Intelligent Detection and Recovery from Cyberattacks for Small and Medium-Sized Enterprises

López, Miguel Álvarez; Lombardo, Juan Manuel; López, Mabel; Alba, Carmen María; Velasco, Silvia Meseguer; Braojos, Manuel Alonso; Fuentes‐García, Marta

doi:10.9781/ijimai.2020.08.003

Cited by 7 publications

(7 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In a 2020 study by López, M.Á. on intelligent detection, the author outlined the different scenarios of cybercrime and what can be done to compensate the situation [37]. Here Lopez proposed an intelligent cybersecurity platform, which had been designed with the objective of helping SMEs to make their systems and network more secure and robust.…”

Section: Sme's View and Support On Machine Learningmentioning

confidence: 99%

“…In Lopez, M.A. et al's [37] proposal, ML techniques were used for data collecting, testing, and evaluation, and the main goal was to determine the most efficient algorithm for intrusion detection. ML algorithms for supervised detection were compared, such as C4.5 (decision tree), Bayesian network, random forest, support vector machines (SVM), and artificial neural network (ANN).…”

Section: Sme's View and Support On Machine Learningmentioning

confidence: 99%

“…Lopez, M.A. et al [37] highlighted barriers such as resources, and not having enough knowledge to set up efficient security systems, such as SIEMs, to challenges in implementing a security platform that provides this knowledge through means of ML techniques. Whilst the architecture is scalable, SMEs rely on micro-services for detection and recovery when an attack is predicted to occur.…”

Section: Sme's Cybersecurity Barriers and Challengesmentioning

confidence: 99%

See 2 more Smart Citations

Machine Learning Cybersecurity Adoption in Small and Medium Enterprises in Developed Countries

2021

View full text Add to dashboard Cite

In many developed countries, the usage of artificial intelligence (AI) and machine learning (ML) has become important in paving the future path in how data is managed and secured in the small and medium enterprises (SMEs) sector. SMEs in these developed countries have created their own cyber regimes around AI and ML. This knowledge is tested daily in how these countries’ SMEs run their businesses and identify threats and attacks, based on the support structure of the individual country. Based on recent changes to the UK General Data Protection Regulation (GDPR), Brexit, and ISO standards requirements, machine learning cybersecurity (MLCS) adoption in the UK SME market has become prevalent and a good example to lean on, amongst other developed nations. Whilst MLCS has been successfully applied in many applications, including network intrusion detection systems (NIDs) worldwide, there is still a gap in the rate of adoption of MLCS techniques for UK SMEs. Other developed countries such as Spain and Australia also fall into this category, and similarities and differences to MLCS adoptions are discussed. Applications of how MLCS is applied within these SME industries are also explored. The paper investigates, using quantitative and qualitative methods, the challenges to adopting MLCS in the SME ecosystem, and how operations are managed to promote business growth. Much like security guards and policing in the real world, the virtual world is now calling on MLCS techniques to be embedded like secret service covert operations to protect data being distributed by the millions into cyberspace. This paper will use existing global research from multiple disciplines to identify gaps and opportunities for UK SME small business cyber security. This paper will also highlight barriers and reasons for low adoption rates of MLCS in SMEs and compare success stories of larger companies implementing MLCS. The methodology uses structured quantitative and qualitative survey questionnaires, distributed across an extensive participation pool directed to the SMEs’ management and technical and non-technical professionals using stratify methods. Based on the analysis and findings, this study reveals that from the primary data obtained, SMEs have the appropriate cybersecurity packages in place but are not fully aware of their potential. Secondary data collection was run in parallel to better understand how these barriers and challenges emerged, and why the rate of adoption of MLCS was very low. The paper draws the conclusion that help through government policies and processes coupled together with collaboration could minimize cyber threats in combatting hackers and malicious actors in trying to stay ahead of the game. These aspirations can be reached by ensuring that those involved have been well trained and understand the importance of communication when applying appropriate safety processes and procedures. This paper also highlights important funding gaps that could help raise cyber security awareness in the form of grants, subsidies, and financial assistance through various public sector policies and training. Lastly, SMEs’ lack of understanding of risks and impacts of cybercrime could lead to conflicting messages between cross-company IT and cybersecurity rules. Trying to find the right balance between this risk and impact, versus productivity impact and costs, could lead to UK SMES getting over these hurdles in this cyberspace in the quest for promoting the usage of MLCS. UK and Wales governments can use the research conducted in this paper to inform and adapt their policies to help UK SMEs become more secure from cyber-attacks and compare them to other developed countries also on the same future path.

