The Influence of Security Challenges in the Use Of The Internet and Mobile Applications on Creating a Security Culture
DOI:
https://doi.org/10.51738/Kpolisa2021.18.1p.1.06Keywords:
information security culture, security culture framework, creating a security culture, cyber security, youth safetyAbstract
The growing number of threats and challenges from cyberspace, due to the increasing use of the Internet and mobile applications as never before, requires the implementation of security policies aimed at preserving the information and communication assets of the company. Security is achieved through one part of measures that are technical-technological in nature, and the other part is related to the actions of people in the organization. People are known to be the weakest link, and security culture aims to act on people by adopting certain behaviours, building habits and establishing communication in a way that they can respond to threats from cyberspace. Information security culture is established and maintained through programs that aim to prepare people for current and future challenges from cyberspace. One day, young people will start working, but until that moment, parents, in synergy with school institutions, should direct them so that they accept certain behaviours and norms. In this way, the security culture ensures that their security is preserved from the earliest days, so it is necessary to develop programs at different levels of education that will enable this.
Downloads
References
Afreen, Rahat. 2014. “Bring Your Own Device (BYOD) in Higher Education: Opportunities and Challenges.” International Journal of Emerging Trends & Technology in Computer Science III (1): 233–236.
Alotaibi, Bashayer, and Haya Almagwashi. 2018. “A Review of BYOD Security Challenges, Solutions and Policy Best Practices.” In 1st International Conference on Computer Applications and Information Security, ICCAIS 2018, 1–6. IEEE. https://doi.org/10.1109/CAIS.2018.8441967.
APWG. 2021. “Phishing Attack Trends Report – 4Q 2020.” https://docs.apwg.org/reports/apwg_trends_report_q4_2020.pdf.
Bannister, Adam. 2021. “Fake Covid-19 Vaccines Pose ‘Serious Health Hazard’, Warns Interpol.”, poslednji pristup 05.04.2021. https://portswigger.net/dailyswig/fake-covid-19-vaccines-pose-serious-health-hazard-warns-interpol.
Бјелајац, Жељко Ђ., и Милован Б. Јовановић. 2013. „Поједини аспекти безбедносне културе на Интернету”, Култура полиса, X (21): 99-114
Бјелајац, Жељко Ђ., и Александар М. Филиповић. 2020. „Интернет и друштвене мреже као неограничени простор за концентрацију и мултиплицирано присуство педофила”, У „Педофилија – узроци и последице”, ур. Жељко Бјелајац и Александар М. Филиповић, посебно издање, Култура полиса: 29- 40.
Бјелајац, Жељко Ђ., и Александар М. Филиповић. 2021. „Флексибилност дигиталних медија за манипулативно деловање сексуалних предатора”, Култура полиса, XVIII (44): 51-67.
Bjelajac, Željko Đ., and Aleksandar M. Filipović. 2020. “Internet Addiction Disorder (IAD) as a Paradigm of Lack of Security Culture.”, Kultura polisa, XVII (43): 239-258.
Bjelajac, Željko Đ., and Slavimir Lj. Vesić. 2020. “Security of Information Systems.” Pravo - Teorija i Praksa XXXVII (2): 63–76. https://doi.org/10.5937/ptp2002063b.
Blic. 2020. „Kako su hakeri napali Novi Sad - sve o najvećem napadu ikada: Tražili pola miliona evra i danima ucenjivali Srbiju.” poslednji pristup 05.03.2020. https://www.blic.rs/vesti/drustvo/kako-su-hakeri-napali-novi-sadsve-o-najvecem-napadu-ikada-trazili-pola-miliona-evra/5g8dqe2.
Brewer, Ross. 2016. “Ransomware Attacks: Detection, Prevention and Cure.” Network Security MMXVI (9): 5–9. https://doi.org/10.1016/S1353-4858(16)30086-1.
Bubanja, Branislav. 2020. “Ransomware napad na hrvatsku naftnu kompaniju INA.” poslednji pristup 17.11.2020. https://pcpress.rs/ransomware-napad-nahrvatsku-naftnu-kompaniju-ina/.
Дерикоњић, Мирослава. 2021. “„Тикток” изазов као позив на самоубиство.” poslednji pristup 03.03.2021. http://www.politika.rs/scc/clanak/471881/Tiktokizazov-kao-poziv-na-samoubistvo.
FBI. n.d. “Business Email Compromise.” Accessed March 27, 2021. https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/businessemail-compromise.
Georgiev, Deyan. 2021. “41 Stunning BYOD Stats and Facts to Know in 2020.” poslednji pristup 01.04.2021. https://techjury.net/blog/byod/.
HIPAA Journal. 2021. “PHI of More Than 100,000 Elara Caring Patients Potentially Compromised in Phishing Attack.” poslednji pristup 31.03.2021. https://www.hipaajournal.com/phi-of-more-than-100000-elara-caring-patientspotentially-compromised-in-phishing-attack/.
IC3. 2019. “Business Email Compromise The $26 Billion Scam.” poslednji pristup 18.03.2021. https://www.ic3.gov/Media/Y2019/PSA190910.
ЈП Пошта Србије. 2021. „Упозорење - злоупотреба симбола Поште Србије.” poslednji pristup 09.04.2021. https://www.posta.rs/cir/info/vestdetaljnije.aspx?ID=7028.
kaspersky. 2019. “What Is a Whaling Attack?” poslednji pristup 01.04.2021. https://www.kaspersky.com/resource-center/definitions/what-is-a-whaling-attack.
Kassner, Michael. n.d. “Create a Security Culture Framework to Protect against Threats.” Accessed April 4, 2020. https://www.techrepublic.com/article/create-asecurity-culture-framework-to-protect-against-threats/.
