topic 10: What have researchers learned about the cybersecurity threats faced by small businesses in the
digital age, and what effective strategies can be employed to mitigate these threat.
here I want 3 objective summaries and literature review 3 parts that are introduction, review of literature and analysis of literature
Research Articles
2023 Basel,Switzerland
2023 Istanbul,Turkey
Bada, Maria: Nurse, Jason 2019 Bingley,United Kingdom
News articles and websites
Who wrote it? rationale for inclusion
WHO conducted the research (authors of article)
WHEN year research was conducted (within last 10 years)
WHERE the research was conducted
WHY was the research conducted
Lucian Florin Ilca: Ogrutan Petre Lucian: Titus Constantin Balan
The research was conducted to address the evolving challenges in the cyber environment and enhance security incident response for modern institutions. It focused on developing effective strategies, methodologies, and a novel solution, emphasizing the identification and management of emerging attack vectors, particularly malicious binaries. The goal was to equip institutions, especially small and medium- sized enterprises (SMEs), with affordable and adaptable security infrastructure. The proposed solution leveraged open-source technologies, a Dockerized infrastructure, and automation to streamline security operations, aiming to improve malware detection, incident response, and overall cybersecurity for SMEs.
Masilela,Lucia Nel-Sanders,Danielle
to contextualise the study and practice of cyber threat intelligence at the national sphere of government in the South African public sector
The research aimed to enhance cybersecurity incident response in modern institutions, focusing on adapting to new attack vectors, especially those involving malicious binaries. It proposes an open-source solution, utilizing technologies like Docker and automation, tailored for small and medium-sized enterprises (SMEs). The solution serves as a proactive Security Operations Centre, showcasing integrated open- source tools for efficient malware detection. Practical demonstrations and a comparative study assess the solution's effectiveness. Ultimately, the research provides SMEs with an affordable, adaptable, and automated security infrastructure to fortify defenses against evolving cyber threats.
Research Articles
News articles and websites
HOW the research was conducted (NAME the METHODOLO-GY)
HOW the research was conducted (DESCRIBE the PROCESS)
WHAT the reseachers learned – results
Link to article
The research employed a Docker-based approach, configuring two servers to enhance network security. The primary server integrated essential tools such as Wazuh, TheHive, Cortex, n8n, Cuckoo Sandbox, and MISP for SIEM, XDR, EDR, and SIRP functionalities. FleetDM with OsQuery served as the threat- hunting module, while Telegraf, InfluxDB, and Grafana provided monitoring capabilities. The secondary server, functioning as a firewall with OpnSense, incorporated CrowdSec for behavioral analysis. The solution automated processes using n8n and integrated Cuckoo Sandbox for analyzing potentially malicious files. This comprehensive framework aims to improve detection capabilities, streamline incident response, and strengthen overall security posture.
The research focused on addressing challenges in malware detection, considering the evolving nature of malware and the overwhelming sample volume. It proposed an anti-emerging threat solution employing advanced technologies like behavior-based analysis, machine learning, and threat intelligence. The study utilized Docker for system virtualization and deployed a multi- layered architecture. The primary server incorporated Wazuh, TheHive, Cortex, and MISP for SIEM and SIRP functionalities. OpnSense and CrowdSec in the secondary server served as a firewall with behavioral analysis. The flow involved malware delivery, traffic analysis, central analysis, IoC sharing, and further analysis using tools like Cuckoo Sandbox. The research aimed to proactively detect, mitigate, and respond to emerging threats effectively.
The researchers aimed to comprehensively investigate and test the proposed solution by creating a secure environment with containerized applications deployed on servers. This environment, designed to emulate sophisticated malware-targeting networks, involved VirtualBox, VMCloak, Docker, and other services. Malware samples from diverse sources were obtained and validated using the proposed system, referencing online databases like Malware Bazaar. The researchers learned that the solution effectively contained and analyzed malware files, providing crucial capabilities for digital forensics and security. The environment allowed controlled testing, ensuring the authenticity and validation of malware samples before analysis. https://www.proquest.com/abicomplete/docview/2849111014/fulltext/CE53EC9920B841D2PQ/1?accountid=41012&sourcetype=Scholarly%20Journals
The research adopted a qualitative approach, utilizing semi-structured interviews with 29 questions categorized into four sections to explore cybersecurity practices in government senior management. The study focused on the ministries of energy, science and technology, and environmental affairs, interviewing fourteen skilled participants. Sampling methods included snowball and purposive sampling. Data analysis employed the Threat Intelligence Lifecycle, a six-step process in cyber threat intelligence, serving as an analytical framework to thematize the dataset. Thematic analysis was applied to identify relevant classifications, themes, and patterns. Findings were presented thematically based on the Threat Intelligence Lifecycle analysis, offering in-depth insights into the institutionalized cybersecurity measures within government departments from the perspective of senior management.
