Security controls ≈ Security controls
View article
Cybersecurity in Power Grids: Challenges and Opportunities Open
Increasing volatilities within power transmission and distribution force power grid operators to amplify their use of communication infrastructure to monitor and control their grid. The resulting increase in communication creates a larger …
View article
Exploring Sybil and Double-Spending Risks in Blockchain Systems Open
The first step to realise the true potential of blockchain systems is to explain the associated security risks and vulnerabilities. These risks and vulnerabilities, exploited by the threat agent to affect the valuable assets and services. …
View article
A systemic framework for addressing cybersecurity in construction Open
Today, the built environment is designed, built, and managed using digital technology, making it increasingly exposed to cyber security risks. Cybersecurity is a general topic, and the construction sector has been borrowing general solutio…
View article
CPS Attacks Mitigation Approaches on Power Electronic Systems With Security Challenges for Smart Grid Applications: A Review Open
This paper presents an inclusive review of the cyber-physical (CP) attacks, vulnerabilities, mitigation approaches on the power electronics and the security challenges for the smart grid applications. With the rapid evolution of the physic…
View article
A Methodology for Security Classification applied to Smart Grid Infrastructures Open
The electricity grid is an important critical infrastructure that is undergoing major changes, due to the Internet of Things (IoT) and renewable energy, heading towards the smart grid. However, besides the many good promises of the smart g…
View article
Impact analysis of false data injection attacks on power system static security assessment Open
Static security assessment (SSA) is an important procedure to ensure the static security of the power system. Researches recently show that cyber-attacks might be a critical hazard to the secure and economic operations of the power system.…
View article
Cybersecurity Enterprises Policies: A Comparative Study Open
Cybersecurity is a critical issue that must be prioritized not just by enterprises of all kinds, but also by national security. To safeguard an organization’s cyberenvironments, information, and communication technologies, many enterprises…
View article
Analysis and recommendations for the adaptability of China's power system security and stability relevant standards Open
In developing power grids, setting standards is critical to its success. The development of China's power industry has proposed new requirements for power systems to ensure secure and stable operations. The principal standards for the secu…
View article
METHODOLOGY FOR ASSESSING THE RISK ASSOCIATED WITH INFORMATION AND KNOWLEDGE LOSS MANAGEMENT Open
In practice, there is a massive time lag between data loss and its cause identification. The existing techniques perform it comprehensively, but they consume too much time, so there is a need for fast and reliable methods. The article’s pu…
View article
Managing Cyber Security Risks of the Cyber-Enabled Ship Open
One aspect of the digital transformation process in the shipping industry, a process often referred to as Shipping 4.0, is the increased digitization of on board systems that goes along with increased automation in and autonomy of the vess…
View article
Cloud Security and Compliance - A Semantic Approach in End to End Security Open
The Cloud services are becoming an essential part of many organizations. Cloud providers have to adhere to security and privacy policies to ensure their users’ data remains confidential and secure. Though there are some ongoing efforts on …
View article
Smart Grid Cyber Security Enhancement: Challenges and Solutions—A Review Open
The incorporation of communication technology with Smart Grid (SG) is proposed as an optimal solution to fulfill the requirements of the modern power system. A smart grid integrates multiple energy sources or microgrids and is supported by…
View article
An Overview of Risk Estimation Techniques in Risk-based Access Control for the Internet of Things Open
The Internet of Things (IoT) represents a modern approach where boundaries between real and digital domains are progressively eliminated by changing over consistently every physical device to smart object ready to provide valuable services…
View article
On the security aspects of Internet of Things: A systematic literature review Open
Internet of Things (IoT) has gained increasing visibility among emerging technologies and undoubtedly changing our daily life. Its adoption is strengthened by the growth of connected devices (things) as shown in recent statistics. However,…
View article
Cyber security in the nuclear industry: A closer look at digital control systems, networks and human factors Open
