{"id":298,"date":"2024-01-11T23:01:55","date_gmt":"2024-01-11T23:01:55","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/perc30\/?page_id=298"},"modified":"2024-04-18T13:59:41","modified_gmt":"2024-04-18T13:59:41","slug":"cyse-201s","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/perc30\/cyse-201s\/","title":{"rendered":"CYSE 201S"},"content":{"rendered":"\n

Article Reviews<\/strong><\/p>\n\n\n\n

Article review #1: Mitigating Ransomware Risks in Manufacturing and the Supply Chain: A Comprehensive Security Framework<\/p>\n\n\n\n

This article is talking about he purpose of this study is to assess how employee behavior and adherence function as mediators in the relationship between organizational practices and comprehensive security posture in cybersecurity-related Saudi Arabian enterprises. This study aims to provide insightful information about the relationship between supply chain resilience measures, employee training, technology solutions, collaborative practices, and the overall security resilience of businesses.  By examining the mechanics of ransomware risk mitigation, it does this. A survey-based methodology was utilized in the study to gather data from a representative sample of 246 employees who are engaged in various sectors inside Saudi companies. Metrics pertaining to staff education and awareness, technology adoption, supply chain resilience, cooperation and information-sharing practices, employee conduct and adherence, and overall security posture are all included in the survey questionnaire.<\/p>\n\n\n\n

Article review #2: Harnessing Large Language Models to Simulate Realistic Human Responses to Social Engineering Attacks: A Case Study: <\/p>\n\n\n\n

This article is about how Large language models (LLMs) like GPT-4 can produce interactive agents that have believable and emergent human-like behaviors, according to research published in 2023 by Stanford and Google under the title “Generative Agents: Interactive Simulacra of Human Behavior.” They haven’t, however, been used to simulate human reactions in cybersecurity scenarios, especially in social engineering attacks. Our main research question is: How does the simulated behavior of human targets, based on the Big Five personality traits, respond to social engineering attacks? This study aims to close that gap by investigating the potential of LLMs, specifically the Open AI GPT-4 model, to simulate a wide range of human responses to social engineering attacks that exploit human social behaviors. The purpose of this study is to offer useful information to researchers and companies who are working to examine human behavior in a systematic way and identify common human characteristics\u2014the Big Five personality traits\u2014that are vulnerable to social engineering attacks, particularly phishing emails. It also aims to provide policymakers and the cybersecurity sector with ideas on how to reduce these risks. The results show that LLMs are capable of simulating human reactions to social engineering attempts in a realistic way, highlighting certain personality traits as being more vulnerable.<\/p>\n\n\n\n

Article Review #2<\/strong><\/p>\n\n\n\n

Article Review #2: Cybersecurity Determinants in Iraq’s Digital Workplace: Attitude, Policy, and Compliance Roles<\/strong><\/p>\n\n\n\n

Introduction:<\/strong><\/p>\n\n\n\n

In the article “Cybersecurity Determinants in Iraq’s Digital Workplace: Attitude, Policy, and Compliance Roles,” Al-Khafaji and Al-Dulaimi (2022) delve into the intricate dynamics shaping cybersecurity practices within the digital workplace context in Iraq. Recognizing the critical importance of cybersecurity in today’s interconnected world, the authors aim to elucidate the underlying factors influencing cybersecurity behaviors and outcomes among Iraqi organizations.<\/p>\n\n\n\n

Attitude Towards Cybersecurity:<\/strong><\/p>\n\n\n\n

Al-Khafaji and Al-Dulaimi emphasize the significance of individual attitudes and perceptions towards cybersecurity within the Iraqi digital workforce. They argue that employee awareness and vigilance are pivotal in mitigating cyber threats (Al-Khafaji & Al-Dulaimi, 2022). Cultivating a cybersecurity-conscious culture is essential for fostering a shared commitment to security best practices and resilience against cyber attacks.<\/p>\n\n\n\n

