurity by exploring factors influencing implementation and developing an improvement framework, offering valuable insights for researchers to advance theoretical developments, assisting industry practitioners in tailoring cybersecurity strategies to their needs and providing policymakers with a basis for creating more effective cybersecurity regulations and standards.

show abstract

Section: Thematic Framework Of Cybersecuritymentioning

confidence: 99%

Section: Thematic Framework Of Cybersecuritymentioning

confidence: 99%

Building a thematic framework of cybersecurity: a systematic literature review approach

Khaw,

Amran,

Teoh

2024

JSIT

View full text Add to dashboard Cite

show abstract

“…From a business standpoint, there is an investment challenge when it comes to cybersecurity. Fernandez De Arroyabe, et. al.…”

Section: Incentivization Of Security Typologymentioning

confidence: 99%

“…The second perspective to consider is the financial perspective. According to Fernandez De Arroyabe, et. al.…”

Section: Incentivization Of Security Typologymentioning

confidence: 99%

A Reflection on Typology and Verification Flaws in consideration of Biocybersecurity/Cyberbiosecurity: Just Another Gap in the Wall

Potter,

Mossberg,

Palmer

2023

eccws

View full text Add to dashboard Cite

Verification is central to any process in a functional and enduring cyber-secure organization. This verification ishow the validity or accuracy of a state of being is assessed (Schlick, 1936; Balci, 1998). Conversely, breakdownin verification procedures is core to the interruption of normal operations for an organization. A key problemfor organizations that utilize biology as an interlock within their systems is that personnel lack sufficient abilityto verify all practically relevant biological information for procedures such as a nurse logging a blood draw, or amolecular biology technician preparing agar to culture microbes for study. This has several implications, one ofwhich is our diminished ability to approximate and defend against emerging biologically-linked cyberthreats.These could be in the form of mis- or dis-information, contaminants, or calculated threats to vital supplies.Two important questions to ask are: “What may be the implications of diminished ability to undergo strictverification measures (such as triple redundancy and technological distancing).” And “how does this impactour ability to anticipate and make changes for verification of biological processes?” This paper aims to discusskey areas where verification gaps exist and how to bridgethos gaps. Towards this, we cover data integrity,implications of the lack of verification, triple redundancy, technological distancing, biosafety concerns, andmore. All of this will factor into the ability of organizations with proximity to biosecurity to anticipate nationalchanges to biological processes that are nationally relevant.

show abstract

“…Information security and cyber-attacks have been the primary focus of researchers, with the main aim being the allocation of resources to detect and prevent attacks on networks and systems [8], [9]. Many organizations have become vulnerable as a result of easily available and accessible nature of the Internet and are as a result, a high potential attraction for cyber-security threats [10].…”

Section: Introductionmentioning

confidence: 99%

Assessment of existing cyber-attack detection models for web-based systems

Awuor¹

2023

Global J. Eng. Technol. Adv.

View full text Add to dashboard Cite

In the current technological environment, different entities engage in intricate cyber security approaches in order to counter damages and disruptions in web-based systems. The design of the security protocols relies on the guarantee that attacks are prevented in the web-based systems. Prevention and detection using techniques such as access control tools, encryption and firewalls present limitations in the full protection of web-based systems. Furthermore, despite the sophistication of current systems, there are still shortfalls in high false positive and false negative threat detection rates, which is attributed to poor adaptation by systems and networks to the changing threats and behavior of cyber-criminals. In this perspective, this survey paper discusses the existing cyber-attack detection models, and recommends the cyber-attack detection models and techniques that are appropriate for web-based systems. It is evident that deep learning techniques offer better performance and robustness compared to traditional machine learning techniques and other non-artificial intelligence-based techniques. Deep learning techniques learn and extract features automatically without human intervention and can also handle big and multidimensional data more conventionally than the other techniques.

show abstract

Cybersecurity capabilities and cyber-attacks as drivers of investment in cybersecurity systems: A UK survey for 2018 and 2019

Cited by 22 publications

References 85 publications

Building a thematic framework of cybersecurity: a systematic literature review approach

Building a thematic framework of cybersecurity: a systematic literature review approach

A Reflection on Typology and Verification Flaws in consideration of Biocybersecurity/Cyberbiosecurity: Just Another Gap in the Wall

Assessment of existing cyber-attack detection models for web-based systems

Contact Info

Product

Resources

About