Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)

Ezer Osei Yeboah-Boateng

Research output: Book/ReportPh.D. thesisResearch

7525 Downloads (Pure)

Abstract

The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market.
As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies.
While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA).
As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date.
In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value.
SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model.
The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.
Original languageEnglish
PublisherInstitut for Elektroniske Systemer, Aalborg Universitet
Volume1
Edition1
ISBN (Print)978-87-7152-038-5
Publication statusPublished - 2013

Fingerprint

Small and medium-sized enterprises
Vulnerability
Integrity
Developing economies
Confidentiality
Threat
Assets
Attack
Neural networks
Expert opinion
Closure
World Wide Web
Neuro-fuzzy
Severity
Business success
Fuzzy cognitive maps
Asset value
Parallel processing
Fuzzy systems
Connectivity

Keywords

  • cyber-security

Cite this

Yeboah-Boateng, E. O. (2013). Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). (1 ed.) Institut for Elektroniske Systemer, Aalborg Universitet.
Yeboah-Boateng, Ezer Osei. / Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). 1 ed. Institut for Elektroniske Systemer, Aalborg Universitet, 2013.
@phdthesis{65f8748af2e04b8cabf81ece16a4b8c4,
title = "Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)",
abstract = "The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market. As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies. While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA). As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date. In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value. SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model. The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.",
keywords = "cyber-security",
author = "Yeboah-Boateng, {Ezer Osei}",
year = "2013",
language = "English",
isbn = "978-87-7152-038-5",
volume = "1",
publisher = "Institut for Elektroniske Systemer, Aalborg Universitet",
address = "Denmark",
edition = "1",

}

Yeboah-Boateng, EO 2013, Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). vol. 1, 1 edn, Institut for Elektroniske Systemer, Aalborg Universitet.

Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). / Yeboah-Boateng, Ezer Osei.

1 ed. Institut for Elektroniske Systemer, Aalborg Universitet, 2013.

Research output: Book/ReportPh.D. thesisResearch

TY - BOOK

T1 - Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)

AU - Yeboah-Boateng, Ezer Osei

PY - 2013

Y1 - 2013

N2 - The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market. As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies. While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA). As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date. In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value. SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model. The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.

AB - The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber-market. As more SMEs today continue to use networks and the Internet as vital business tools, the need for a secured organization cannot be over-emphasized. SMEs are utilizing the opportunities offered by advances in ICTs to adopt innovative business operations, to offer user-friendly products and services, to develop customer-centric strategies. While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA). As vulnerabilities are exploited by the numerous threat agents or attackers, SMEs are adversely impacted which in some cases may lead to business closure. The extent of cyber-attacks have increased in recent times and experts believe that if nothing is done about it, the severity of future attacks could be greater than what has been observed to date. In order to propose appropriate solutions, the traditional risk equation is re-contextualized into a fuzzy risk relational function, with fuzzy arguments of vulnerabilities, threats and assets value. SMEs were surveyed and strategically interviewed on various cyber-security and business metrics. The elicited experts opinions were used to model the risk function, using neuro-fuzzy techniques, that combines the human inference style and linguistic expressions of fuzzy systems with the learning and parallel processing capabilities of neural networks to analyze the cyber-security vulnerabilities assessment (CSVA) model. The results show that the CSVA model is simple and intuitive, and can be used by SMEs to mitigate the vulnerabilities of their assets. Using fuzzy similarity measures, taxonomies of vulnerabilities and threats are also benchmarked to assist SMEs to be proactive. Finally, fuzzy cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies.

KW - cyber-security

M3 - Ph.D. thesis

SN - 978-87-7152-038-5

VL - 1

BT - Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)

PB - Institut for Elektroniske Systemer, Aalborg Universitet

ER -

Yeboah-Boateng EO. Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA). 1 ed. Institut for Elektroniske Systemer, Aalborg Universitet, 2013.