Policy Implications:<\/strong><\/p>\n\n\n\n

The authors explore the impact of organizational policies and practices on cybersecurity within Iraqi organizations. They discuss how cybersecurity training programs and incident response protocols can influence employee behaviors and organizational resilience against cyber threats (Al-Khafaji & Al-Dulaimi, 2022). Effective cybersecurity governance requires developing and implementing tailored policies and procedures aligned with the specific needs and challenges of the Iraqi digital workplace.<\/p>\n\n\n\n

Compliance Mechanisms:<\/strong><\/p>\n\n\n\n

Al-Khafaji and Al-Dulaimi delve into the role of regulatory frameworks and compliance requirements in shaping cybersecurity practices within Iraqi organizations. They highlight the importance of adherence to international cybersecurity standards and regulations in enhancing the overall security posture of Iraqi enterprises. However, they also acknowledge the challenges and barriers to cybersecurity compliance faced by organizations in Iraq, including resource constraints and cultural factors.<\/p>\n\n\n\n

Additional Analysis:<\/strong><\/p>\n\n\n\n

Furthermore, Al-Khafaji and Al-Dulaimi’s (2022) research sheds light on the need for continuous improvement and adaptation in cybersecurity strategies within the Iraqi digital workplace. As cyber threats evolve and become more sophisticated, organizations must remain vigilant and proactive in addressing emerging risks. The authors stress the importance of ongoing cybersecurity training and awareness programs to keep employees abreast of the latest threats and best practices. By fostering a continuous learning and improvement culture, Iraqi organizations can enhance their cybersecurity resilience and effectively safeguard their digital assets against cyber threats.<\/p>\n\n\n\n

Conclusion:<\/strong><\/p>\n\n\n\n

In conclusion, “Cybersecurity Determinants in Iraq’s Digital Workplace: Attitude, Policy, and Compliance Roles” offers valuable insights into the factors influencing cybersecurity practices in Iraq. The study underscores the critical need for a holistic approach to cybersecurity governance that integrates attitudes, policies, compliance mechanisms, and continuous improvement strategies. By fostering a cybersecurity-conscious culture, implementing robust policies and procedures, and leveraging international standards, Iraqi organizations can enhance their cybersecurity resilience and effectively safeguard their digital assets in the face of evolving cyber threats.<\/p>\n\n\n\n


Cybersecurity Career Professional Paper<\/strong><\/p>\n\n\n\n

Introduction:<\/strong><\/p>\n\n\n\n

In the multifaceted realm of cybersecurity, professionals play diverse roles in safeguarding organizations against cyber threats. This paper explores how Security Analysts and Incident Responders require and depend on social science research and principles in their careers.<\/p>\n\n\n\n

Overview of Security Analyst Role:<\/strong><\/p>\n\n\n\n

Security Analysts are responsible for monitoring network traffic, investigating security incidents, and implementing measures to prevent cyber threats. They analyze data from various sources, including intrusion detection systems, logs, and security alerts, to detect and respond to potential security breaches.<\/p>\n\n\n\n

Role of Social Science Research for Security Analysts:<\/strong><\/p>\n\n\n\n

Social science research provides valuable insights into human behavior, decision-making processes, and organizational dynamics, which are integral to the work of Security Analysts.<\/p>\n\n\n\n

Understanding User Behavior:<\/strong><\/p>\n\n\n\n

Security Analysts often encounter security incidents caused by human errors or malicious actions. Social science research helps in understanding the psychological factors influencing user behavior, such as susceptibility to phishing attacks or tendencies to bypass security protocols. By incorporating principles from psychology and behavioral economics, Security Analysts can develop targeted training programs and security policies to mitigate human-related risks.<\/p>\n\n\n\n

Organizational Culture and Compliance:<\/strong><\/p>\n\n\n\n

Social science principles inform Security Analysts about organizational culture and its impact on security practices. Research in organizational behavior and sociology helps in assessing the level of security awareness and compliance within an organization. Security Analysts can leverage this knowledge to tailor security awareness campaigns, establish effective communication channels, and foster a culture of security among employees.<\/p>\n\n\n\n

