About the Authors

Watson, G. R.; Mason, Andrew L.; Ackroyd, Richard

doi:10.1016/b978-0-12-420124-8.00022-3

Cited by 2 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such attacks are extremely difficult to detect, unless the attacker triggers the suspicious activity monitoring systems, or the phished user reports the event. While continuous training and cyber education is considered as the best preventative measure [4], it is easy to fall for extremely well disguised social engineering attacks [5][6][7][8]. Hence, cybersecurity focus needs to be placed on the network, and on 'employee education, training, and awareness' [9].…”

Section: Types Of Cyber Attacksmentioning

confidence: 99%

Review and Comparison of US, EU, and UK Regulations on Cyber Risk/Security of the Current Blockchain Technologies: Viewpoint from 2023

Radanliev

2023

Rev Socionetwork Strat

View full text Add to dashboard Cite

The first cryptocurrency was invented in 2008/09, but the Blockchain-Web3 concept is still in its infancy, and the cyber risk is constantly changing. Cybersecurity should also be adapting to these changes to ensure security of personal data and continuation of operations. This article starts with a comparison of existing cybersecurity standards and regulations from the National Institute of Standards and Technology (NIST) and the International Organisation for Standardisation (ISO)—ISO27001, followed by a discussion on more specific and recent standards and regulations, such as the Markets in Crypto-Assets Regulation (MiCA), Committee on Payments and Market Infrastructures and the International Organisation of Securities Commissions (CPMI-IOSCO), and more general cryptography (and post-quantum cryptography), in the context of cybersecurity. These topics are followed up by a review of recent technical reports on cyber risk/security and a discussion on cloud security questions. Comparison of Blockchain cyber risk is also performed on the recent EU standards on cyber security, including European Cybersecurity Certification Scheme (EUCS)—cloud, and US standards—The National Vulnerability Database (NVD) Common Vulnerability Scoring System (CVSS). The study includes a review of Blockchain endpoint security, and new technologies e.g., IoT. The research methodology applied is a review and case study analysing secondary data on cybersecurity. The research significance is the integration of knowledge from the United States (US), the European Union (EU), the United Kingdom (UK), and international standards and frameworks on cybersecurity that can be alighted to new Blockchain projects. The results show that cybersecurity standards are not designed in close cooperation between the two major western blocks: US and EU. In addition, while the US is still leading in this area, the security standards for cryptocurrencies, internet-of-things, and blockchain technologies have not evolved as fast as the technologies have. The key finding from this study is that although the crypto-market has grown into a multi-trillion industry, the crypto-market has also lost over 70% since its peak, causing significant financial loss for individuals and cooperation’s. Despite this significant impact to individuals and society, cybersecurity standards and financial governance regulations are still in their infancy, specifically in the UK.

show abstract

Section: Types Of Cyber Attacksmentioning

confidence: 99%

Review and Comparison of US, EU, and UK Regulations on Cyber Risk/Security of the Current Blockchain Technologies: Viewpoint from 2023

Radanliev

2023

Rev Socionetwork Strat

View full text Add to dashboard Cite

show abstract

“…It may involve obtaining information, access, or an activity. "According to Watson, Mason, and Ackroyd [2], social engineering involves various ways of manipulating an individual to obtain certain information or perform an activity. These manipulations, therefore, focus on the often weakest link in the information system, which is a person.…”

Section: Introductionmentioning

confidence: 99%

“…People who are manipulated are not aware of this and therefore there is a high risk of providing sensitive information. Therefore, for the purposes of this work, the definition of social engineering according to Watson, Mason, and Ackroyd [2] as various ways of manipulating an individual in order to obtain certain information or perform certain activity is decisive.…”

Section: Introductionmentioning

confidence: 99%

The Threat of Social Engineering and The Safety of Companies

Kotkova

Hromada

2021

2021 25th International Conference on Circuits, Systems, Communications and Computers (CSCC)

View full text Add to dashboard Cite

Social engineering is a method of attack aimed at the state, organization, or individual. It focuses on the weakest point in the use of information and communication technologies, specifically the human factor. The article deals with the issue of social engineering with a focus on the attack and the possibilities of defense against it in a commercial and manufacturing company. Several questionnaire studies were conducted, which found that only a small number of staff had been trained in the past against similar attacks. Companies still underestimate their protection, investing in new technologies, but already investing less in training employees who use them. At the same time, social engineering largely focuses on them. The article, therefore, identifies social engineering, its ways of carrying out the attack. Furthermore, the article briefly summarizes its threats as well as its history, along with an overview of the first attacks. For greater orientation in practice, the individual types of attackers, the progress of their attacks, and the relevant technical aspects are described here. An analysis of the current state of safety in the existing manufacturing and trading company was performed, namely, the specific directives that are currently in force. These were compared with current needs and appropriate measures were proposed. Based on this analysis, recommendations for improving the state of security against social engineering attacks in all companies, in general, are described at the end of the article. The most frequently used methods in practice are listed according to the survey, followed by the establishment of safety recommendations. Individual technologies are constantly evolving, newer applications are being launched on the market, and at the same time, more advanced methods for data protection need to be developed.

show abstract

About the Authors

Cited by 2 publications

References 0 publications

Review and Comparison of US, EU, and UK Regulations on Cyber Risk/Security of the Current Blockchain Technologies: Viewpoint from 2023

Review and Comparison of US, EU, and UK Regulations on Cyber Risk/Security of the Current Blockchain Technologies: Viewpoint from 2023

The Threat of Social Engineering and The Safety of Companies

Contact Info

Product

Resources

About