Pub Date : 2023-05-01DOI: 10.12968/s1361-3723(23)70021-3
Sareena Heer, S. Alghamdi, S. Furnell
It's common to find any number of ‘smart’ devices in the modern home, with the most common being so-called smart speakers. Despite their huge popularity, people often view these devices with at least some degree of suspicion, with concerns about security and privacy. With this in mind, this article presents the details of a study conducted among current smart speaker users to examine their awareness and understanding of the security and privacy aspects of the devices that they are already using.
{"title":"Are we smart enough for smart technology?","authors":"Sareena Heer, S. Alghamdi, S. Furnell","doi":"10.12968/s1361-3723(23)70021-3","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70021-3","url":null,"abstract":"It's common to find any number of ‘smart’ devices in the modern home, with the most common being so-called smart speakers. Despite their huge popularity, people often view these devices with at least some degree of suspicion, with concerns about security and privacy. With this in mind, this article presents the details of a study conducted among current smart speaker users to examine their awareness and understanding of the security and privacy aspects of the devices that they are already using.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"163 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83146149","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-01DOI: 10.12968/s1361-3723(23)70016-x
Raymond Canzanese
It sometimes seems like everything is moving to the cloud, from the apps we use on our phones to major enterprise infrastructure. The result is that your IT landscape is always, to some extent, hybrid, with connections out to, and in from, the cloud at multiple points. The question you need to ask is whether this is opening up holes in your defences by exploiting channels and protocols that you inherently trust. This article examines the increasing popularity of cloud apps as a malware infiltration channel based on real-world data, and highlights potential mitigation strategies.
{"title":"Cloud as a malware infiltration channel","authors":"Raymond Canzanese","doi":"10.12968/s1361-3723(23)70016-x","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70016-x","url":null,"abstract":"It sometimes seems like everything is moving to the cloud, from the apps we use on our phones to major enterprise infrastructure. The result is that your IT landscape is always, to some extent, hybrid, with connections out to, and in from, the cloud at multiple points. The question you need to ask is whether this is opening up holes in your defences by exploiting channels and protocols that you inherently trust. This article examines the increasing popularity of cloud apps as a malware infiltration channel based on real-world data, and highlights potential mitigation strategies.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"47 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86535375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-01DOI: 10.12968/s1361-3723(23)70017-1
Steve Mansfield-Devine
Organisations currently face huge economic pressures, and many of them are having to cut their budgets. But is cyber security really something you can afford to skimp on? And if savings have to be made, are there ways you can spend your security dollar more wisely?
{"title":"Squeezing the security budget","authors":"Steve Mansfield-Devine","doi":"10.12968/s1361-3723(23)70017-1","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70017-1","url":null,"abstract":"Organisations currently face huge economic pressures, and many of them are having to cut their budgets. But is cyber security really something you can afford to skimp on? And if savings have to be made, are there ways you can spend your security dollar more wisely?","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"52 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85768436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-01DOI: 10.12968/s1361-3723(23)70019-5
Martin Walsham
A security operations centre (SOC) provides a critical security function to detect and defend from cyber security attacks. It is the last line of defence as part of an organisation's overall security control set. But not every organisation can, or should, run its own SOC.
{"title":"Developing a shared SOC","authors":"Martin Walsham","doi":"10.12968/s1361-3723(23)70019-5","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70019-5","url":null,"abstract":"A security operations centre (SOC) provides a critical security function to detect and defend from cyber security attacks. It is the last line of defence as part of an organisation's overall security control set. But not every organisation can, or should, run its own SOC.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"49 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91280434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1361-3723(23)70011-0
D. Garcia
Security is often reactive – responding to new forms of attack and trying to patch vulnerabilities before threat actors exploit them. It often seems difficult to get ahead of the curve, to secure the organisation in a considered and systematic way, rather than just firefighting the latest disaster.
{"title":"Getting ahead of the attackers","authors":"D. Garcia","doi":"10.12968/s1361-3723(23)70011-0","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70011-0","url":null,"abstract":"Security is often reactive – responding to new forms of attack and trying to patch vulnerabilities before threat actors exploit them. It often seems difficult to get ahead of the curve, to secure the organisation in a considered and systematic way, rather than just firefighting the latest disaster.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"63 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80183692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1361-3723(23)70012-2
Omri Kletter
{"title":"Brace for an uptick in insider fraud","authors":"Omri Kletter","doi":"10.12968/s1361-3723(23)70012-2","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70012-2","url":null,"abstract":"","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"71 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90618383","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1361-3723(23)70014-6
Phil Robinson
A zero-trust architecture offers significant security benefits and has become one of the most-discussed topics in information security. It's proven to offer high levels of breach prevention and has been shown to greatly reduce the costs of those organisations that are breached. So why is full adoption so slow, even among those organisations that have embraced the concept?
{"title":"Why is zero trust so difficult?","authors":"Phil Robinson","doi":"10.12968/s1361-3723(23)70014-6","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70014-6","url":null,"abstract":"A zero-trust architecture offers significant security benefits and has become one of the most-discussed topics in information security. It's proven to offer high levels of breach prevention and has been shown to greatly reduce the costs of those organisations that are breached. So why is full adoption so slow, even among those organisations that have embraced the concept?","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"69 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81135790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1361-3723(23)70015-8
M. Warren
{"title":"Cyber insurance is no longer optional","authors":"M. Warren","doi":"10.12968/s1361-3723(23)70015-8","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70015-8","url":null,"abstract":"","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"11 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82549084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-01DOI: 10.12968/s1361-3723(23)70013-4
Miri Marciano
Cyber threats are not new, but the scale of the attacks we're seeing and the damage they are causing is unprecedented. If you haven't already put in place cyber defences, your organisation is at risk and may be facing an existential threat. This means that everyone who has been putting off investing in information security solutions needs to reconsider – and quickly.
{"title":"Now is the time to invest in cyber","authors":"Miri Marciano","doi":"10.12968/s1361-3723(23)70013-4","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70013-4","url":null,"abstract":"Cyber threats are not new, but the scale of the attacks we're seeing and the damage they are causing is unprecedented. If you haven't already put in place cyber defences, your organisation is at risk and may be facing an existential threat. This means that everyone who has been putting off investing in information security solutions needs to reconsider – and quickly.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90235307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: