National and international organisations including NIST and ENISA have published guidance that is intended to help organisations respond to, and recover from, cyber incidents. They provide detailed information about contingency planning, about the processes needed to gather and analyse evidence, about appropriate ways to disseminate the findings from forensic investigations. Legal frameworks, i...

Industrial Control Systems (ICS) monitor and control industrial processes, and enable automation in industry facilities. Many of these facilities are regarded as Critical Infrastructures (CIs). Due to the increasing use of Commercial-Off-The-Shelf (COTS) IT products and connectivity offerings, CIs have become an attractive target for cyberattacks. A successful attack could have significant cons...

Cyber security modeling is the process of creating a normalized view of the cyber security situation. A typical cyber security model has information about the network infrastructure, security settings, and a list of possible vulnerabilities and threats. By using known vulnerabilities, and information about the infrastructure and security controls in place, the cyber security simulation allows a...

Clouds are here to stay, and the same holds for cyber-physical systems—not to forget their combination. In light of these changing paradigms, it is of utter importance to reconsider security as both introduce new challenges. Overcoming the concept of zoned networks, clouds make former internal traffic traveling the Internet. Cyber-physical systems include physical parts into computing and make ...

Industrial process-plants are an integral part of a nation’s economy and critical infrastructure. The information systems used by automated industrial plants are enticing targets of cyber attacks. However, the financial damages resulting from these cyber attacks are difficult to estimate since the resultant losses are not as tangible as physical losses. In this paper, we propose a mathematical ...

Digital technology use is increasingly impacting on the lives of young people. To gain a deeper understanding of the perceived impact of young people’s digital technology use, 2 focus groups were conducted with 14 teachers recruited from 2 schools. The focus groups were transcribed verbatim and analysed using Interpretative Phenomenological Analysis. The analysis revealed three themes: changing...

Cyber threats are serious concerns for power systems. For example, hackers may attack power control systems via interconnected enterprise networks. This paper proposes a risk assessment framework to enhance the resilience of power systems against cyber attacks. The duality element relative fuzzy evaluation method is employed to evaluate identified security vulnerabilities within cyber systems o...

Internet of Things (IoT) is the next big evolutionary step in the world of internet. The main intention behind the IoT is to enable safer living and risk mitigation on different levels of life. With the advent of IoT botnets, the view towards IoT devices has changed from enabler of enhanced living into Internet of vulnerabilities for cyber criminals. IoT botnets has exposed two different glarin...