The research adopted a systematic approach through the six-step Threat Intelligence Lifecycle. The process began with Planning and Direction, involving targeted questioning aligned with cybersecurity issues. Data Collection followed, sourcing information internally and externally. The third step, Processing, focused on meticulous data organization and validation. Analysis informed cybersecurity personnel about threats and risks. Dissemination involved sharing intelligence with a tracked audience. The Feedback step closed the cycle, offering constructive insights for continuous improvement. This structured process ensured a comprehensive understanding and analysis of cybersecurity practices within government senior management.
The research has yielded comprehensive insights into cybersecurity practices within government senior management. By employing a qualitative approach and utilizing the Threat Intelligence Lifecycle, the study systematically identified, analyzed, and understood cybersecurity measures against cyber threats. One-on-one interviews with senior officials from relevant ministries, using snowball and purposive sampling, ensured diverse and skilled perspectives. Thematic analysis based on the Threat Intelligence Lifecycle provided a structured understanding of planning, collection, processing, analysis, dissemination, and feedback. The findings contribute practical insights for enhancing current and future cybersecurity practices and principles in government departments. https://www.proquest.com/abicomplete/docview/2242758081/abstract/F417C51747274A1CPQ/22?accountid=41012&sourcetype=Scholarly%20Journals
The research methodology comprised three main phases. Firstly, a scoping review technique was used for a literature review, focusing on cybersecurity awareness and education initiatives for SMEs. Secondly, a case study approach was employed, specifically utilizing a user-based study to evaluate the strengths and weaknesses of the London Digital Security Centre (LDSC) as a practitioner-based security awareness program. Lastly, the research leveraged insights from the literature review and LDSC case study to develop a high- level program for cybersecurity education and awareness for SMEs, incorporating best practices from research and industry.
The research was conducted through a three- phase approach. The initial phase involved a scoping review technique for a literature review, examining articles and reports from May 2018 to February 2019 through databases like Science Direct, Scopus, Google Scholar, IEEE, ACM, and general web searches. The focus was on cybersecurity awareness, education, and training initiatives for SMEs, using preset inclusion and exclusion criteria. The second phase comprised a case study of the London Digital Security Centre (LDSC), adopting a user-based study to assess LDSC's strengths and weaknesses in offering cybersecurity support to SMEs in London. The final phase utilized insights from the literature review and LDSC case study to outline a high- level program for cybersecurity education and awareness for SMEs, integrating best practices from both research and industry. This comprehensive approach aimed to address the challenges faced by SMEs in security awareness and education, combining theoretical insights, practical observations, and program development.
The research review examined 36 articles and reports focused on cybersecurity awareness, education, and training for SMEs. Key findings highlight the importance of fostering good security behavior in SMEs through the development of a strong security culture. Challenges include reaching SMEs, particularly business owners immersed in day-to-day operations. Influencing factors for security behavior encompass individual knowledge, skills, and experiences. Global initiatives, such as the UK's Cyber Essentials and the US Stop.Think.Connect campaign, aim to support SME cybersecurity. Academic perspectives underscore asset/harm-based security approaches and tailored tools for understanding technical security postures. The importance of holistic, relevant approaches considering SMEs' limited resources is emphasized, with a need for effective measurement of awareness program effectiveness. Overall, the findings stress the significance of tailored and holistic cybersecurity strategies for SMEs, acknowledging their unique challenges and resource limitations. https://www.proquest.com/abicomplete/docview/2242758081/fulltext/94B31057B89F486BPQ/1?accountid=41012&sourcetype=Scholarly%20Journals
When was the article written (within the last 5 years)
Link to article/site
,
Research Articles
2023 Basel,Switzerland
2023 Istanbul,Turkey
Bada, Maria: Nurse, Jason 2019 Bingley,United Kingdom
News articles and websites
Who wrote it? rationale for inclusion
WHO conducted the research (authors of article)
WHEN year research was conducted (within last 10 years)
WHERE the research was conducted
WHY was the research conducted
Lucian Florin Ilca: Ogrutan Petre Lucian: Titus Constantin Balan
The research was conducted to address the evolving challenges in the cyber environment and enhance security incident response for modern institutions. It focused on developing effective strategies, methodologies, and a novel solution, emphasizing the identification and management of emerging attack vectors, particularly malicious binaries. The goal was to equip institutions, especially small and medium- sized enterprises (SMEs), with affordable and adaptable security infrastructure. The proposed solution leveraged open-source technologies, a Dockerized infrastructure, and automation to streamline security operations, aiming to improve malware detection, incident response, and overall cybersecurity for SMEs.
