Purpose: The research explored empirical evidence to assess the impact of cyber security and supply chain risk on digital operations in the UAE pharmaceutical industry. Methodology/Design/Approach: Based on responses from 243 personnel working at 14 pharmaceutical manufacturing companies in Dubai, data were examined for normality, instrument validity and regression analysis. Cyber security and SC risk on digital operations were explored by applying convenient sampling and descriptive and analytical research design. Findings: The findings validated the significant positive (...) association between cyber security and supply chain risk with digital operations. Research implications and Limitations: The research model was developed with three variables evaluated only on the pharmaceutical industry in Dubai. Future research should focus on multiple manufacturing industries by covering a larger geographic area. Practical implications: When suppliers are highly concentrated, customer-focused organisations with uncertain levels of digital transformation could improve their ability to manage supply chain risk by diversifying their clients. Pharmaceutical firms may require a greater focus on technology-based manufacturing firms to build and maintain customer trust. Originality Value: To illustrate how the pharmaceutical industry has explored the relationship between cyber security, supply chain risk and digital operations, the research highlights the significant and convoluted consequences of the relationship model that have not been previously considered. (shrink)

Artificial Intelligence is becoming widespread and as we continue ask ‘can we implement this’ we neglect to ask ‘should we implement this’. There are various frameworks and conceptual journeys one should take to ensure a robust AI product; context is one of the vital parts of this. AI is now expected to make decisions, from deciding who gets a credit card to cancer diagnosis. These decisions affect most, if not all, of society. As developers if we do not understand or (...) use fundamental modelling principles then we can cause real harm to society. Recently more serious effects of AI have been observed. Dehumanisation is the human reaction to overused anthropomorphism and lack of social contact caused by excessive interaction with, or addiction to, technology. This can cause humans to devalue technology and to devalue other humans. This is a contradiction of the use of ‘social robots’ and ‘chatbots’, indicating that the negative effects of this technology would outweigh any perceived positive effects. Also, within cyberspace, anthropomorphism and similar techniques based on deep philosophical principles can, and are, being used to alter the behaviour of humans. These techniques are used to manipulate human behaviours at a basic level in the human mind. As these types of techniques are becoming more widespread, it is clear that we are entering unchartered territory that holds a vast array of consequences for society. (shrink)

E-Government refers to the administration of Information and Communication Technologies (ICT) to the procedures and functions of the government with the objective of enhancing the transparency, efficiency and participation of the citizens. E-Government is tough systems that require distribution, protection of privacy and security and collapse of these could result in social and economic costs on a large scale. Many of the available e-government systems like electronic identity system of management (eIDs), websites are established at duplicated databases and servers. (...) An established validation and management system could face a single failure point and the system is prone to Distributed Denial of Service Attacks (DDoS), denial of service attacks (DoS), malware and other cyber attacks. The execution of a privacy preserving and a secure decentralized system is enabled by the block chain technology. Here any third-party organizations do not have any control over the transactions of the Government. With the help of block chain technology, new and existing data are encapsulated within ledger or blocks, which are evenly distributed through the network in an enduring and sustainable way. The privacy and security of information are improved with the help of block chain technology, where distribution and encryption of data are performed through the total network. This analytical paper maps out the analysis of the security in the e-government system, utilizing the block chain technology that provides privacy and security of information and thereby enhancing the trust among the public sector. Qualitative and theoretical analysis is made for the proposed topic and implications of privacy and security of the proposed system is made. (shrink)

Given the growing dependence on digital systems and the escalation of financial fraud occurrences, it is imperative to implement efficient cyber security protocols and fraud detection methodologies. The threat's dynamic nature often challenges conventional methods, necessitating the adoption of more sophisticated strategies. Individuals depend on pre-established regulations or problem-solving processes, which possess constraints in identifying novel and intricate fraudulent trends. Conventional techniques need help handling noise data and the substantial expenses incurred by false positives and true positives. To (...) tackle these obstacles, the present study introduces Deep Fraud Net, a framework that utilizes deep learning to detect and classify instances of financial fraud and cyber security threats. The Deep Fraud Net system model entails the utilization of a deep neural network to acquire intricate patterns and characteristics from extensive datasets through training. The framework integrates noise reduction methods to enhance the precision of fraud detection and improve the quality of input data. The Deep Fraud Net method attains a precision of 98.85%, accuracy of 93.35%, sensitivity of 99.05%, specificity of 93.16%, false positive rate of 7.34%, and true positive rate of 89.58%. The findings suggest that Deep Fraud Net can effectively detect and categorize instances of fraudulent behavior with a reduced occurrence of misclassifications. The method exhibits potential implications for diverse domains that prioritize robust security and fraud detection, including but not limited to banking, e-commerce, and online transactions. (shrink)

The growing threats of cyber-attacks has undoubtedly, prompted the need for improved security measures to combat these issues and mitigate the resultant consequences. Thus, the cyber security levy is aimed at providing dedicated and adequate funding for the actualization of cyber security initiatives in Nigeria. However, the implementation of cybersecurity levy in Nigeria has generated unimagined public resistance. This study therefore sought to examine the Legality or otherwise of the imposition of cybersecurity levy in (...) Nigeria. The specific objective of this research was to establish the legal basis, if any, that justifies the imposition of cybersecurity levy in Nigeria and to make salient recommendations on how to effectively surmount the challenges and concerns relating to the imposition of the levy. The research design and methodology was doctrinal approach, using analytical and descriptive research methodology. The main sources of data collection were various legal documents and materials, both from the library and the internet, and covering both the primary sources and the secondary sources, including decided cases. In this work, it was discovered among others that cybersecurity levy is the 0.5% (0.005) levy imposed on all electronic transactions by applicable businesses as provided under the Cybercrime (Prohibition, Prevention, etc) Act (as amended) 2024. It is further observed that the financial support realised through this levy will help in developing and implementing strategies to safeguard Nigeria's digital infrastructure and combat cybercrimes effectively. In the end, it was recommended among other things that a clearer provision on the implementation of the cybersecurity levy be made by the Act in order to provide a uniform implementation guideline for the levy. (shrink)

The growing threats of cyber-attacks has undoubtedly, prompted the need for improved security measures to combat these issues and mitigate the resultant consequences. Thus, the cyber security levy is aimed at providing dedicated and adequate funding for the actualization of cyber security initiatives in Nigeria. However, the implementation of cybersecurity levy in Nigeria has generated unimagined public resistance. This study therefore sought to examine the Legality or otherwise of the imposition of cybersecurity levy in (...) Nigeria. The specific objective of this research was to establish the legal basis, if any, that justifies the imposition of cybersecurity levy in Nigeria and to make salient recommendations on how to effectively surmount the challenges and concerns relating to the imposition of the levy. The research design and methodology was doctrinal approach, using analytical and descriptive research methodology. The main sources of data collection were various legal documents and materials, both from the library and the internet, and covering both the primary sources and the secondary sources, including decided cases. In this work, it was discovered among others that cybersecurity levy is the 0.5% (0.005) levy imposed on all electronic transactions by applicable businesses as provided under the Cybercrime (Prohibition, Prevention, etc) Act (as amended) 2024. It is further observed that the financial support realised through this levy will help in developing and implementing strategies to safeguard Nigeria's digital infrastructure and combat cybercrimes effectively. In the end, it was recommended among other things that a clearer provision on the implementation of the cybersecurity levy be made by the Act in order to provide a uniform implementation guideline for the levy. (shrink)

האם לאנושות יש אינטרס לפתח פילוסופיה של אבטחת סייבר כדיסציפלינה פילוסופית | מאת: הילל קוברובסקי | תוכן המאמר לפי נושאים | 1. מבוא - מהם האתגרים בתחילת הדרך על מנת לבנות מהיסוד ולפתח דיסציפלינה חדשה בתחום הפילוסופיה | 2. מהי משמעות המושג "מרחב הסייבר" לעומת "אבטחת הסייבר", מהם גבולות התיחום של הענף הקרוי סייבר | 3. מהי פילוסופיה ?, מהן הפילוסופיות שיכולות להוות השפעה עבור הפילוסופיה של אבטחת הסייבר | 4. מהן הבעיות והשאלות המהותיות בהן צריכה לדון הפילוסופיה של אבטחת (...) הסייבר | 5. מהם הגורמים שיכולים להוות קטליזטור להתפתחות דיסציפלינה פילוסופית עצמאית בתחום אבטחת הסייבר | 6. סיכום – האם לאנושות יש אינטרס לפתח פילוסופיה של אבטחת הסייבר כדיסציפלינה פילוסופית. (shrink)

The increasing complexity and volume of cyber threats necessitate a more advanced and proactive approach to cybersecurity. Traditional Security Operations Centers (SOCs) rely on rule-based systems and manual analysis, which are often insufficient to counter evolving attack vectors. Artificial Intelligence (AI), particularly Machine Learning (ML) and Blockchain technology, has emerged as a game-changer in enhancing SOC operations, improving threat detection, response, and mitigation capabilities. Machine Learning algorithms can analyze vast amounts of security data in real time, identifying (...) anomalies and predicting potential threats with higher accuracy than conventional methods. ML-driven threat intelligence enables SOCs to detect zero-day attacks, automate incident response, and reduce false positives, thereby increasing operational efficiency. Additionally, AI-powered automation allows security analysts to focus on strategic threat mitigation rather than being overwhelmed by repetitive tasks. Blockchain technology further strengthens cybersecurity by providing an immutable, decentralized, and transparent framework for securing digital transactions and communications. Its application in SOC operations includes secure identity management, tamper-proof logging of security events, and decentralized threat intelligence sharing. By integrating blockchain with AI, SOCs can ensure data integrity, enhance collaboration across organizations, and reduce insider threats. This paper explores the synergy between AI, ML, and Blockchain in modern SOC environments. It discusses their combined potential to transform cybersecurity operations by enabling intelligent automation, realtime threat analysis, and secure data management. Furthermore, it highlights challenges such as computational overhead, integration complexity, and privacy concerns that must be addressed to maximize the benefits of these technologies. (shrink)

The increasing rate and sophistication of cyber attacks pose a major risk to health data security. Traditional security systems cannot handle advanced ransomware, insider threats, and phishing attacks and hence incorporation of artificial intelligence (AI) into cybersecurity solutions becomes the need of the hour. AI-based security solutions leverage machine learning, behavior analysis, and real-time anomaly detection to identify and counter threats before they affect sensitive patient information. This study examines real-world case studies where AI successfully prevented (...) cyberattacks in healthcare settings, including a major U.S. hospital mitigating a ransomware attack, a European health system detecting insider threats, and a telemedicine platform blocking phishing attempts. The findings demonstrate AI’s superior threat detection, rapid response capabilities, and potential to enhance regulatory compliance. Even with significant advancements introduced by AI, challenges such as false positives, data privacy, and ethics exist. This article highlights the pioneering function of AI in protecting healthcare data and presents a vision on the future of AI-based cyber protection. (shrink)

The rapid evolution of cloud computing and the increasing sophistication of cyber threats have necessitated a paradigm shift in the approach to cybersecurity. The rapid growth of cloud computing has revolutionized business operations with unparalleled scalability, flexibility, and access to enormous computational power. Nevertheless, exponential growth has also led to an exponential rise in security threats, with cloud environments being the main target for cyberattacks. Conventional security controls lag behind the rising complexity of these threats. Artificial intelligence (...) (AI) has become a revolutionary solution to the problem, providing sophisticated capabilities that strengthen the security posture of cloud environments. This paper discusses the potential role of AI in shaping future cloud security, with an emphasis on its potential to facilitate real-time threat detection, automated response, and predict future vulnerabilities. Through an examination of AI-driven innovations in cloud security, this paper tries to shed light on how companies can use AI in a manner that will improve security, reduce cost, and improve operational resilience. (shrink)

The growing sophistication and frequency of cyber threats stressed the limitations of traditional reactive cyber security approaches. Organizations are turning to Artificial Intelligence (AI) to improve cyber risk management through predictive capacities. This article investigates the role of AI-oriented predictive analysis in providing and mitigating security incidents. Analyzing historical cyber safety data and leveraging machine learning models as a temporal series forecast, anomaly detection, and supervised classification-ESTE study evaluate the ability of AI systems to (...) anticipate potential threats and support proactive mitigation strategies. A mixed method research project combines case study analysis with empirical evaluation of AI model performance selected using threat data sets available to the public. The results show that AI-based predictive systems can significantly increase the accuracy and punctuality of cyber threat prediction, thus improving the preparation and organizational response. However, challenges related to data quality, model transparency, and ethical considerations persist. The article concludes with recommendations to integrate AI in corporate cyber risk structures and highlights directions for future and explainable AI research for cyber security. (shrink)

This research develops a CNN-based deep learning model to predict cyberattacks in computer networks and compares it with an LSTM model. Materials and Methods: It considered two groups: Group 1 (LSTM) and Group 2 (CNN) of 26 samples each with a G Power of 80%, a threshold of 0.05, and a 95% confidence interval. Result: The CNN model outperformed the LSTM model in accuracy, 92.56% to 96.74%, while the LSTM model ranged between 85.42% to 91.87%. In addition, CNN had lower (...) false positive rates ranging from 2.87% to 4.14% compared to LSTM, which had 4.32% to 6.89%. CNN also had a better stability, with a standard deviation of 1.6743, whereas LSTM had 2.8567. Conclusion: These results confirm the effectiveness of CNN in cyberattack detection, consistent with studies on cybersecurity and AI-based threat detection. (shrink)

With the widespread adoption of mobile devices, Android Debug Bridge (ADB) has become a vital utility for developers and system administrators. However, its open nature presents significant security concerns when left unsecured. This project addresses the potential threats posed by improper ADB usage and introduces a custom-built forensic and security analysis tool designed for cyber security analysts and law enforcement professionals. Leveraging ADB commands, the tool extracts critical data such as logs, installed applications, and system information. (...) On rooted devices, it further enables Wi-Fi password recovery and deeper file system access. To ensure accessibility and ease of use, the tool features an intuitive graphical user interface, bridging the gap between technical forensic capabilities and practical usability in real-world investigative scenarios. (shrink)

The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the (...) national security of any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified. (shrink)

Storage Area Network (SAN) security has emerged as a critical component of modern enterprise infrastructure, addressing the challenges posed by exponential data growth and evolving cyber threats. This technical article examines the fundamental components and implementation strategies for securing SAN environments, encompassing access control management, data protection mechanisms, network security infrastructure, physical security controls, compliance frameworks, and best practices. The comprehensive article covers advanced technologies including artificial intelligence-driven monitoring systems, quantumresistant encryption protocols, and automated incident response (...) capabilities, while highlighting the importance of maintaining a balance between security measures and operational efficiency. Through the integration of multiple security layers and automated controls, organizations can establish robust defense mechanisms against emerging threats while ensuring optimal performance of their storage infrastructure. (shrink)

The present paper is an attempt to discuss issues and challenges of Cyber Crime in India from an ethical perspective. Ethics is a branch of philosophy which deals with what is considered to be right or wrong. The ethics centers and program devoted to busin age for several re crime’. The advancement ess ethics, legal ethics, bioethics, medical ethics, engineering ethics, and computer ethics have sprung up. Cyber crime is emerging as a serious threat. Computer Technology is one (...) of the important general purpose Technologies in today’s asons. Today it is used in almost all the organizations, institutions, and people. Computer technology makes the life so speedy and fast, but hurled under the eclipse of threat from the deadliest type of criminality termed as 'Cyber of IT brings so many facilities to us; but also brings so many problems and challenges too and out of which Cyber Crime is a kind of offence which deals with the cyber world which includes computer security, information security, and mobile security too. The increasing number of crimes in the field of Information Technology brings a big attraction to Cyber Crime to everyone. (shrink)

Since security threats in IoT-enabled smart cities may not appear clear and present to detection mechanisms, efforts have been made to use artificial intelligence methods for anomaly detection. Anomaly detection has been performed using unsupervised learning approaches (Autoencoders, GANs, One Class SVMs) in turn, with these instances considered security threats. In addition, an element for patches and traffic redirection in real time is included in the framework. Results show that the AI detection in general has much more (...) class='Hi'>security resilience, decreasing possible attack vectors. This makes the integration of various features like AI, blockchain, and IDS for a solid IoT security a must. Since security threats in IoT-enabled smart cities may not appear clear and present to detection mechanisms, efforts have been made to use artificial intelligence methods for anomaly detection. Anomaly detection has been performed using unsupervised learning approaches (Autoencoders, GANs, One-Class SVMs) in turn, with these instances considered security threats. In addition, an element for patches and traffic redirection in real time is included in the framework. Results show that the AI detection in general has much more security resilience, decreasing possible attack vectors. This makes the integration of various features like AI, blockchain, and IDS for a solid IoT security a must. (shrink)

This paper examines the increasing importance of robust cybersecurity measures in the digital payments industry. As the volume and value of online financial transactions continue to grow exponentially, the sector faces a corresponding surge in cyber-attacks, necessitating advanced cybersecurity protocols. This study explores key cybersecurity measures and implementation strategies, including encryption, multi-factor authentication (MFA), tokenization, artificial intelligence (AI)- based fraud detection, and regulatory compliance, to safeguard digital payments against various cyber threats. Through a detailed review of existing literature, (...) case studies, and statistical analysis, the article provides strategic insights into how organizations can enhance security in digital payment ecosystems, maintain compliance, and achieve resilience in the face of evolving cyber threats. (shrink)

The adoption of multi-cloud environments has become a strategic necessity for organizations seeking scalability, flexibility, and operational efficiency. However, distributing workloads across multiple cloud providers introduces significant security challenges, including authentication vulnerabilities, inconsistent security policies, data breaches, and compliance risks. Traditional security approaches often fail to address the complexity of multi-cloud ecosystems, requiring a more comprehensive risk mitigation strategy. This paper analyses key security risks in multi-cloud architectures and evaluates industry-standard risk assessment frameworks to prioritize effective (...) countermeasures. Our findings indicate that authentication, access control, and secure cloud networking are the most critical areas requiring immediate attention. Threats such as identity mismanagement, insecure data transfers, and lack of unified monitoring further escalate security concerns. To mitigate these risks, we propose a combination of zero-trust architecture, robust identity and access management (IAM), encryption protocols, and AI-driven threat detection. Implementing these strategies can enhance data integrity, regulatory compliance, and overall cloud security posture. By adopting a proactive approach, IT leaders can optimize cybersecurity investments and ensure the resilience of multi-cloud environments. This study provides actionable insights to strengthen security in distributed cloud architectures, enabling organizations to defend against evolving cyber threats. (shrink)

As part of their digital transformation, financial service companies can greatly benefit from the implementation of a microservice architecture. We can build a service-oriented architecture (SOA) application using the architecture to enhance its overall performance and maintainability. This enables the application to consist of several smaller components that operate independently and simultaneously. In the financial services industry, the accuracy of artifact states holds immense significance. Given that an inaccurate artifact state or anomalous artifact operation(s) could potentially ruin the entire application, (...) it is crucial to conduct an analysis of the artifact operations within each microservice during the design process. In this study, we present a technique for identifying anomalies through the characteristics of artifacts associated with the microservice architecture. Following this, we identify the properties of artifacts. As a result of technological improvements and shifting client expectations, the financial sector is currently going through a tremendous upheaval. Among these advancements, microservices architecture has emerged as a key enabler of agility, scalability, and innovation in banking systems. This paper delves into the relationship between microservices and banking security, emphasizing the use of microservices to strengthen financial systems in the face of growing cyber security risks. The microservices architecture simplifies the development, deployment, and scalability of big financial applications by separating them into smaller, self-contained services. This modular approach not only makes the system more reliable and helps separate problems, but it also makes continuous integration and delivery (CI/CD) easier, which lets you respond quickly to changes in the market and new rules. However, the implementation of microservices introduces new security challenges, such as controlling inter-service communication, ensuring data integrity, and safeguarding against attack detection and protection. (shrink)

With more and more companies moving to cloud platforms, adequate cloud security is the topmost priority for organizations today. Conventional security tools never identify sophisticated cyber-attacks, and thus AI-based real-time anomaly detection is the need of the hour. This research investigates the application of cutting-edge machine learning, deep learning, and security analytics in identifying and handling security anomalies from cloud logs. Our methodology utilizes hybrid AI models, federated learning, and graph neural networks to provide more (...) accurate detection without breaching data privacy. Furthermore, the use of quantum-resilient cryptographic models and zero-trust principles further enhances cloud security. Cloud-native scalable technologies, decentralized security models, and real-time automated incident response systems are also utilized in this research, and hence, it is an end-to-end, adaptive, and high-performance security solution for multi-clouds. (shrink)

The adoption of multi-cloud environments has become a strategic necessity for organizations seeking scalability, flexibility, and operational efficiency. However, distributing workloads across multiple cloud providers introduces significant security challenges, including authentication vulnerabilities, inconsistent security policies, data breaches, and compliance risks. Traditional security approaches often fail to address the complexity of multi-cloud ecosystems, requiring a more comprehensive risk mitigation strategy. This paper analyses key security risks in multi-cloud architectures and evaluates industry-standard risk assessment frameworks to prioritize effective (...) countermeasures. Our findings indicate that authentication, access control, and secure cloud networking are the most critical areas requiring immediate attention. Threats such as identity mismanagement, insecure data transfers, and lack of unified monitoring further escalate security concerns. To mitigate these risks, we propose a combination of zero-trust architecture, robust identity and access management (IAM), encryption protocols, and AI-driven threat detection. Implementing these strategies can enhance data integrity, regulatory compliance, and overall cloud security posture. By adopting a proactive approach, IT leaders can optimize cybersecurity investments and ensure the resilience of multi-cloud environments. This study provides actionable insights to strengthen security in distributed cloud architectures, enabling organizations to defend against evolving cyber threats. (shrink)

This study examines adaptive information governance models to address the key issues of AI-based cloud environments, in the end aiming to enable enhanced data security and regulatory compliance. Conventional governance models fail to respond to complexity issues posed by AI-cloud integration, with this resulting in incident response shortcomings, privacy laws, and regulatory compliance identification. In response to these weaknesses, this research analyzes governance elements such as Privacy-Enhancing Technologies (PETs), ethical regulation, and incident response models using sophisticated quantitative methods such (...) as Structural Equation Modeling (SEM), Cox Proportional Hazards Modeling, and Difference-in-Differences (DiD) analysis. Results show that incident response effectiveness (β = 0.51, p < 0.001) and PET implementation (β = 0.25, p = 0.001) make noteworthy contributions to the governance outcome, with good model fit indicators (RMSEA = 0.04, CFI = 0.96) demonstrating the viability of the conceptual framework. Sectoral vulnerabilities were unearthed, and retail and technology sectors reported a 25% greater incident threat with less effective controls. Use of PETs, including homomorphic encryption and federated learning, greatly enhanced data utility and privacy compliance, especially for high-risk industries. The study guides the use of next-generation security controls and PETs to mitigate threats and assist in compliance with regulations, especially in high-security industry. Additionally, ongoing calibration of AI-pushed incident response routines is critical to lessening the effect of ever-evolving cyber threats. Ethical leadership should be made stronger to offer justice, responsibility, and public trust in AI solutions adopted within cloud settings. These strategic recommendations provide an organizations' handbook on how to establish safe, compliant, and ethically regulated AIbased cloud environments. (shrink)

COVID-19 is the new standard for forced changes in the workforce, forcing the adoption of remote and hybrid work environments globally. It was in the period of this rapid adoption of distributed work environments that new opportunities for flexibility and productivity were opened up, but fundamental weaknesses of conventional notions of cybersecurity were unveiled. As employees connect to company networks from a plethora of different places and different types of devices, situations were complex at the corporate level to ensure that (...) security measures remained adequately stringent. New threats came to the fore, such as endpoint devices that have added more risks since they were unsecured home networks and the use of personal devices (BYOD). All these changes raised the concern of a new security model for the enterprise whereby new, fresh methods of dealing with the issue emphasize strategies which accommodate the change, and we affirm the need to put in place security architecture that will help protect the valuable enterprise assets. This paper looks at the new challenges of defending the widely dispersed employee base and offers an integrated solution for protecting the modern enterprise. To address risks inherent in the current working environments, the framework seeks to address concerns of identity-centric security and zero-trust and apply emerging technologies in threat intelligence. Using knowledge acquired by current cyber assaults and actual programs, the research provides numerous substantial approaches to countering current and potential cyber threats. The research also identifies the main recommendations for enterprises operating in this environment, including the need for active management of risks and constant adaptation to threats. (shrink)

The time window between the disclosure of a new cyber vulnerability and its use by cybercriminals has been getting smaller and smaller over time. Recent episodes, such as the Log4j vulnerability, exemplify this well. Within hours after the exploit being released, attackers started scanning the internet looking for vulnerable hosts to deploy threats like crypto currency miners and ransom ware on vulnerable systems. Thus, it becomes imperative for the cybersecurity defense strategy to detect threats and their capabilities as early (...) as possible to maximize the success of prevention actions. Although crucial, discovering new threats is a challenging activity for security analysts due to the immense volume of data and information sources to be analyzed for signs that a threat is emerging. In this sense, we present a framework for automatic identification and profiling of emerging threats using Twitter messages as a source of events and MITRE ATT&CK as a source of knowledge for threat characterization. The framework comprises three main parts: identification of cyber threats and their names; profiling the identified threat in terms of its intentions or goals by employing two machine learning layers to filter and classify tweets; and alarm generation based on the threat’s risk . The main contribution of our work is the approach to characterize or profile the identified threats in terms of their intentions or goals, providing additional context on the threat and avenues for mitigation. In our experiments, the profiling stage reached an F1 score of 77% in correctly profiling discovered threats. (shrink)

The proliferation of multi-cloud architectures has introduced significant complexities in cyber security, necessitating advanced solutions to safeguard distributed infrastructures. Traditional security models often fall short in addressing the dynamic and heterogeneous nature of multi-cloud environments. Artificial Intelligence (AI) has emerged as a transformative force in enhancing threat detection capabilities, offering proactive and adaptive security measures. This paper explores the integration of AI - driven threat detection systems within multi-cloud frameworks, emphasizing their role in identifying and mitigating (...) security threats in real-time. AI technologies, particularly machine learning algorithms, enable the analysis of vast amounts of data across diverse cloud platforms, facilitating the detection of anomalous patterns and potential threats. By leveraging predictive analytics, AI systems can anticipate and neutralize threats before they manifest, thereby reducing the risk of data breaches and system compromises. Furthermore, AI enhances the efficiency of Security Information and Event Management (SIEM) systems by automating the correlation and analysis of security events, leading to faster incident response times. The implementation of AI - driven threat detection in multi-cloud environments also addresses challenges related to scalability and resource optimization. AI systems can dynamically adjust to varying workloads and security demands, ensuring consistent protection across all cloud platforms. This adaptability is crucial in maintaining robust security postures amidst the evolving threat landscape. In conclusion, the adoption of AI-driven threat detection systems in multi-cloud environments represents a significant advancement in cyber security practices. By providing proactive, scalable, and efficient security measures, AI contributes to the resilience and integrity of multi-cloud infrastructures, safeguarding organizations against an increasingly sophisticated array of cyber threats. (shrink)