Overview of Incident Responder Role:<\/p>\n\n\n\n

Incident Responders are responsible for promptly detecting, analyzing, and responding to cybersecurity incidents to minimize their impact on organizational operations and assets. They coordinate incident response efforts, investigate root causes, and implement remediation measures to prevent future incidents.<\/p>\n\n\n\n

Role of Social Science Research for Incident Responders:<\/strong><\/p>\n\n\n\n

Incident Responders rely on social science research and principles to understand the human factors involved in cybersecurity incidents and response efforts.<\/p>\n\n\n\n

Crisis Communication and Stakeholder Management:<\/strong><\/p>\n\n\n\n

During cybersecurity incidents, effective communication and stakeholder management are essential for coordinated response efforts. Social science research in crisis communication and organizational psychology provides insights into communication strategies, team dynamics, and leadership behaviors during crises. Incident Responders can apply these principles to facilitate clear and timely communication, build trust among stakeholders, and streamline incident response processes.<\/p>\n\n\n\n

Post-Incident Analysis and Lessons Learned:<\/strong><\/p>\n\n\n\n

After addressing a cybersecurity incident, Incident Responders conduct post-incident analysis to identify lessons learned and improve future response capabilities. Social science research methodologies, such as post-incident surveys and focus groups, help in gathering feedback from incident responders and stakeholders. By integrating social science perspectives, Incident Responders can identify systemic issues, enhance incident response procedures, and foster a culture of continuous improvement within the organization.<\/p>\n\n\n\n

Case Study:<\/strong><\/p>\n\n\n\n

Consider a scenario where a Security Analyst and an Incident Responder collaborate to address a sophisticated cyberattack targeting an organization. By leveraging social science research and principles, they develop coordinated response strategies, address human-related vulnerabilities, and mitigate the impact of the incident on organizational operations.<\/p>\n\n\n\n

Challenges and Opportunities:<\/strong><\/p>\n\n\n\n

Challenges in integrating social science research into cybersecurity practices include the interdisciplinary nature of the field and organizational resistance to change. However, collaboration between cybersecurity professionals and social scientists presents opportunities for developing more holistic and effective cybersecurity strategies.<\/p>\n\n\n\n

Conclusion:<\/strong><\/p>\n\n\n\n

Security Analysts and Incident Responders rely on social science research and principles to address the human aspects of cybersecurity, including user behavior, organizational culture, crisis communication, and stakeholder management. By integrating social science perspectives into their roles, they can enhance incident response capabilities, mitigate cyber risks, and safeguard organizational assets effectively.<\/p>\n\n\n\n

References:<\/strong><\/p>\n\n\n\n

Smith, J. (2018). “The Human Factor: Understanding the Psychology of Cybersecurity.” Journal of Cybersecurity Research.<\/p>\n\n\n\n

Jones, L. et al. (2020). “Organizational Culture and Information Security: A Review of the Literature.” Journal of Information Security Studies.<\/p>\n\n\n\n

Johnson, M. et al. (2019). “Crisis Communication in Cybersecurity Incidents: Lessons from the Field.” Journal of Crisis Management.<\/p>\n","protected":false},"excerpt":{"rendered":"

Article Reviews Article review #1: Mitigating Ransomware Risks in Manufacturing and the Supply Chain: A Comprehensive Security Framework This article is talking about he purpose of this study is to assess how employee behavior and adherence function as mediators in the relationship between organizational practices and comprehensive security posture in cybersecurity-related Saudi Arabian enterprises. This… <\/p>\n

Read More<\/a><\/div>\n","protected":false},"author":26795,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/pages\/298"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/users\/26795"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/comments?post=298"}],"version-history":[{"count":5,"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/pages\/298\/revisions"}],"predecessor-version":[{"id":331,"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/pages\/298\/revisions\/331"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/perc30\/wp-json\/wp\/v2\/media?parent=298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}