Masilela,Lucia Nel-Sanders,Danielle
to contextualise the study and practice of cyber threat intelligence at the national sphere of government in the South African public sector
The research aimed to enhance cybersecurity incident response in modern institutions, focusing on adapting to new attack vectors, especially those involving malicious binaries. It proposes an open-source solution, utilizing technologies like Docker and automation, tailored for small and medium-sized enterprises (SMEs). The solution serves as a proactive Security Operations Centre, showcasing integrated open- source tools for efficient malware detection. Practical demonstrations and a comparative study assess the solution's effectiveness. Ultimately, the research provides SMEs with an affordable, adaptable, and automated security infrastructure to fortify defenses against evolving cyber threats.
Research Articles
News articles and websites
HOW the research was conducted (NAME the METHODOLO-GY)
HOW the research was conducted (DESCRIBE the PROCESS)
WHAT the reseachers learned – results
Link to article
The research employed a Docker-based approach, configuring two servers to enhance network security. The primary server integrated essential tools such as Wazuh, TheHive, Cortex, n8n, Cuckoo Sandbox, and MISP for SIEM, XDR, EDR, and SIRP functionalities. FleetDM with OsQuery served as the threat- hunting module, while Telegraf, InfluxDB, and Grafana provided monitoring capabilities. The secondary server, functioning as a firewall with OpnSense, incorporated CrowdSec for behavioral analysis. The solution automated processes using n8n and integrated Cuckoo Sandbox for analyzing potentially malicious files. This comprehensive framework aims to improve detection capabilities, streamline incident response, and strengthen overall security posture.
The research focused on addressing challenges in malware detection, considering the evolving nature of malware and the overwhelming sample volume. It proposed an anti-emerging threat solution employing advanced technologies like behavior-based analysis, machine learning, and threat intelligence. The study utilized Docker for system virtualization and deployed a multi- layered architecture. The primary server incorporated Wazuh, TheHive, Cortex, and MISP for SIEM and SIRP functionalities. OpnSense and CrowdSec in the secondary server served as a firewall with behavioral analysis. The flow involved malware delivery, traffic analysis, central analysis, IoC sharing, and further analysis using tools like Cuckoo Sandbox. The research aimed to proactively detect, mitigate, and respond to emerging threats effectively.
The researchers aimed to comprehensively investigate and test the proposed solution by creating a secure environment with containerized applications deployed on servers. This environment, designed to emulate sophisticated malware-targeting networks, involved VirtualBox, VMCloak, Docker, and other services. Malware samples from diverse sources were obtained and validated using the proposed system, referencing online databases like Malware Bazaar. The researchers learned that the solution effectively contained and analyzed malware files, providing crucial capabilities for digital forensics and security. The environment allowed controlled testing, ensuring the authenticity and validation of malware samples before analysis. https://www.proquest.com/abicomplete/docview/2849111014/fulltext/CE53EC9920B841D2PQ/1?accountid=41012&sourcetype=Scholarly%20Journals
The research adopted a qualitative approach, utilizing semi-structured interviews with 29 questions categorized into four sections to explore cybersecurity practices in government senior management. The study focused on the ministries of energy, science and technology, and environmental affairs, interviewing fourteen skilled participants. Sampling methods included snowball and purposive sampling. Data analysis employed the Threat Intelligence Lifecycle, a six-step process in cyber threat intelligence, serving as an analytical framework to thematize the dataset. Thematic analysis was applied to identify relevant classifications, themes, and patterns. Findings were presented thematically based on the Threat Intelligence Lifecycle analysis, offering in-depth insights into the institutionalized cybersecurity measures within government departments from the perspective of senior management.
The research adopted a systematic approach through the six-step Threat Intelligence Lifecycle. The process began with Planning and Direction, involving targeted questioning aligned with cybersecurity issues. Data Collection followed, sourcing information internally and externally. The third step, Processing, focused on meticulous data organization and validation. Analysis informed cybersecurity personnel about threats and risks. Dissemination involved sharing intelligence with a tracked audience. The Feedback step closed the cycle, offering constructive insights for continuous improvement. This structured process ensured a comprehensive understanding and analysis of cybersecurity practices within government senior management.
