Tips for Drafting Efficient Employee Information Security Policies
Employee information security policies impose obligations on employees of organizations which aim to reduce the risks of cyber-attacks. Such policies usually contain instructions on how to choose strong passwords, apply patches and updates, detect phishing schemes, protect sensitive information, and respond to information security incidents. There is an abundance of online materials about how...
The Future of Information Security
In this article, we look at the current trends in the field of information security and present speculations as to what the future of the field would be. It should be noted that unpredicted emergence of disrupting innovations may radically change the existing information security landscape. Nevertheless, we may reasonably expect that the future of cybersecurity will be dominated by four...
US-Russia Cyber-Security Unit: Future Reality or Pipe Dream
On 9th of July 2017, the President of the United States, Donald Trump, published the following tweet: “Putin & I discussed forming an impenetrable Cyber-security unit so that election hacking, & many other negative things, will be guarded.” One day later, President Trump published a tweet which poured cold water over the enthusiastic idea about an “impenetrable Cyber-security Unit.”...
Cybersecurity as an ethical obligation
An ethical obligation is a standard that defines a moral course of action. Many professions are subject to comprehensive sets of ethical obligations which, if violated, may lead to sanctions. For example, the Code of Medical Ethics adopted by the American Medical Association sets forth the values to which every physician commits himself/herself as a member of the medical profession. The State...
US Regions Most Vulnerable to a Cyber Attack
In December 2016, the Identity Theft Resource Center published a report indicating the top 10 cyber-risk vulnerable U.S. regions. The ten regions (ordered from high to low level of vulnerability) are as follows: (i) Washington, D.C.; (ii) California; (iii) Florida; (iv) Massachusetts; (v) Nevada; (vi) Illinois; (vii) Texas; (viii) Michigan; (ix) Missouri; and (x) Connecticut. In the...
Malware-as-a-service
In May 2017, a new form of ransomware called WannaCry affected more than 230,000 personal and business computers in over 150 countries. The ransomware affected organizations, such as Deutsche Bahn AG (a German railway company), NHS Scotland (the publicly funded healthcare system in Scotland), National Health Service of England, Saudi Telecom Company, and FedEx (an international courier...
PhD Defence
Daniel will defend his PhD dissertation on 27th of June 2017. The dissertation aims to examine whether Crowdsourced Online Dispute Resolution (CODR) can fairly resolve disputes. First, it provides a framework of CODR, analyses the differences between CODR and other dispute resolution schemes, and constructs an interpretation of procedural fairness that merges objective and subjective...
Security Concerns of Flying Motorcycles
Flying motorcycles resembling the flying machines from Star Wars are about to be placed on the market. A number of developers are working on designing large-scale aerial platforms that can lift and carry humans and heavy packages. Simpler than helicopters and convenient as motorbikes, flying motorcycles may expand the range of transportation means in the future. However, since such machines...
2016 Trends in Ransomware
Ransomware is not a new phenomenon, yet it remains one of the most popular forms of cybercrime due to the ease of its distribution and the good profits it provides to criminals. One of the reasons for the proliferation of ransomware is its diversity. Since ransomware constantly evolves in more sophisticated forms, organizations that do not follow the development of this particularly dangerous...
Technologies for Conducting Privacy Compliance Assessments
Most jurisdictions worldwide have developed comprehensive privacy laws which impose a number of obligations on organizations collecting personal data. However, the processes of ensuring compliance with privacy laws may be complex, lengthy, and costly. This is because such compliance work is usually undertaken by highly qualified experts, who need to examine in detail organizations’ flow of...