show abstract

Section: Sme's View and Support On Machine Learningmentioning

confidence: 99%

Section: Sme's View and Support On Machine Learningmentioning

confidence: 99%

Section: Sme's Cybersecurity Barriers and Challengesmentioning

confidence: 99%

See 1 more Smart Citation

Machine Learning Cybersecurity Adoption in Small and Medium Enterprises in Developed Countries

2021

View full text Add to dashboard Cite

show abstract

“…Also, it is intended to create a future collaborative environment to create and evaluate a MS-CSIRT oriented to ICS and IoT devices, between governments, international security organizations, ICS and IOT manufacturers, and companies working in this kind of environments [4], to promote a growth in security in this branch creating exclusive taxonomies [23] and galaxies in these environments within MISP, TheHIVE and cortex.…”

Section: Future Workmentioning

confidence: 99%

“…From the above information, we can see an alarming increase in costs due to information theft and breaches, types of threats and incident management; and many corporate and government companies rely on the promise of value offered by their suppliers in the different types of information security solutions. Some have the resources to be able to have a Security Operation Centre (SOC) or Computer Security Incident Response Team (CSIRT) where they can monitor and manage their IT infrastructure focusing on information security and security incident management, but small or medium sized companies do not have the capacity to access to these resources and do not introduce the protection mechanisms needed [4]. For this reason, governments have their national Cybernetic Emergencies Response Team (CERT) or CSIRT to provide support in information security incidents to government or corporate entities for the management of cyber security and cyber defense.…”

Section: Introductionmentioning

confidence: 99%

Methodology for Computer Security Incident Response Teams into IoT Strategy

2021

KSII TIIS

View full text Add to dashboard Cite

At present, the Colombian government shares information on threats or vulnerabilities in the area of cybersecurity and cyberdefense, from other government agencies or departments, on an ad-hoc basis but not in real time, with the surveillance entities of the Government of the Republic of Colombia such as the Joint Command of Cybernetic Operations (CCOCI) and the Cybernetic Emergencies Response Team of Colombia (ColCERT). This research presents the MS-CSIRT (Management System Computer Security Incident Response Teams) methodology, that is used to unify the guidelines of a CSIRT towards a joint communication command in cybersecurity for the surveillance of Information Technology (IT), Technological Operations (TO), Internet Connection Sharing (ICS) or Internet of Things (IoT) infrastructures. This methodology evaluates the level of maturity, by means of a roadmap, to establish a CSIRT as a reference framework for government entities and as a guide for the areas of information security, IT and TO to strengthen the growth of the industry 4.0. This allows the organizations to draw a line of cybersecurity policy with scope, objectives, controls, metrics, procedures and use cases for the correct coordination between ColCERT and CCOCI, as support entities in cybersecurity, and the different companies (ICS, IoT, gas and energy, mining, maritime, agroindustrial, among others) or government agencies that use this methodology.

show abstract

An Assessment of Capabilities Required for Effective Cybersecurity Incident Management - A Systematic Literature Review

Falowo,

Koshoedo,

Ozer

2023

2023 International Conference on Data Security and Privacy Protection (DSPP)

View full text Add to dashboard Cite

Intelligent Detection and Recovery from Cyberattacks for Small and Medium-Sized Enterprises

Cited by 7 publications

References 0 publications

Machine Learning Cybersecurity Adoption in Small and Medium Enterprises in Developed Countries

Machine Learning Cybersecurity Adoption in Small and Medium Enterprises in Developed Countries

Methodology for Computer Security Incident Response Teams into IoT Strategy

An Assessment of Capabilities Required for Effective Cybersecurity Incident Management - A Systematic Literature Review

Contact Info

Product

Resources

About