Kleinman, Zoe. 2020. “Therapy Patients Blackmailed for Cash after Clinic Data Breach.” poslednji pristup 03.04.2020. https://www.bbc.com/news/technology-54692120.
McKenzie, Lindsay. 2019. “Hackers Demand $2 Million From Monroe.” poslednji pristup 17.03.2021. https://www.insidehighered.com/news/2019/07/15/hackers-demand-2-millionmonroe-college-ransomware-attack.
Milovanović, Zoran, and Radovan Radovanović. 2015. “ Informacionobezbednosna kultura - imperativ savremenog društva.” NBP – Journal of Criminalistics and Law XX (3): 45–65.
Mroczkowska, Agnieszka. 2021. “What Is a Mobile App? | App Development Basics for Businesses.” poslednji pristup 10.04.2021. https://www.thedroidsonroids.com/blog/what-is-a-mobile-app-app-developmentbasics-for-businesses.
Nacionalni CERT Republike Srbije. 2021. „Phishing kampanja za korisnike poštanskih usluga.” poslednji pristup 10.04.2021.
O’Brien, Jim. 2020. “DHL and Viber SMS Scams to Watch Out.” poslednji pristup 04.01.2021. https://techbuzzireland.com/2020/02/28/dhl-viber-scams-smsphishing/.
Orehek, Špela, and Gregor Petrič. 2020. “A Systematic Review of Scales for Measuring Information Security Culture.” Information and Computer Security. https://doi.org/10.1108/ICS-12-2019-0140.
Osborne, Charlie. 2020. “Barnes & Noble Confirms Cyberattack, Ransomware Group Leaks Allegedly Stolen Data.” poslednji pristup 31.03.2021. https://www.zdnet.com/article/barnes-noble-confirms-cyberattack-customer-databreach/.
Research and Markets. 2020. “Worldwide Industry for IoT Middleware to 2025 - Manufacturing Expected to Have High Potential Growth.” poslednji pristup 31.03.2021. https://www.globenewswire.com/newsrelease/2020/12/21/2148872/0/en/Worldwide-Industry-for-IoT-Middleware-to-2025-Manufacturing-Expected-to-Have-High-Potential-Growth.html.
Riley, Duncan. 2020. “Foxconn Plant in Mexico Struck in DoppelPaymer Ransomware Attack.” 31.03.2021. https://siliconangle.com/2020/12/08/foxconnplant-mexico-struck-dopplepaymer-ransomware-attack/
Roer, Kai. 2015. Build a Security Culture. Ely, Cambridgeshire: IT Governance Publishing.
Singha, Rajiv. 2021. “Beware of the WhatsApp Scam That Promises Free Adidas Shoes!” poslednji pristup 04.01.2021. https://blogs.quickheal.com/bewareadidas-scam-whatsapp1/
Smith, Adam. 2021. “WhatsApp Gift Scams From Fake Amazon and Adidas Websites Spread on International Women’s Day.” poslednji pristup 01.04.2021. https://www.independent.co.uk/life-style/gadgets-and-tech/whatsapp-gift-scaminternational-women-day-amazon-adidas-b1814003.html.
Solms, Rossouw Von, and Johan Van Niekerk. 2013. “From Information Security to Cyber Security.” Computers and Security XXXVIII (2013): 97–102. https://doi.org/10.1016/j.cose.2013.04.004.
Soni, Aakash. 2017. “6 Advantages Of BYOD In The Classroom.” Poslednji pristup 01.04.2021. https://elearningindustry.com/byod-in-the-classroom-6-advantages.
Stallings, William. 2018. Effective Cybersecurity: A Guide to Using Best Practices and Standards. 1st ed. Boston: Addison-Wesley Professional.
Stallings, William, and Lawrie Brown. 2018. Computer Security: Principles and Practice. 4th ed. New York: Pearson Education Limited.
The European Union Agency for Cybersecurity. 2020a. “ENISA Threat Landscape 2020 - Phishing.” https://www.enisa.europa.eu/publications/phishing/at_download/fullReport.
The European Union Agency for Cybersecurity. 2020b. “ENISA Threat Landscape 2020 - Ransomware.” https://www.enisa.europa.eu/publications/ransomware.
The Roer Group. 2014a. “Metrics – What to Measure, Why and How.” poslednji pristup 03.04.2021. https://securitycultureframework.net/metrics-what-tomeasure-why-and-how/.
The Roer Group. 2014b. “Topics Module.” poslednji pristup 03.04.2021. https://securitycultureframework.net/topics-module/.
Veiga, Adéle da, Liudmila V. Astakhova, Adéle Botha, and Marlien Herselman. 2020. “Defining Organisational Information Security Culture—Perspectives from Academia and Industry.” Computers and Security 92: 101713. https://doi.org/10.1016/j.cose.2020.101713.
Verizon. 2020. “2020 Data Breach Investigations Report.” https://enterprise.verizon.com/resources/reports/2020-data-breach-investigationsreport.pdf.
Vesić, Slavimir Lj. 2016. „Progresivne Web aplikacije - Između nativnih i mobilnih Web aplikacija.” InfoM MMXVI (60): 43–49.
Waggoner, John, and Andy Markowitz. 2021. “Beware of Robocalls, Texts and Emails Promising COVID-19 Cures or Stimulus Payments.” poslednji pristup 17.03.2021. https://www.aarp.org/money/scams-fraud/info-2020/coronavirus.html.
Zimmermann, Verena, and Karen Renaud. 2019. “Moving from a ‘human-asProblem” to a ‘human-as-Solution” Cybersecurity Mindset.” International Journal of Human Computer Studies CXXXI (November): 169–87. https://doi.org/10.1016/j.ijhcs.2019.05.005.