The research has yielded comprehensive insights into cybersecurity practices within government senior management. By employing a qualitative approach and utilizing the Threat Intelligence Lifecycle, the study systematically identified, analyzed, and understood cybersecurity measures against cyber threats. One-on-one interviews with senior officials from relevant ministries, using snowball and purposive sampling, ensured diverse and skilled perspectives. Thematic analysis based on the Threat Intelligence Lifecycle provided a structured understanding of planning, collection, processing, analysis, dissemination, and feedback. The findings contribute practical insights for enhancing current and future cybersecurity practices and principles in government departments. https://www.proquest.com/abicomplete/docview/2242758081/abstract/F417C51747274A1CPQ/22?accountid=41012&sourcetype=Scholarly%20Journals
The research methodology comprised three main phases. Firstly, a scoping review technique was used for a literature review, focusing on cybersecurity awareness and education initiatives for SMEs. Secondly, a case study approach was employed, specifically utilizing a user-based study to evaluate the strengths and weaknesses of the London Digital Security Centre (LDSC) as a practitioner-based security awareness program. Lastly, the research leveraged insights from the literature review and LDSC case study to develop a high- level program for cybersecurity education and awareness for SMEs, incorporating best practices from research and industry.
The research was conducted through a three- phase approach. The initial phase involved a scoping review technique for a literature review, examining articles and reports from May 2018 to February 2019 through databases like Science Direct, Scopus, Google Scholar, IEEE, ACM, and general web searches. The focus was on cybersecurity awareness, education, and training initiatives for SMEs, using preset inclusion and exclusion criteria. The second phase comprised a case study of the London Digital Security Centre (LDSC), adopting a user-based study to assess LDSC's strengths and weaknesses in offering cybersecurity support to SMEs in London. The final phase utilized insights from the literature review and LDSC case study to outline a high- level program for cybersecurity education and awareness for SMEs, integrating best practices from both research and industry. This comprehensive approach aimed to address the challenges faced by SMEs in security awareness and education, combining theoretical insights, practical observations, and program development.
The research review examined 36 articles and reports focused on cybersecurity awareness, education, and training for SMEs. Key findings highlight the importance of fostering good security behavior in SMEs through the development of a strong security culture. Challenges include reaching SMEs, particularly business owners immersed in day-to-day operations. Influencing factors for security behavior encompass individual knowledge, skills, and experiences. Global initiatives, such as the UK's Cyber Essentials and the US Stop.Think.Connect campaign, aim to support SME cybersecurity. Academic perspectives underscore asset/harm-based security approaches and tailored tools for understanding technical security postures. The importance of holistic, relevant approaches considering SMEs' limited resources is emphasized, with a need for effective measurement of awareness program effectiveness. Overall, the findings stress the significance of tailored and holistic cybersecurity strategies for SMEs, acknowledging their unique challenges and resource limitations. https://www.proquest.com/abicomplete/docview/2242758081/fulltext/94B31057B89F486BPQ/1?accountid=41012&sourcetype=Scholarly%20Journals
When was the article written (within the last 5 years)
Link to article/site
,
1 CYBERSECURITY THREATS
Cybersecurity Threats affecting Small Businesses in the Wake of Increased Digitalization:
Vamshi Choppari
Department of Computer Science, Monroe College, King Graduate School
KG604-152HY: Graduate Research & Critical Analysis
Professor Amanda Ramlochan
February 11, 2024
2 CYBERSECURITY THREATS
References
Lucian, F. I., Ogrutan, P. L., & Titus, C. B. (2023). enhancing Cyber-Resilience for Small and
Medium-Sized Organizations with Prescriptive Malware Analysis, Detection, and
Response. Sensors, 23(15), 6757. https://doi.org/10.3390/s23156757
Masilela,L., & Nel-Sanders, D. (2023). Cyber threat intelligence practices in the national sphere
of government in South Africa. International Journal of Research in Business and Social
Science, 12(8), 402-414. https://doi.org/10.20525/ijrbs.vl2i8.2914
Bada,M., & Nurse,J. RC. (2019). developing Cybersecurity education and awareness
programmes for Small- and Medium-Sized Enterprises (SMEs). Information and
Computer Security, 27(3), 393-410. https://doi.org/10.1108/ICS-07-2018-0080