"It's Not Something We Have Talked to Our Team About": Results From a
Preliminary Investigation of Cybersecurity Challenges in Denmark
- URL: http://arxiv.org/abs/2007.05259v1
- Date: Fri, 10 Jul 2020 09:07:39 GMT
- Title: "It's Not Something We Have Talked to Our Team About": Results From a
Preliminary Investigation of Cybersecurity Challenges in Denmark
- Authors: Camilla Nadja Fleron, Jonas Kofod J{\o}rgensen, Oksana Kulyk, and Elda
Paja
- Abstract summary: We conducted a preliminary study running semi-structured interviews with four employees from four different companies.
Our results show that companies are lacking fundamental security protection and are in need of guidance and tools.
We discuss steps towards further investigation towards developing a framework targeting SMEs that want to adopt straightforward and actionable IT security guidance.
- Score: 0.5249805590164901
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Although Denmark is reportedly one of the most digitised countries in Europe,
IT security in Danish companies has not followed along. To shed light into the
challenges that companies experience with implementing IT security, we
conducted a preliminary study running semi-structured interviews with four
employees from four different companies, asking about their IT security and
what they need to reduce risks of cyber threats. Our results show that
companies are lacking fundamental security protection and are in need of
guidance and tools to help them implementing basic security practices, while
raising awareness of cyber threats. Based on our findings and with the
inspiration of the latest reports and international security standards, we
discuss steps towards further investigation towards developing a framework
targeting SMEs that want to adopt straightforward and actionable IT security
guidance.
Related papers
- Cross-Modality Safety Alignment [73.8765529028288]
We introduce a novel safety alignment challenge called Safe Inputs but Unsafe Output (SIUO) to evaluate cross-modality safety alignment.
To empirically investigate this problem, we developed the SIUO, a cross-modality benchmark encompassing 9 critical safety domains, such as self-harm, illegal activities, and privacy violations.
Our findings reveal substantial safety vulnerabilities in both closed- and open-source LVLMs, underscoring the inadequacy of current models to reliably interpret and respond to complex, real-world scenarios.
arXiv Detail & Related papers (2024-06-21T16:14:15Z) - A Safe Harbor for AI Evaluation and Red Teaming [124.89885800509505]
Some researchers fear that conducting such research or releasing their findings will result in account suspensions or legal reprisal.
We propose that major AI developers commit to providing a legal and technical safe harbor.
We believe these commitments are a necessary step towards more inclusive and unimpeded community efforts to tackle the risks of generative AI.
arXiv Detail & Related papers (2024-03-07T20:55:08Z) - Trust-based Approaches Towards Enhancing IoT Security: A Systematic Literature Review [3.0969632359049473]
This research paper presents a systematic literature review on the Trust-based cybersecurity security approaches for IoT.
We highlighted the common trust-based mitigation techniques in existence for dealing with these threats.
Several open issues were highlighted, and future research directions presented.
arXiv Detail & Related papers (2023-11-20T12:21:35Z) - A Systematization of Cybersecurity Regulations, Standards and Guidelines
for the Healthcare Sector [5.121113572240309]
This paper contributes a systematization of the significant cybersecurity documents relevant to the healthcare sector.
We collected the 49 most significant documents and used the NIST cybersecurity framework to categorize key information.
arXiv Detail & Related papers (2023-04-28T16:19:21Z) - Towards Safer Generative Language Models: A Survey on Safety Risks,
Evaluations, and Improvements [76.80453043969209]
This survey presents a framework for safety research pertaining to large models.
We begin by introducing safety issues of wide concern, then delve into safety evaluation methods for large models.
We explore the strategies for enhancing large model safety from training to deployment.
arXiv Detail & Related papers (2023-02-18T09:32:55Z) - Proceedings of the Artificial Intelligence for Cyber Security (AICS)
Workshop at AAAI 2022 [55.573187938617636]
The workshop will focus on the application of AI to problems in cyber security.
Cyber systems generate large volumes of data, utilizing this effectively is beyond human capabilities.
arXiv Detail & Related papers (2022-02-28T18:27:41Z) - 'They're all about pushing the products and shiny things rather than
fundamental security' Mapping Socio-technical Challenges in Securing the
Smart Home [1.52292571922932]
Insecure connected devices can cause serious threats not just to smart home owners, but also the underlying infrastructural network as well.
There has been increasing academic and regulatory interest in addressing cybersecurity risks from both the standpoint of Internet of Things (IoT) vendors and that of end-users.
We interviewed 13 experts in the field of IoT and identified three main categories of barriers to making IoT products usably secure.
arXiv Detail & Related papers (2021-05-25T08:38:36Z) - A System for Automated Open-Source Threat Intelligence Gathering and
Management [53.65687495231605]
SecurityKG is a system for automated OSCTI gathering and management.
It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
arXiv Detail & Related papers (2021-01-19T18:31:35Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z) - Elicitation of SME Requirements for Cybersecurity Solutions by Studying
Adherence to Recommendations [1.138723572165938]
Small and medium-sized enterprises (SME) have become the weak spot of our economy for cyber attacks.
One of the reasons for why many SME do not adopt cybersecurity is that developers of cybersecurity solutions understand little the SME context.
This poster describes the challenges of SME regarding cybersecurity and introduces our proposed approach to elicit requirements for cybersecurity solutions.
arXiv Detail & Related papers (2020-07-16T08:36:40Z) - SMEs' Confidentiality Concerns for Security Information Sharing [1.3452510519858993]
Small and medium-sized enterprises are considered an essential part of the EU economy, however, highly vulnerable to cyberattacks.
This paper presents the results of semi-structured interviews with seven chief information security officers of SMEs to evaluate the impact of online consent communication on motivation for information sharing.
The findings demonstrate that online consent with multiple options for indicating a suitable level of agreement improved motivation for information sharing.
arXiv Detail & Related papers (2020-07-13T10:59:40Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.