english

Booting the booter

DoS (Denial of service) is an attack in which the perpetrator generates a large amount of traffic to overwhelm end-users or web service and prevent some or all legitimate requests from being fulfilled. Booter’ or ‘stresser’ services provide DoS attacks as-a-service. Booter operators can advertise their service and individuals can set up accounts and order …

Testing Internet of Toys

Internet-connected toys (IoToys) offer children opportunities to play and learn, and also educational support thanks to their interactive and personalized features. IoToys, like any other Internet of Things (IoT) devices, contain embedded electronics and computing elements, such as microphones, cameras, sensors of various kinds, which enable them to interact with users and adapt to their …

Smartwatch games: Encouraging privacy-protective behaviour

According to a report from the Office of the Privacy Commissioner of Canada, in 2018, 92% of Canadians expressed some levels of concern regarding the protection of their privacy. However, some individuals frequently exhibit behaviour which places their data at risk. This disparity between claimed concern and practical action is called the Privacy Paradox. The …

A comparison of web privacy protection techniques

The online advertising market is becoming bigger and bigger. Users access content provided for free by publishers who monetize their audience through advertisement. Companies thus buy online exposure to promote their products, and in order to maximize advertisement efficiency, they tailor their ads to users regarding their interests. Advertisers use techniques such as cookies, local …

Constructing the cyber-insurance market: Improving cybersecurity through insurance?

While dealing with interconnected and global risks, the cyber-insurance market is rapidly growing. This market is a creature of privacy and data security regulations, and mandatory breach notifications have shaped its business model. Market stakeholders suggest that cyber-insurance provides incentives and resources to insured organizations for improving cybersecurity. This presentation seeks to empirically test this …

[STAT CAN] Fail-Safe to Safe-to-Fail

By Traian Toma, Université de Montréal and Fiona Westin, Carleton University According to Statistics Canada [1], 92% of today’s Canadian enterprises use digital technology to do business. With pervasive adoption of digital technology comes increased concern over its risks and threats. Virtually every business employs some form of cybersecurity measure to protect itself [1]. However, while …

Exploring the role of work identity and empowerment in cybersecurity awareness

Technology-related interventions do not always prevent organizations from becoming victims of cyberattacks and data breaches. Indeed, cybersecurity is not just about technology: almost all successful cyberattacks have a contributing human factor. Employees can bolster organizational cybersecurity as, for the most part, technology cannot be the only solution. However, as much as employees can be a …

Phishing attempts and the “Dark Triad”

Spam filters have been developed to effectively detect and deter phishing campaigns. Yet, attackers continuously find new ways to evade these technologies through sophisticated and personalized e-mails that take advantage of human limitations and persuade people to respond. Machiavellianism, narcissism, and psychopathy are known as the “Dark Triad” of personality traits. Machiavellianism is associated with …

The sport of cybersecurity

Cybersecurity is no longer just a problem for governments or tech firms — it has now reached U.S. professional sports leagues. Unfortunately, the leagues’ efforts to safeguard the integrity of their sporting competition from these threats have been relatively slow to develop. Rather than formulate leaguewide cybersecurity standards, U.S. leagues appear to largely defer to …