As of today, almost everybody knows or have heard about the Coronavirus (COVID-19) Pandemic. Besides being an infectious disease caused by the SARS-CoV-2 virus, it is included among the worst pandemic events of human history. The spreading speed has been exponentially fast, not to mention its frequent rate of mutations. But I’m not going to write about the virus perse, but about what I have been doing during those famous lockdown periods.
Users' deviant behaviors, unawareness, misuse, apathy, and resistance are usually the primary reasons for security breaches. Furthermore, there is a significant lack of information security studies on how the cultural phenomenon impacts the intention to comply with information security polices among individuals from different cultural backgrounds. Thus, the objectives of this study were to empirically examine which behavioral and cultural factors influence most in the individual’s security intention to comply with information security policies (ISP), and how complying with these policies can vary between countries and cross-cultural backgrounds. It also sought to understand the competing factors that could potentially impact the security performance by keeping down cybersecurity risks. In order to answer these interrogants, we administered a web-based survey, sent by e-mail and posted on various professional forums, to information security professionals and practitioners from AMER, APAC and EMEA business regions.
We successfully developed a model with high and accurate levels to predict employee’s intention to comply with information security policies. This model was validated with multiple statistical analysis, including PLS-SEM, bootstrapping, and multi-groups analysis to corroborate the existence of differences among cultural-backgrounds. Our results demonstrate that there are significant differences for APAC and EMEA, but not for AMER, in their corresponding relation with the intention to comply with ISP.
We also identified positive and negative correlations between cultural and behavioral factors, which could help to better understand how they can also impact the security posture of an institution. Findings from this study could contribute to existing literature by demonstrating the influential effects of Individualism, Power Distance, Masculinity, Uncertainty Avoidance, and Long-term Orientation on the actual information security compliance behavior from different business regions, a research field that had remained unexplored. Furthermore, given that our results suggest that by complying with ISP, companies can reduce cybersecurity risks, organizations should consider getting their employees to believe that by conducting in a secure way and complying with ISP, can keep security breaches down.
It is well known that humans are the weakest link in the information security chain, but specifically, who are them? Well, you may guess, “they” are everyone. I have been in both sides, as a user and as a system admin; and in both sceneries humans tend to make mistakes. It’s human nature.
A lot have been investigated, written and said about how to better protect companies against the unstoppable proliferation of advanced and sophisticated cyber-threats/attacks. By default, and by common sense, we tend to think that by adopting and implementing cutting-edge security technologies, companies will be on a better position to stop, prevent, and reduce security threats from cyber-criminals. This is not so far from reality. Lots of technologies have emerged and being adopted to reach that goal. Among these technologies are: Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewalls, Antivirus, Network Access Control (NAC), Proxies, Gateways, Advance Threat Analytics (ATA), Sandboxes, Multi-factor Authentication (MFA), Artificial Intelligence (AI), and Machine Learning (ML) solutions to mention a few. However, security and data breaches still happen and are on the news all around the world, every day.
Anatomy, the study of tissues, organs and systems in the body, is an essential component in the curricula of many health professions. Due to curricular design, complexity of the learning material, and time devoted to teaching, anatomy learning could be compromised. Anatomy instructors and educational institutions must look for ways to complement anatomy teaching in order to better prepare students for what they will find at both, the graduate level and the work environment. In this review, we compared multiple approaches for anatomy teaching, and blended learning appears to give better results for contents comprehension, retention, and academic development.
Convergence Of Cloud Computing, Internet Of Things, And Machine Learning: The Future Of Decision Support Systems
The objective of this research was to develop a framework for understanding the Convergence of Cloud Computing, Machine Learning, and Internet of Things as the future of Decision Support Systems. To develop this framework, the researchers analyzed and synthesized 35 research articles from 2006 to 2017. The results indicated that when the data is massive, it is necessary to use computational algorithms and complex analytical techniques. The Internet of Things, in combination with the large accumulation of data and data mining, improves the learning of automatic intelligence for business. This is due to the fact that the technology has the intelligence to infer and provide solutions based on past experiences and past events.
In the last decade of the proliferation of the World Wide Web, there has been a shift from normal human combat warfare to electronic warfare, where a person with a computer can do more damage to the infrastructure of a country than thousands of soldiers. The amount of data, intelligence, and damage generated by such warfare is astronomical. This type of warfare requires artificial intelligence and Expert Systems to go to the forefront of the battlefield in order to analyze data and trends to identify potential attacks and provide countermeasures to such attack. AI has put in a new perspective how Decision Support Systems (DSS) improve defense. DSS implemented today are in place to stop and deter in the shortest possible amount of time a cyberattack, and assist cyber defenders in finding the correct response.
WannaCry or Wanna Decrytor ransomware is an informatic virus that attacks Windows operating system based computers primarily (including servers) by taking advantage of system vulnerabilities exploited by Eternalblue, a tool believed to be developed by the USA National Security Agency. What is the unique effect once infected by the virus? Well, you will notice it fast. The system will show you a Popup window letting you know that your computer is infected, all your files are encrypted, and for you to recover it all, they require a ransom payment using bitcoins. Unless you make the payment, all your files will stay encrypted. The worst thing about this virus is that, if you do not pay in a certain period, the ransom payment will keep rising.
But, wait! The intention of this article is not to create panic. Even though you should panic if your computer got infected and you didn't backed up your files recently (last day or night before the infection).
Today more than ever, we are living in the interconnected and social era. Generation X and the famous Millennials, are so connected to the Internet, and spend so much time sharing almost everything about themselves, that they don’t imagine their life could go any other way. This is without online presence, in their social communities and networks, 24 hours a day, 7 days a week, 365 days a year.
Some time ago, I had the opportunity to write an article titled “To be a certified professional or not to be”. It was about why some companies place more weight on certification’s credentials, than on years of experience and college degrees. I briefly explained that it was because some certifications are a must-have, since they “prove” that you are “following” the best practices, industry standards, and keep yourself up-to-date with new technologies and methodologies. This is true, but there are some other credentials that are just as nice to have, just to say that you have it (merely decorative). As the saying goes: “The suit does not make the clergyman, but distinguishes him”
Dr. Gilberto Crespo is an information security researcher & technology expert.