Addressing cyber and privacy risks has never been more critical for organisations. While a number of risk assessment methodologies and software tools are available, it is most often the case that one must, at least, integrate them into a holistic approach that combines several appropriate risk sources as input to risk mitigation tools. In addition, cyber risk assessment primarily investigates cyber risks as the consequence of vulnerabilities and threats that threaten assets of the investigated infrastructure. In fact, cyber risk assessment is decoupled from privacy impact assessment, which aims to detect privacy-specific threats and assess the degree of compliance with data protection legislation. Furthermore, a Privacy Impact Assessment (PIA) is conducted in a proactive manner during the design phase of a system, combining processing activities and their inter-dependencies with assets, vulnerabilities, real-time threats and Personally Identifiable Information (PII) that may occur during the dynamic life-cycle of systems. In this paper, we propose a cyber and privacy risk management toolkit, called AMBIENT (Automated Cyber and Privacy Risk Management Toolkit) that addresses the above challenges by implementing and integrating three distinct software tools. AMBIENT not only assesses cyber and privacy risks in a thorough and automated manner but it also offers decision-support capabilities, to recommend optimal safeguards using the well-known repository of the Center for Internet Security (CIS) Controls. To the best of our knowledge, AMBIENT is the first toolkit in the academic literature that brings together the aforementioned capabilities. To demonstrate its use, we have created a case scenario based on information about cyber attacks we have received from a healthcare organisation, as a reference sector that faces critical cyber and privacy threats.
Download full-text PDF |
Source |
|---|---|
| http://www.ncbi.nlm.nih.gov/pmc/articles/PMC8399421 | PMC |
| http://dx.doi.org/10.3390/s21165493 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
DFedGFM: Pursuing global consistency for Decentralized Federated Learning via global flatness and global momentum.
Neural Netw
December 2024
The School of Cyber Science and Technology, Shenzhen Campus of Sun Yat-sen University, Shenzhen, 518107, China. Electronic address:
To tackle high communication costs and privacy issues in Centralized Federated Learning (CFL), Decentralized Federated Learning (DFL) is an alternative. However, a significant discrepancy exists between local updates and the expected global update, known as client drift, which arises from inconsistency and heterogeneous data. Previous research in the DFL field has focused on local information during client updates, without considering global information, which fails to alleviate the client drift issue.
View Article and Find Full Text PDFHybrid quantum enhanced federated learning for cyber attack detection.
Sci Rep
December 2024
Department of Computer Science and Engineering, E.G.S. Pillay Engineering College, Nagapattinam, Tamil Nadu, 611002, India.
Cyber-attack brings significant threat and become a critical issue in the digital world network security. The conventional procedures developed to detects are centralized and often struggles with concerns like data privacy and communication overheads. Due to this, conventional methods are unable to adapt quickly for different threats.
View Article and Find Full Text PDFUtilizing Artificial neural networks (ANN) to regulate Smart cities for sustainable Urban Development and Safeguarding Citizen rights.
Sci Rep
December 2024
Department of Architecture, Rafsanjan Branch, Islamic Azad University, Rafsanjan, Iran.
The advent of smart cities has brought about a paradigm shift in urban management and citizen engagement. By leveraging technological advancements, cities are now able to collect and analyze extensive data to optimize service delivery, allocate resources efficiently, and enhance the overall well-being of residents. However, as cities become increasingly interconnected and data-dependent, concerns related to data privacy and security, as well as citizen participation and representation, have surfaced.
View Article and Find Full Text PDFA hybrid encryption framework leveraging quantum and classical cryptography for secure transmission of medical images in IoT-based telemedicine networks.
Sci Rep
December 2024
School of Electronic and Nanoscale Engineering, University of Glasgow, Glasgow, G12 8QQ, UK.
In the era of the Internet of Things (IoT), the transmission of medical reports in the form of scan images for collaborative diagnosis is vital for any telemedicine network. In this context, ensuring secure transmission and communication is necessary to protect medical data to maintain privacy. To address such privacy concerns and secure medical images against cyberattacks, this research presents a robust hybrid encryption framework that integrates quantum, and classical cryptographic methods.
View Article and Find Full Text PDFRole of moral disengagement and media literacy in the relationships between risky online content exposure and cyberaggression among Korean adolescents.
Sci Rep
December 2024
National Cancer Control Institute, National Cancer Center, Goyang, 10408, Republic of Korea.
This study investigated the relationships among exposure to risky online content, moral disengagement, media literacy, and cyberaggression in adolescents (aged 13-15 years). Data were obtained from the 2021 Cyber Violence Survey (N = 3,002) conducted by a national agency in the Republic of Korea using systematic stratified sampling. The survey assessed eight aggressive online behaviors as indicators of cyberaggression: verbal violence, defamation, stalking, sending provocative content, personal information leakage, bullying, extortion, and coercion.
View Article and Find Full Text PDFWant AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!