Resolving the cybersecurity Data Sharing Paradox to scale up cybersecurity via a co-production approach towards data sharing

Atapour-Abarghouei, Amir; McGough, Andrew Stephen; Wall, David S.

doi:10.1109/bigdata50022.2020.9378014

Cited by 5 publications

(4 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, our approach has the potential to address the so-called “cybersecurity data sharing paradox” (Atapour-Abarghouei et al , 2020) by which public and private interests clash when it comes to sharing data to combat cyber-crime. By effectively repurposing existing survey data, we reduce the number of “data requests” to organisations, a significant move in a context of data scarcity and resistance to sharing.…”

Section: Discussionmentioning

confidence: 99%

“…We tested our mechanism by repurposing data gathered from a survey of 156 large Italian businesses (249 or more employees). Our study contributes to both theory and practice in information security governance: as for the former, our quantification mechanism (and the underlying approach to data repurposing) can be utilised by other researchers who face data scarcity around information security (Atapour-Abarghouei, McGough, & Wall, 2020); as for the latter, organisational leaders can employ our mechanism to determine what their peers consider essential information security governance measures. Finally, our study offers directions for researchers willing to increase the sustainability of their research practices and maximise the efficiency of their research activities, by repurposing an existing dataset on information security.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A quantification mechanism for assessing adherence to information security governance guidelines

Bongiovanni

Renaud

Brydon

et al. 2022

ICS

View full text Add to dashboard Cite

Purpose Boards of Directors and other organisational leaders make decisions about the information security governance systems to implement in their companies. The increasing number of cyber-breaches targeting businesses makes this activity inescapable. Recently, researchers have published comprehensive lists of recommended cyber measures, specifically to inform organisational boards. However, the young cybersecurity industry has still to confirm and refine these guidelines. As a starting point, it would be helpful for organisational leaders to know what other organisations are doing in terms of using these guidelines. In an ideal world, bespoke surveys would be developed to gauge adherence to guidelines, but this is not always feasible. What we often do have is data from existing cybersecurity surveys. The authors argue that such data could be repurposed to quantify adherence to existing information security guidelines, and this paper aims to propose, and test, an original methodology to do so. Design/methodology/approach The authors propose a quantification mechanism to measure the degree of adherence to a set of published information security governance recommendations and guidelines targeted at organisational leaders. The authors test their quantification mechanism using a data set collected in a survey of 156 Italian companies on information security and privacy. Findings The evaluation of the proposed mechanism appears to align with findings in the literature, indicating the validity of the present approach. An analysis of how different industries rank in terms of their adherence to the selected set of recommendations and guidelines confirms the usability of our repurposed data set to measure adherence. Originality/value To the best of the authors’ knowledge, a quantification mechanism as the one proposed in this study has never been proposed, and tested, in the literature. It suggests a way to repurpose survey data to determine the extent to which companies are implementing measures recommended by published cybersecurity guidelines. This way, the proposed mechanism responds to increasing calls for the adoption of research practices that minimise waste of resources and enhance research sustainability.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A quantification mechanism for assessing adherence to information security governance guidelines

Bongiovanni

Renaud

Brydon

et al. 2022

ICS

View full text Add to dashboard Cite

show abstract

“…Atapour-Abarghouei et al (2020) discussed, in the context of cyber-security, this data-sharing paradox. They argue that, because all parties have differing incentives, it is difficult to obtain effective data sharing.…”

Section: Summary Of the Main Prior Knowledge Areasmentioning

confidence: 99%

‘Insight unlocked’: Applying a collective intelligence approach to engage employers in informing local skills improvement planning

Rae

Cartwright

Góngora

et al. 2023

Industry and Higher Education

View full text Add to dashboard Cite

This paper demonstrates how the innovative application of a Collective Intelligence approach enhanced Local Skills Improvement Planning information for employers, education and skills training organisations and regional economic policy organisations. This took place within a Knowledge Transfer Partnership between a Chamber of Commerce and a University. This aimed to develop and deploy regional business intelligence for enhanced policy and decision-making in enterprise and economic development. The project converged knowledge from several research centres including economics, entrepreneurship and innovation, data science, and Artificial Intelligence. The paper presents a project case study which provides two contributions to applied knowledge. Firstly, it demonstrates how a Collective Intelligence (CI) approach can be applied to achieve rapid results in resolving the real-world problem of local skills information availability. Useful real-time data was gathered from employers in three sectors on skills requirements, supply and training. This was analysed using Artificial Intelligence tools, then shared publicly via an automated Internet portal, providing a scalable model for wider use. Secondly, it explores and evaluates how the knowledge exchange (KE) process can function effectively and quickly in applying CI-based innovation in practical ways which create new value, within a Knowledge Transfer Partnership between a University and Chamber of Commerce.environment.

show abstract

“…Given these capabilities, ReFS presents a promising foundation for developing tools aimed at mitigating the ransomware threat. However, the potential of ReFS in the context of ransomware resilience remains largely untapped, with most current security solutions continuing to rely on conventional detection and prevention techniques [13]. This gap in the cybersecurity landscape motivates the development of RanAway, an Operating System (OS) add-on designed to harness the advanced features of ReFS for ransomware detection and prevention.…”

Section: Introductionmentioning

confidence: 99%

RanAway: A Novel Ransomware-Resilient ReFS File System

Long,

Liang

2024

Preprint

View full text Add to dashboard Cite

Ransomware has emerged as a pervasive threat in the cybersecurity landscape, characterized by its ability to encrypt critical data and demand ransom for its release. Traditional cybersecurity defenses often fall short against sophisticated ransomware attacks due to their reliance on signature-based detection mechanisms and inadequate preventive measures. This paper introduces RanAway, an innovative solution designed to enhance ransomware resilience by leveraging the advanced features of the Microsoft Resilient File System (ReFS). Unlike conventional file systems, ReFS offers enhanced data integrity, automatic error correction, and robust resistance to data degradation—features that are crucial for mitigating the impact of ransomware attacks. RanAway integrates with ReFS to provide real-time monitoring of file system operations, employing heuristic and behavior-based algorithms to detect and prevent ransomware activities effectively. Our findings demonstrate RanAway's significant potential in reducing the risk of ransomware attacks, highlighting its contributions to the field of cybersecurity through innovative use of file system technologies for threat resilience. The deployment of RanAway represents a paradigm shift towards a more integrated and system-level approach in combating ransomware, offering a blueprint for future developments in cybersecurity defenses.

show abstract

Resolving the cybersecurity Data Sharing Paradox to scale up cybersecurity via a co-production approach towards data sharing

Cited by 5 publications

References 19 publications

A quantification mechanism for assessing adherence to information security governance guidelines

A quantification mechanism for assessing adherence to information security governance guidelines

‘Insight unlocked’: Applying a collective intelligence approach to engage employers in informing local skills improvement planning

RanAway: A Novel Ransomware-Resilient ReFS File System

Contact Info

Product

Resources

About