SoK: Anatomy of Data Breaches

Saleem, Hamza; Naveed, Muhammad

doi:10.2478/popets-2020-0067

Cited by 21 publications

(16 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Investigations revealed that the security breach had unlawfully disclosed over 3 million consumers' and about 1,000 workers' data to unauthorized parties. Along with staff employees' identities, phone numbers, postcodes, and automobile registration information, the theft included consumers' names, residences, dates of birth, marital statuses, and past payment card information (Saleem & Naveed, 2020).…”

Section: Carphone Data Breachmentioning

confidence: 99%

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

Nicho¹,

McDermott

Fakhry

et al. 2023

International Journal of Information Security and Privacy

View full text Add to dashboard Cite

Cyber-attacks targeting high-profile entities are focused, persistent, and employ common vectors with varying levels of sophistication to exploit social-technical vulnerabilities. Advanced persistent threats (APTs) deploy zero-day malware against such targets to gain entry through multiple security layers, exploiting the dynamic interplay of vulnerabilities in the target network. System dynamics (SD) offers an alternative approach to analyze non-linear, complex, and dynamic social-technical systems. This research applied SD to three high-profile APT attacks - Equifax, Carphone, and Zomato - to identify and simulate socio-technical variables leading to breaches. By modeling APTs using SD, managers can evaluate threats, predict attacks, and reduce damage by mitigating specific socio-technical cues. This study provides valuable insights into the dynamics of cyber threats, making it the first to apply SD to APTs.

show abstract

Section: Carphone Data Breachmentioning

confidence: 99%

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

Nicho¹,

McDermott

Fakhry

et al. 2023

International Journal of Information Security and Privacy

View full text Add to dashboard Cite

show abstract

“…Hence, it is crucial for SMEs to retain the control over the access to and flows of their farm data. This is also important from the perspective of potential (interstate) conflicts [36] or data breaches [38], that may affect farmers. Privacy-enhancing technologies could help to achieve this, by creating usable solutions and access control mechanisms.…”

Section: Outlook On Future Research Possibilitiesmentioning

confidence: 99%

The Role of Privacy in Digitalization – Analyzing Perspectives of German Farmers

Linsner

Kuntke

Steinbrink

et al. 2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Technological progress can disrupt domains and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk. Having insight into the business data of others along the supply chain provides an advantage in terms of market position. This is particularly true in agriculture, where there is already a significant imbalance of power between actors. A multitude of small and medium-sized farming businesses are opposed by large upstream and downstream players that drive technological innovation. Further weakening the market position of farmers could lead to severe consequences for the entire sector. We found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other hand, privacy itself influences adoption of digital tools. Our study sheds light on the emerging challenges for farmers and the role of privacy in the process of digitalization in agriculture.

show abstract

“…Researchers consistently demonstrate privacy eroding techniques deployed in the wild [15][16][17][18][19] motivated by online advertising business models [32]. Personal data is leaked via social networks [33], third-party web scripts [34], apps [35], software development kits [36], and organizational breaches [37]. The scale of tracking motivate re-designing systems to provide privacy guarantees.…”

Section: Privacy Practicesmentioning

confidence: 99%

Privacy Preference Signals: Past, Present and Future

Hils

Woods

Böhme

2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Privacy preference signals are digital representations of how users want their personal data to be processed. Such signals must be adopted by both the sender (users) and intended recipients (data processors). Adoption represents a coordination problem that remains unsolved despite efforts dating back to the 1990s. Browsers implemented standards like the Platform for Privacy Preferences (P3P) and Do Not Track (DNT), but vendors profiting from personal data faced few incentives to receive and respect the expressed wishes of data subjects. In the wake of recent privacy laws, a coalition of AdTech firms published the Transparency and Consent Framework (TCF), which defines an optin consent signal. This paper integrates post-GDPR developments into the wider history of privacy preference signals. Our main contribution is a high-frequency longitudinal study describing how TCF signal gained dominance as of February 2021. We explore which factors correlate with adoption at the website level. Both the number of third parties on a website and the presence of Google Ads are associated with higher adoption of TCF. Further, we show that vendors acted as early adopters of TCF 2.0 and provide two case-studies describing how Consent Management Providers shifted existing customers to TCF 2.0. We sketch ways forward for a pro-privacy signal.

show abstract

SoK: Anatomy of Data Breaches

Cited by 21 publications

References 18 publications

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors

The Role of Privacy in Digitalization – Analyzing Perspectives of German Farmers

Privacy Preference Signals: Past, Present and Future

Contact Info

Product

Resources

About