english

Manual and automated techniques for detecting network attacks

When launching an attack against an organization, cybercriminals can face defensive systems that are part human and part machine. The human part corresponds to security analysts who scrutinize the server logs and identify anomalies that correlate to malicious intent. The machine part consists of data analysis run by unsupervised learning systems. Especially, clustering the data …

Impacts of deterrence factors and norms on resistance to information systems security

End users are often the weakest link in ensuring information system security (ISS) in organizations. Numerous studies showed that employees’ behaviour remains a significant challenge for successfully implementing ISS policies in organizations. In a Ponemon Institute survey of IT security practitioners, nearly 56% of the participants attributed employees’ resistance to comply with ISS policies as …

Hands-on cybersecurity training: CyTrONE

Governments of many countries understand the importance of raising awareness among the population regarding cybersecurity and actively support wide-scale training programs activities. Hence, hands-on cybersecurity education and training are becoming more and more relevant to raise awareness about cybersecurity incidents. Most current cybersecurity education and training programs employ hands-on activities aimed at improving the functional …

Exploring susceptibility to phishing in the workplace

Organizations are increasingly under threat from cybercriminals attempting to infiltrate their computer systems by exploiting the behaviour of employees via targeted, fraudulent emails. This practice is commonly known as spear phishing. Organizations attempt to raise awareness of spear phishing emails amongst their staff through the use of simulated phishing tests. This involves the organization sending …

Responsibilizing the cybersecurity risk?

In nowadays society, when considering the mitigation of any risks, it is widely presumed that individuals should, and will, make responsible life choices to improve their well-being. Thus, individuals are primarily held responsible for managing their cybersecurity which means they have been responsibilized when it comes to managing the cybercrime risk. Governments engage primarily in …

Enhancing Cybersecurity Awareness Training through a Phishing Exercise

Emails are essential to businesses, but they are also an attractive attack vector and target for malicious actors operating on the Internet. Email is the frontline where businesses and users need to defend themselves against malicious actors attempting to steal information, obtain access credentials and compromise infrastructure. The most widely used social engineering technique, known …

Cybersecurity Ethics Curriculum

As society becomes more reliant on cyber infrastructures to manage crucial aspects of daily living, threats posed by cyber-attacks become increasingly critical. In response to this, governments funding for cybersecurity initiatives has increased. Despite it, there is still a shortage of skilled cybersecurity professionals as current estimates indicate a global shortfall of skilled cybersecurity professionals …