: As organizations continue to adopt cloud computing for its numerous advantages—such as scalability, cost-efficiency, and flexibility—the need to secure digital assets within the cloud has never been more critical. Cloud security faces unique challenges due to the distributed and multi-tenant nature of cloud services. Cyber-attacks, data breaches, and misconfigurations are among the prominent risks that threaten the integrity, confidentiality, and availability of cloud-based data and applications. In this paper, we explore CloudGuard, an advanced security framework designed (...) to protect organizations' digital assets in the cloud. This fortress security approach focuses on implementing multiple layers of protection through cutting-edge technologies, such as encryption, identity and access management (IAM), threat intelligence, and security automation. We also highlight the integration of AI and Machine Learning to improve threat detection and response times, and blockchain's potential in ensuring data integrity and privacy. Through a comprehensive analysis, this paper outlines practical strategies for organizations to adopt CloudGuard and strengthen their security posture against evolving cyber threats in the digital world. (shrink)

In an era of unprecedented digital transformation, safeguarding business operations against cyber threats while adhering to stringent regulatory standards is of paramount importance. Pega, a leader in business process automation and customer engagement solutions, has significantly strengthened its platform to tackle the dual challenges of cybersecurity and regulatory compliance. This article explores Pega’s innovative approach to security and compliance, detailing how the platform has integrated cutting-edge security measures such as real-time threat detection, secure data handling, and compliance (...) controls. These features are designed to ensure robust protection for businesses in an increasingly interconnected and digital environment. By examining the platform’s built-in security infrastructure, compliance monitoring, and risk management capabilities, the paper sheds light on how Pega’s solutions align with evolving regulatory requirements, providing businesses with the tools they need to mitigate security risks, comply with industry standards, and secure sensitive data. Through detailed analysis, we assess the impact of Pega’s security innovations in strengthening the cybersecurity and compliance posture of enterprises and explore future trends that could shape the evolving digital frontier. (shrink)

Cyber espionage campaigns pose significant challenges to global security, exploiting vulnerabilities in network infrastructures. This research paper explores advanced network traffic analysis models tailored for detecting sophisticated cyber espionage operations. The study focuses on leveraging machine learning algorithms, anomaly detection systems, and hybrid threat detection frameworks to identify subtle yet malicious activities within network traffic. Through a review of research, this paper synthesizes key findings and outlines practical applications, offering a roadmap for enhancing cybersecurity frameworks. Findings highlight (...) the efficacy of deep learning and unsupervised models in mitigating espionage-related risks, paving the way for more robust detection systems. (shrink)

The rapid growth of digital technologies has heightened cybersecurity and data protection issues, putting individuals and organizations at risk of surveillance, cyber-attacks, and data misuse. The collection of large amounts of data by governments and companies has sparked worries about ethics and the law and cyberattacks such as ransomware and significant data theft incidents demonstrate major security weaknesses. This paper examines the nexus of cybersecurity and privacy, specifically investigating state-sponsored espionage, algorithmic data profiling, and regulatory frameworks. The analysis (...) investigates the consequences of artificial intelligence, networked systems, and developing legal frameworks in reducing potential hazards. The study emphasizes the importance of prioritizing digital assets through proactive methods that incorporate encryption, decentralized security, and a privacy-by-design approach. It also assesses litigation trends, open government laws, and privacy governance within the digital environment. This research emphasizes the requirement for a comprehensive cybersecurity system and responsible data protection guidelines through a multidisciplinary approach combining legal, technical, and regulatory viewpoints in an age of widespread digital monitoring. (shrink)

This book aims to provide a comprehensive analysis of Advanced Persistent Threats (APTs), including their characteristics, origins, methods, consequences, and defense strategies, with a focus on detecting these threats. It explores the concept of advanced persistent threats in the context of cyber security and cyber warfare. APTs represent one of the most insidious and challenging forms of cyber threats, characterized by their sophistication, persistence, and targeted nature. The paper examines the origins, characteristics and methods used by (...) APT actors. It also explores the complexities associated with APT detection, analyzing the evolving tactics used by threat actors and the corresponding advances in detection methodologies. It highlights the importance of a multi-faceted approach that integrates technological innovations with proactive defense strategies to effectively identify and mitigate APT. (shrink)

Hybrid cloud environments combine private and public cloud infrastructures to optimize security, scalability, and cost-effectiveness. However, ensuring secure access control in such environments remains a critical challenge due to dynamic workloads, multi-tenancy, and cross-cloud authentication complexities. This paper explores access control models tailored for secure hybrid cloud deployment, focusing on Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and emerging Zero Trust principles. We analyze their effectiveness in mitigating unauthorized access, privilege escalation, and insider threats. Additionally, a novel hybrid (...) model integrating RBAC and ABAC is proposed to enhance security and flexibility while ensuring compliance with regulatory frameworks. The study also highlights the role of federated identity management and blockchain-based access control mechanisms in strengthening authentication and authorization in hybrid cloud environments. The results indicate that adaptive access control strategies can significantly enhance security without compromising performance. Future research should focus on AI-driven access control mechanisms and self-learning security models to further improve dynamic access control in hybrid cloud settings. (shrink)

A contemporary cybersecurity strategy known as the Zero Trust Security Model aims to eradicate implicit trust and ensure uninterrupted authentication for every user, device, and application. Zero Trust security models diverge from conventional perimeter-based security by anticipating threats within and beyond the network, necessitating rigorous authentication and limitations on user access privileges. Components like Multi-Factor Authentication (MFA), Zero Trust Network Access (ZTNA), micro-segmentation, and AI-driven threat detection strengthen security by reducing vulnerabilities and stopping unauthorized access. The (...) integration of Artificial Intelligence and Machine Learning enhances Zero Trust by facilitating real-time risk assessment and automated reaction to security incidents. Implementation of Zero Trust security comes with its own set of difficulties, such as the intricacies of deployment, problems with integration, and worries about the user experience. As cyber threats become increasingly complex, organizations must place a high priority on implementing Zero Trust to guarantee robust security in cloud-based and hybrid work environments. This study examines the core concepts of Zero Trust, its fundamental technologies, deployment methods, and practical examples to demonstrate its efficacy in safeguarding digital resources. By implementing a Zero Trust model, businesses can substantially lower their cybersecurity vulnerabilities and enhance adherence to regulatory requirements. The research indicates that Zero Trust is a fundamental security strategy for contemporary businesses, providing sustained defense against progressively sophisticated threats. (shrink)

As applications increasingly handle sensitive and personal information, ensuring the security of this data has become a critical concern across industries such as finance, healthcare, and e-commerce. Traditional security mechanisms that rely on single-point protection models are no longer sufficient to mitigate the growing complexity and frequency of cyber threats. This paper presents a comprehensive Layered App Security Architecture aimed at safeguarding sensitive data through a multi-tiered defense approach. The proposed framework incorporates security controls at (...) every architectural layer, from the user interface to the backend data storage systems, aligning with the principles of defense-in-depth and zero trust. (shrink)

