A social networking approach to security awareness in end-user cyber-driven financial transactions
- Authors: Maharaj, Rahul
- Date: 2018
- Subjects: Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/48824 , vital:41144
- Description: Cyberspace, including the internet and associated technologies have become critical to social users in their day to day lives. Social users have grown to become reliant on cyberspace and associated cyber services. As such, a culture of users becoming dependent on cyberspace has formed. This cyberculture need to ensure that they can make use of cyberspace and associated cyber services in a safe and secure manner. This is particularly true for those social users involved in cyberdriven financial transactions. Therefore, the aim of this research study is to report on research undertaken, to assist said users by providing them with an alternative educational approach to cyber security, education, awareness and training.
- Full Text:
An information security governance model for industrial control systems
- Authors: Webster, Zynn
- Date: 2018
- Subjects: Computer networks -- Security measures , Data protection Computer security Business enterprises -- Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/36383 , vital:33934
- Description: Industrial Control Systems (ICS) is a term used to describe several types of control systems, including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and Programmable Logic Controllers (PLC). These systems consist of a combination of control components (e.g. electrical, mechanical, pneumatic) which act together to achieve an industrial objective (e.g., manufacturing, transportation of matter or energy). ICS play a fundamental role in critical infrastructures such as electricity grids, oil, gas and manufacturing industries. Initially ICS had little resemblance to typical enterprise IT systems; they were isolated and running proprietary control protocols using specialized hardware and software. However, with initiatives such as Industry 4.0 and Industrial Internet of Things (IIoT), the nature of ICS has changed significantly. There is an ever-increasing use of commercial operating systems and standard protocols like TCP/IP and Ethernet. Consequently, modern ICS are more and more resembling conventional enterprise IT systems, and it is a well-known fact that these IT systems and networks are known to be vulnerable and that they require extensive management to ensure Confidentiality, Integrity, and Availability. Since ICS are now adopting conventional IT characteristics they are also accepting the associated risks. However, owing to the functional area of ICS, the consequences of these threats are much more severe than those of enterprise IT systems. The need to manage security for these systems with highly skilled IT personnel has become essential. Therefore, this research was focussed to identify which unique security controls for ICS and enterprise IT systems can be combined and/or tailored to provide the organization with a single set of comprehensive security controls. By doing an investigation on existing standards and best practices for both enterprise IT and ICS environments, this study has produced a single set of security controls and presented how the security controls can be integrated into an existing information security governance model which organizations can use as a basis for generating a security framework, used not only to secure their enterprise IT systems, but also including the security of their ICS.
- Full Text:
- Date Issued: 2018