The development life cycle of conventional nuclear power plants (NPPs) needs to be optimized if the energy produced by advanced reactors and small modular reactors is to be competitive. One of the proposed optimisation initiatives is the d…
View article
Mapping the coverage of security controls in cyber insurance proposal forms Open
Policy discussions often assume that wider adoption of cyber insurance will promote information security best practice. However, this depends on the process that applicants need to go through to apply for cyber insurance. A typical process…
View article
Prioritization of Information Security Controls through Fuzzy AHP for Cloud Computing Networks and Wireless Sensor Networks Open
With the advent of cloud computing and wireless sensor networks, the number of cyberattacks has rapidly increased. Therefore, the proportionate security of networks has become a challenge for organizations. Information security advisors of…
View article
Aspects Regarding Safety and Security in Hotels: Romanian Experience Open
This study investigates safety and security from the perspective of Romanian tourists by assessing the level of importance that tourists give to safety and security depending on the level of classification of the services they experienced …
View article
On the (in)Security of the Control Plane of SDN Architecture: A Survey Open
Software-Defined Networking (SDN) has revolutionized the networking landscape by offering programmable control and optimization of network resources. However, SDN architecture’s inherent flexibility and centralized control expose it to new…
View article
From Internet of Threats to Internet of Things: A Cyber Security Architecture for Smart Homes Open
The H2020 European research project GHOST - Safe-Guarding Home IoT Environments with Personalised Real-time Risk Control - aims to deploy a highly effective security framework for IoT smart home residents through a novel reference architec…
View article
Continuous Quantitative Risk Management in Smart Grids Using Attack Defense Trees Open
Although the risk assessment discipline has been studied from long ago as a means to support security investment decision-making, no holistic approach exists to continuously and quantitatively analyze cyber risks in scenarios where attacks…
View article
A Comprehensive Security Analysis of a SCADA Protocol: From OSINT to Mitigation Open
It is an established fact that the security of Industrial Automation and Control Systems (IACS) \nstrongly depends on the robustness of the underlying supervisory control and data acquisition (SCADA) \nnetwork protocols (among other factor…
View article
Cyber Threat Intelligence for Improving Cybersecurity and Risk Management in Critical Infrastructure Open
Cyber-attack is one of the significant threats affecting to any organisation specifically to the Critical Infrastructure (CI) organisation. These attacks are nowadays more sophisticated, multi-vectored and less predictable, which make the …
View article
Risk and the Small-Scale Cyber Security Decision Making Dialogue—a UK Case Study Open
Despite a long-standing understanding that developments in personal and cloud computing practices would change the way we approach security, small-scale IT users (SSITUs) remain ill-served by existing cyber security practices. This paper d…
View article
Vision: Too Little too Late? Do the Risks of FemTech already Outweigh the Benefits? Open
Female-oriented technologies (FemTech) promise to enable women to take control of their bodies and lives, helping them overcome the many existing challenges in medical care and research. From lack of data about women in general, to bias an…
View article
Assessing security and privacy controls in information systems and organizations Open
This publication provides a methodology and set of procedures for conducting assessments of security and privacy controls employed within systems and organizations within an effective risk management framework. The assessment procedures, e…
View article
Discovering "unknown known" security requirements Open
Security is one of the biggest challenges facing organisations in the modern hyper-connected world. A number of theoretical security models are available that provide best practice security guidelines and are widely utilised as a basis to …
View article
Ontology-based information security compliance determination and control selection on the example of ISO 27002 Open
Purpose The purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and, therefore, the cost efficiency of the information security c…
View article
Cloud Computing Security for Multi-Cloud Service Providers: Controls and Techniques in our Modern Threat Landscape Open
Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, includ…
View article
Security-by-design in Clouds: A Security-SLA Driven Methodology to Build Secure Cloud Applications Open
This paper presents a security-by-design methodology for the development of cloud applications, which relies on Security SLAs as a means to express their security requirements. The process followed to build such Security SLAs entails the a…