The increasing complexity of modern networks has amplified the challenges associated with ensuring robust and scalable security. With the rapid evolution of cyber threats, traditional methods of network security management are often inadequate, leading to inefficiencies and vulnerabilities. Automation has emerged as a transformative approach to streamline network operations, enhance security postures, and reduce the margin of human error. This study explores the integration of Ansible, a powerful open-source automation tool, into network security workflows to (...) deliver a comprehensive framework for secure network automation. This research begins by examining the limitations of conventional network security management, emphasizing the time-intensive and error-prone nature of manual configurations. It highlights how automation, specifically using Ansible, addresses these issues by enabling consistent, repeatable, and scalable processes. Ansible’s ability to seamlessly integrate with diverse networking devices and platforms makes it an ideal choice for automating complex network environments. The methodology involves the development of automated playbooks for various security tasks, including firewall rule management, vulnerability scanning, configuration compliance checks, and incident response. By leveraging Ansible's declarative language, these playbooks are designed to be user-friendly and adaptable, ensuring ease of deployment across networks of varying sizes and complexities. The study also incorporates real-world use cases to demonstrate the tool's effectiveness in mitigating security risks while significantly reducing administrative overhead. Furthermore, the paper evaluates the impact of automation on key performance metrics such as response time to security incidents, accuracy of configurations, and overall system uptime. The findings indicate that integrating Ansible into network security workflows not only enhances operational efficiency but also fortifies security by minimizing misconfigurations and improving threat response times. These results underscore the importance of adopting automation as a critical component of modern network security strategies. In addition to technical insights, the study addresses potential challenges, such as initial implementation costs, skill gaps, and the need for continuous updates to automation scripts to align with evolving security requirements. It provides recommendations for organizations to overcome these obstacles, including investing in employee training and adopting iterative implementation strategies. The research concludes by affirming the transformative potential of automation tools like Ansible in revolutionizing network security management. By reducing reliance on manual processes, organizations can focus their efforts on proactive threat hunting and strategic planning, thereby fostering a more resilient security infrastructure. This paper serves as a comprehensive guide for network administrators and IT professionals seeking to leverage Ansible for secure network automation, providing both theoretical insights and practical solutions to enhance network security in an increasingly dynamic cyber landscape. (shrink)

The Real-Time Cyber Threat Detection and Response System is an intelligent security framework designed to proactively identify, analyze, and respond to cyber threats in real time. With the growing sophistication of cyberattacks targeting critical infrastructure, traditional static defense mechanisms are no longer sufficient. This system addresses that gap by leveraging machine learning algorithms and dimensionality reduction techniques such as Principal Component Analysis (PCA) to enable accurate and efficient threat detection. The system captures input data, such as network (...) traffic or log features, and processes it through a trained machine learning model to classify instances as normal or malicious. A pre-trained model, stored using Python's pickle module, evaluates the processed input, while PCA ensures that irrelevant or redundant features are minimized to boost performance and reduce computation time. The application is deployed as a web-based interface using Flask, providing functionalities like secure data upload, dataset preview, performance visualization, and threat prediction. Users can interact with the system in real time, upload network traffic datasets, and receive instant feedback on potential threats. The platform is built to support automated response mechanisms, which can be extended to alert generation, logging, or blocking malicious activities. (shrink)

Hybrid cloud environments combine private and public cloud infrastructures to optimize security, scalability, and cost-effectiveness. However, ensuring secure access control in such environments remains a critical challenge due to dynamic workloads, multi-tenancy, and cross-cloud authentication complexities. This paper explores access control models tailored for secure hybrid cloud deployment, focusing on Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and emerging Zero Trust principles. We analyze their effectiveness in mitigating unauthorized access, privilege escalation, and insider threats. Additionally, a novel hybrid (...) model integrating RBAC and ABAC is proposed to enhance security and flexibility while ensuring compliance with regulatory frameworks. The study also highlights the role of federated identity management and blockchain-based access control mechanisms in strengthening authentication and authorization in hybrid cloud environments. The results indicate that adaptive access control strategies can significantly enhance security without compromising performance. Future research should focus on AI-driven access control mechanisms and self-learning security models to further improve dynamic access control in hybrid cloud settings. (shrink)

Cyber attackers targeting large corporations achieved a high perimeter penetration success rate during 2013, resulting in many corporations incurring financial losses. Corporate information technology leaders have a fiduciary responsibility to implement information security domain processes that effectually address the challenges for preventing and deterring information security breaches. Grounded in corporate governance theory, the purpose of this correlational study was to examine the relationship between strategic alignment, resource management, risk management, value delivery, performance measurement implementations, and information (...) class='Hi'>security governance (ISG) effectiveness in United States-based corporations. Surveys were used to collect data from 95 strategic and tactical leaders of the 500 largest for-profit United States headquartered corporations. The results of the multiple linear regression indicated the model was able to significantly predict ISG effectiveness, F(5, 89) = 3.08, p = 0.01, R² = 0.15. Strategic alignment was the only statistically significant (t = 2.401, p <= 0.018) predictor. The implications for positive social change include the potential to constructively understand the correlates of ISG effectiveness, thus increasing the propensity for consumer trust and reducing consumers' costs. (shrink)

The exponential growth of mobile banking has redefined global financial accessibility while simultaneously escalating the sophistication of cyber threats. This study presents a robust, multi-layered cybersecurity framework tailored to the evolving needs of mobile financial systems. The framework integrates three pioneering components: (1) Federated Artificial Intelligence (AI) for privacy-preserving, cross-institutional fraud detection; (2) Post-Quantum Cryptography (PQC) for long-term data integrity against emerging quantum computing threats; and (3) Adaptive Multi-Factor Authentication (A-MFA) leveraging behavioral biometrics for context-aware user verification. Experimental results, (...) drawn from simulated multi-regional banking environments, demonstrate the framework’s efficacy in real-time fraud detection (96.3% accuracy), quantum-resilient encryption (Kyber-768 and Dilithium-3 with negligible latency), and enhanced user authentication (98.1% success rate, 1.4% FRR). Furthermore, the federated learning model maintained high accuracy under non-IID conditions, underscoring its robustness in heterogeneous financial networks. This research fills critical implementation gaps in the literature and provides a scalable, regulation compliant model for secure mobile banking in the post-quantum era. The findings advocate for a proactive shift toward integrated, intelligent, and future-proof cyber defense mechanisms within the global financial ecosystem. (shrink)

