Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)

Ezer Osei Yeboah-Boateng

Publikation: Bog/antologi/afhandling/rapportPh.d.-afhandlingForskning

7675 Downloads (Pure)

Resumé

The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market.
As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies.
While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA).
As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date.
In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value.
SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model.
The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.
OriginalsprogEngelsk
ForlagInstitut for Elektroniske Systemer, Aalborg Universitet
Vol/bind1
Udgave1
ISBN (Trykt)978-87-7152-038-5
StatusUdgivet - 2013

Fingeraftryk

Confidentiality
Integrity
Small and medium-sized enterprises
Vulnerability
Developing economies
Assets
Threat
Attack
Fuzzy cognitive maps
Taxonomy
Inference
Severity
Closure
Expert opinion
Neural networks
Asset value
World Wide Web
Similarity measure
Fuzzy systems
Business success

Emneord

    Citer dette

    Yeboah-Boateng, E. O. (2013). Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). (1 udg.) Institut for Elektroniske Systemer, Aalborg Universitet.
    Yeboah-Boateng, Ezer Osei. / Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). 1 udg. Institut for Elektroniske Systemer, Aalborg Universitet, 2013.
    @phdthesis{65f8748af2e04b8cabf81ece16a4b8c4,
    title = "Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)",
    abstract = "The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market. As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies. While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA). As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date. In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value. SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model. The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.",
    keywords = "cyber-security",
    author = "Yeboah-Boateng, {Ezer Osei}",
    year = "2013",
    language = "English",
    isbn = "978-87-7152-038-5",
    volume = "1",
    publisher = "Institut for Elektroniske Systemer, Aalborg Universitet",
    address = "Denmark",
    edition = "1",

    }

    Yeboah-Boateng, EO 2013, Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). bind 1, 1 udg, Institut for Elektroniske Systemer, Aalborg Universitet.

    Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). / Yeboah-Boateng, Ezer Osei.

    1 udg. Institut for Elektroniske Systemer, Aalborg Universitet, 2013.

    Publikation: Bog/antologi/afhandling/rapportPh.d.-afhandlingForskning

    TY - BOOK

    T1 - Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)

    AU - Yeboah-Boateng, Ezer Osei

    PY - 2013

    Y1 - 2013

    N2 - The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market. As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies. While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA). As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date. In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value. SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model. The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.

    AB - The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market. As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies. While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA). As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date. In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value. SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model. The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.

    KW - cyber-security

    M3 - Ph.D. thesis

    SN - 978-87-7152-038-5

    VL - 1

    BT - Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)

    PB - Institut for Elektroniske Systemer, Aalborg Universitet

    ER -

    Yeboah-Boateng EO. Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). 1 udg. Institut for Elektroniske Systemer, Aalborg Universitet, 2013.