In an era of increasing cyber threats, ethical hacking has emerged as a pivotal practice in strengthening network security. Ethical hacking, also known as penetration testing, involves authorized attempts to breach a network or system to uncover vulnerabilities before malicious actors can exploit them. This research paper delves into the role of ethical hacking in assessing and mitigating network vulnerabilities to fortify defenses against cyberattacks. It emphasizes the strategic importance of ethical hacking in the context of evolving cybersecurity (...) challenges and explores its practical application in organizational security frameworks. The study begins by defining ethical hacking and its ethical and legal boundaries, distinguishing it from malicious hacking activities. It examines the methodologies and tools used by ethical hackers to identify vulnerabilities, simulate attacks, and provide actionable recommendations for remediation. By mimicking the tactics of cybercriminals, ethical hackers play a critical role in uncovering weaknesses in network configurations, software applications, and hardware systems. A core focus of the research is on the importance of integrating ethical hacking into a proactive cybersecurity strategy. The paper highlights how ethical hacking helps organizations stay ahead of potential threats by identifying vulnerabilities in real time and enabling swift mitigation. Case studies from various industries, such as healthcare, finance, and technology, are analyzed to demonstrate the tangible benefits of ethical hacking in preventing data breaches, minimizing downtime, and safeguarding sensitive information. The paper also explores the challenges associated with ethical hacking, including the need for skilled professionals, the potential for system disruptions during testing, and the importance of maintaining strict compliance with legal and regulatory standards. It discusses the ethical implications of penetration testing, particularly in balancing the need for security with respect for privacy and data protection. Advancements in tools and techniques used by ethical hackers are another significant aspect of this research. The paper investigates the use of artificial intelligence (AI) and machine learning (ML) to enhance vulnerability detection and streamline testing processes. It also addresses the rise of automated penetration testing tools and their role in increasing the efficiency and accuracy of ethical hacking efforts. The findings of this research underscore the necessity of ethical hacking as an essential component of modern cybersecurity frameworks. Organizations that adopt ethical hacking as part of their security strategy gain valuable insights into their vulnerabilities and can build resilient defenses against an everevolving threat landscape. By fostering a culture of continuous testing and improvement, ethical hacking contributes to the creation of a robust and secure network environment. This paper aims to serve as a comprehensive resource for cybersecurity professionals, IT managers, and policymakers, offering insights into the best practices, tools, and techniques of ethical hacking. By leveraging the principles of ethical hacking, organizations can effectively assess vulnerabilities, enhance their security posture, and protect critical assets in the face of mounting cyber threats. (shrink)

The proliferation of Internet of Things (IoT) devices has significantly expanded the attack surface for cyber threats, necessitating robust security measures. Traditional Intrusion Detection Systems (IDS) often rely on centralized architectures, which can compromise data privacy and scalability. This paper explores the integration of Federated Learning (FL) into IDS for IoT networks, enabling decentralized model training while preserving data privacy. By leveraging local computation and aggregating model updates, FL facilitates collaborative learning across distributed IoT devices. The proposed approach (...) aims to enhance detection accuracy, reduce latency, and maintain user privacy, addressing the challenges posed by the dynamic and heterogeneous nature of IoT environments. (shrink)

Phishing attacks are major threats to email security and pose challenges, while cyber attackers utilize increasingly sophisticated means to deceive the user and steal away important information. Well-established ways of detecting phishing attacks, such as rule-based systems or simple machine-learning models, usually cannot deal efficiently with such advanced threats. This research proposes an approach to detect phishing attacks on email systems, which deploys natural language processing and deep learning technologies. The method proposes to improve the detection accuracies and (...) efficiencies of phishing emails, which consequently enhances the protection of emails against popular cyberattack attempts and aids in securing users from such attacks. The research involves designing an active model that utilizes the strength of NLP-based text analysis for DL-oriented pattern identification. The NLP techniques used in this study include tokenization, stop-word removal, and context- based analysis to extract significant features from the email messages. Such context information greatly helps this model differentiate between actual emails and phishing ones. Deep learning algorithms exploited here are based on CNN and LSTM networks, offering sinusoidally varying parameters for optimum recognition of patterns from different perspectives in the email data's spatial and temporal domains. The experiment results validated that the hybrid model was far superior to the conventional methods in robbing phish attack detection. The model stood at an accuracy of 97.5%, much ahead of the baseline models purely having rule-based systems or traditional machine learning algorithms. The model also performed well under real-time detection conditions, with low latency and high throughput support for deployment in an active email environment. Evidence of the model's capability to sense new variants of future phishing threats also came in the automatic updating and continuous learning, thus making it applicable to newly emerging threats. The study's practical implications are numerous in providing advances in email protection. Companies can use the model to ward off phishing attacks with reduced chances of data breaches and financial loss. Due to its low cost and scalable features, this solution can be used in organizations from small- and medium-sized to large enterprise levels. The improved detection of phishing attacks brings organizations closer to compliance with data protection and cybersecurity regulations, thus minimizing their chances of noncompliance and the fines that come with it. Future research paths include exploring even newer NLP methods consisting of transformer-based models for feature extraction about contextual understanding. Exploring hybrid approaches that can merge DL with other techniques, such as reinforcement learning in ML, will create a more robust and adaptive phishing filter. Future fields for research are multimodal data, that is, a mixture of email metadata and behavior. Merely considering hybrid techniques merging artificial intelligence with machine learning approaches such as reinforcement learning can generate an even more robust and adaptive phishing filter. Coupling all these technical solutions with user awareness and education programs would greatly enhance overall security. (shrink)

Pension service institutions are quickly going digital as they cope with increased service requirements, the demands of regulatory compliance, and challenges posed by cybersecurity. Legacy pension management systems usually have limited scope, are inefficient, and do not provide security on-premise infrastructure (Gartner, 2023). These aspects result in inefficiencies that create delays in processing pensions, an increase in the risk of fraud, and escalated operational costs (Ponemon Institute, 2023). The most critical aspect regarding pension transactions involves the secure, efficient, and (...) scalable service delivery because it entails sensitive financial information; therefore, it becomes very important to governments, financial institutions, and private organizations (Forrester Research, 2022). This research proposes the Azure-based framework aiming to enhance the management of pension service requests focusing on scalability, security, AI-powered automation, and regulatory compliance. The proposed system uses Azure Virtual Machines, Azure Kubernetes Service, and Load Balancers to perform the optimized resource provisioning for high availability. A zero-trust security model has been categorized to protect pension data from cyber threats, reinforced with Azure Active Directory, Key Vault, Multi-Factor Authentication, and the Reserve (ISO 2021). The research also embeds Azure Bot Services and Azure Cognitive Services as an AI-driven anti-fraud detection tool integrated into the system to automate customer service and workflow management within the fraud prevention ecosystem (Accenture, 2023). Automatic rule enforcement and real-time security monitoring could ensure compliance with GDPR, HIPAA, and ISO 27001 (Microsoft, 2023). In the research approach to systematic architectural design, Infrastructure as a Service and Platform as a Service is combined using encryption techniques with the Azure Key Vault and private cloud connectivity with Azure ExpressRoute. AI-based pension request processing along with prescriptive analytics and real-time fraud detection with Azure Machine Learning and Synapse Analytics complete the solution proposed. A performance evaluation framework was developed to assess enhancements in processing time for pension requests and reduction of fraudulent claims as well as scaling of the system during peak loads and compliance adherence under security audits. The empirical evidence gained from real-life business cases shows that pension automation based on Azure reduces the time for pension processing by as much as 80%, drastically improving service efficiency (PwC, 2022). Whereas the AI-based mechanism for the detection of fraud reduces fraudulent claims for pensions by 70% (IBM Cloud Research, 2022), Azure guarantees 99.99% uptime with its highly available configurations. Enhanced compliance monitoring, with a reduction in policy violation incidents by 60% (ISO, 2023), is another feature of the system. Future research will look toward blockchain for transaction management of pension funds, further down in edge computing for quicker processing, and AI for investment advisory systems in pension management, all aimed at optimizing pension services management. This research propagates the cause of digital transformation in pension management through a demonstration of a secure, scalable, and AI-enabled model with further extensibility toward healthcare benefits, insurance claims, and the automation of financial services. (shrink)

The study investigated the nature, causes, and effects of cybercrime on the world economy: Implication for computer Education. Descriptive Survey designs were adopted and carried out at Nwafor Orizu College of Education Nsugbe. Three hundred and thirty-five (335) students formed the population of the study that was randomly selected from population of six hundred (600) students in the institution. The questionnaire that elicited data on the study was developed by the researcher, duly validated. The reliability of the instrument was tested (...) using Pearson Products movement correlation co-efficient of 0.77 after the pilot study. In the analysis of data, mean and standard deviation were used. The data analysis revealed that hacking, cyber theft, spamming, economics and financial fraud, phishing are the nature of cyber crime committed on the network. This may cause by unemployment, poverty rate, corruption, proliferation of Cybercafés, etc. It was found that effects of cyber crime have given room for many side-effects in the society and entire world economy such as, high costs of security, cost of sales or lower productivity, financial fraud, increasing costs to design resources and technology to combat cyber crime, property loss etc. It was recommended among others that government should make provisions for intensive training of forensic and law enforcement agencies on ICT, so that they can track down the cyber criminals no matter how intelligent and cunning they may be. (shrink)

In today’s digital landscape, organizations leveraging Pega Business Process Management (BPM) face significant security challenges as they strive to protect sensitive business processes from evolving cyber threats. This article explores best practices for implementing robust security measures within Pega BPM environments, focusing on secure configuration settings, identity and access management (IAM), encryption standards, and real-time monitoring. By integrating Pega BPM with broader cybersecurity frameworks, organizations can proactively detect and mitigate vulnerabilities, ensuring the integrity and confidentiality of critical (...) business operations. This research highlights the importance of a holistic approach to security, combining technical measures with organizational policies to create a resilient BPM environment. Through a detailed examination of methodologies, implementation strategies, and performance evaluations, this article provides actionable insights for organizations aiming to strengthen their security posture. The findings underscore the necessity of continuous monitoring, adaptive security configurations, and alignment with industry standards to address emerging threats effectively. This study contributes to the field by identifying research gaps and offering practical recommendations for securing Pega BPM systems in an increasingly complex threat landscape. (shrink)

To secure computers and information systems from attackers taking advantage of vulnerabilities in the system to commit cybercrime, several methods have been proposed for real-time detection of vulnerabilities to improve security around information systems. Of all the proposed methods, machine learning had been the most effective method in securing a system with capabilities ranging from early detection of software vulnerabilities to real-time detection of ongoing compromise in a system. As there are different types of cyberattacks, each of the existing (...) state-of-the-art machine learning models depends on different algorithms for training which also impact their suitability for detection of a particular type of cyberattack. In this research, we analyzed each of the current state-of-the art machine learning models for different types of cyberattack detection from the past 10 years with a major emphasis on the most recent works for comparative study to identify the knowledge gap where work is still needed to be done with regard to detection of each category of cyberattack. (shrink)

The 2024 CrowdStrike Cybersecurity incident resulted in a worldwide IT disruption impacting millions of Microsoft Windows systems. In July 2024, a faulty update of CrowdStrike’s Falcon Endpoint Detection and Response (EDR) software caused widespread system crashes known as the “Blue Screen of Death” (BSOD). The event caused severe disruptions to major industries such as aviation, financial services, healthcare and emergency response systems resulting in operational shutdown, financial setbacks and global safety concerns. This study presents a detailed examination of the CrowdStrike (...) incident, focusing on the technical issues, global effects and legal consequences. The research delves into the weakness of centralized cybersecurity systems, emphasizing the dangers of putting too much trust in single-point security services. The research highlights the significance of strict testing protocols, comprehensive cybersecurity frameworks, and risk assessment strategies enhancing future cybersecurity preparedness. The CrowdStrike incident presents a compelling case study in global cybersecurity risk management, prompting organizations to reassess redundancy measures, failover mechanisms, and more decentralized security architectures in order to protect critical IT systems. (shrink)

The heightened digitization of the healthcare industry has led to an exponential increase in sensitive patient data, which requires robust security models to prevent breaches, unauthorized access, and cyber attacks. Traditional security protocols are inadequate, and this has made it imperative to explore Artificial Intelligence (AI) and Blockchain as novel solutions. AI enhances healthcare cybersecurity by facilitating real-time anomaly detection, predictive analysis, and automated threat response, while blockchain offers decentralization, immutability, and secure data sharing. However, blockchain technology (...) faces major challenges for scalability and performance, as represented by lengthy transaction processing durations and high storage demands, elements that could deter its widespread adoption across the healthcare industry. To help counter these challenges, researchers are exploring Layer 2 scaling solutions, hybrid blockchain architectures, and off-chain storage strategies. In addition, cleanroom technology provides a controlled and secure environment for handling sensitive healthcare data, protecting privacy while also supporting AI-driven analytics and research collaboration. This article critically examines the intersection of blockchain and AI for healthcare security, in terms of challenges, use cases, and direction. Leveraging these technologies, health organizations can set up future-proof models of security that address data integrity, regulatory requirements, and resistance to future threats more effectively. (shrink)

The increasing number of smart devices in the Internet of Things (IoT) has led to a surge in cyber- attacks, posing significant security risks to personal and industrial systems. Traditional centralized intrusion detection systems (IDS) often face challenges related to privacy, scalability, and the heterogeneity of data generated by smart devices. This paper introduces a novel approach, Federated Learning (FL) for smart device security, to address these challenges. By utilizing FL, multiple smart devices can collaboratively learn a (...) shared intrusion detection model without exposing their raw data, ensuring privacy while improving detection accuracy. This paper presents the architecture of a federated intrusion detection system (FIDS), explores various FL algorithms suitable for smart device security, and evaluates the performance of the proposed system using real-world IoT datasets. The results show that the federated approach achieves comparable or even superior performance in detecting intrusions while preserving data privacy and reducing communication overhead. This paper concludes that federated learning has the potential to revolutionize smart device security by enabling decentralized, scalable, and privacy-preserving intrusion detection systems. (shrink)

As the adoption of cloud computing continues to grow, so do the concerns about the security of sensitive data and applications. Cloud environments are often seen as vulnerable to cyber-attacks due to their centralized nature and exposure to the internet. Edge computing, a distributed computing paradigm that brings computation and data storage closer to the data source, is emerging as a solution to enhance cloud security. By processing data closer to the edge of the network, edge computing (...) reduces the reliance on centralized cloud servers, lowering latency and mitigating risks associated with centralized cloud security models. This paper explores the integration of edge computing with cloud security, discussing how it strengthens security frameworks through reduced attack surfaces, real-time threat detection, and decentralized risk management. We examine the benefits, challenges, and performance considerations of edge computing in securing cloud environments and propose a model for implementing this hybrid approach in modern digital infrastructures. (shrink)