Graeme Horsman,Andrew Dodd

DOI: https://doi.org/10.1016/j.fsidi.2024.301840

IF: 1.805

2024-10-12

Forensic Science International Digital Investigation

Abstract:Those practising in the field of digital forensics must be competent to conduct the work they carry out, and such competence must also be evidenced and assessed. Those seeking to demonstrate staff competence must consider what tasks and roles it is being sought for, how it is achieved, what is an acceptable level of performance for a task, and how to evidence and assess any claimed competence. This work intends to explore the multifaceted nature of competence within the field of digital forensics, examining how it is developed, assessed, and maintained in an era characterised by continuous technological advancement. Discussions are also linked to the requirements defined in the accreditation framework ISO/IEC 17025:2017 which governs the digital forensic landscape in England and Wales. We hope to contribute to the ongoing discourse on elevating standards and fostering excellence in the science of digital forensics.

computer science, information systems, interdisciplinary applications

Issam Taqafi,Yassine Maleh,Karim Ouazzane

DOI: https://doi.org/10.1080/07366981.2023.2159047

2022-12-30

EDPACS

Abstract:Owning a Security Operation Center (SOC) is becoming increasingly common for organizations as part of their cybersecurity strategy to ensure near-real-time detection and adequately respond to cyber-attack engaging the SOC's humans, technology, and processes. However, SOC investments only sometimes achieve the best possible outcomes and only provide an acceptable protection level in some cases due to the challenges related to the technologies, processes and especially the human factor. This paper proposes a new practical maturity framework for Security Operation Center. This will serve as a roadmap for IT auditors and security experts when they evaluate the maturity of a security operation center in terms of safeguarding the assets of the company, its partners, and its clients.

Muhammed Ahmed Saleh,Siti Hajar Othman,Arafat Al-Dhaqm,Mahmoud Ahmad Al-Khasawneh

DOI: https://doi.org/10.48550/arXiv.2108.05576

2021-08-12

Computers and Society

Abstract:Internet of Things Forensics (IoTFs) is a new discipline in digital forensics science used in the detection, acquisition, preservation, rebuilding, analyzing, and the presentation of evidence from IoT environments. IoTFs discipline still suffers from several issues and challenges that have in the recent past been documented. For example, heterogeneity of IoT infrastructures has mainly been a key challenge. The heterogeneity of the IoT infrastructures makes the IoTFs very complex, and ambiguous among various forensic domain. This paper aims to propose a common investigation processes for IoTFs using the metamodeling method called Common Investigation Process Model (CIPM) for IoTFs. The proposed CIPM consists of four common investigation processes: i) preparation process, ii) collection process, iii) analysis process and iv) final report process. The proposed CIPM can assist IoTFs users to facilitate, manage, and organize the investigation tasks.

Mahsa Mohseni

DOI: https://doi.org/10.48550/arXiv.1303.0468

2013-03-03

Abstract:The purpose of this study is proposing a model to determine the gaps between security standards requirements and the reality of implementation ISMS. The research approach analyzes the various industry standards relevant to information security and responses gained from interviewing with 45 individuals of IT professionals and information security experts (who are chosen with targeted sampling) in order to develop a model comprising factors and subfactors which assesses compliance with ISMS (Information Security Management System) in organizations. For hypothesis test, binomial test and for ranking of factors and sub factors, Friedman test was done. This model tested in a bank and the degree of compliance with ISMS calculated.

Computers and Society

Cyril Onwubiko,Karim Ouazzane

DOI: https://doi.org/10.22619/IJCSA.2019.100124

2022-02-08

Abstract:The increasing dependency of modern society on IT systems and infrastructures for essential services (e.g. internet banking, vehicular network, health-IT, etc.) coupled with the growing number of cyber incidents and security vulnerabilities have made Cyber Security Operations Centre (CSOC) undoubtedly vital. As such security operations monitoring is now an integral part of most business operations. SOCs (used interchangeably as CSOCs) are responsible for continuously and protectively monitoring business services, IT systems and infrastructures to identify vulnerabilities, detect cyber-attacks, security breaches, policy violations, and to respond to cyber incidents swiftly. They must also ensure that security events and alerts are triaged and analysed, while coordinating and managing cyber incidents to resolution. Because SOCs are vital, it is also necessary that SOCs are effective. But unfortunately, the effectiveness of SOCs are a widespread concern and a focus of boundless debate. In this paper, we identify and discuss some of the pertinent challenges to building an effective SOC. We investigate some of the factors contributing to the inefficiencies in SOCs and explain some of the challenges they face. Further, we provide and prioritise recommendations to addressing the identified issues.

Cryptography and Security,Social and Information Networks

Fotis Kitsios,Elpiniki Chatzidimitriou,Maria Kamariotou

DOI: https://doi.org/10.3390/su14031269

IF: 3.9

2022-01-24

Sustainability

Abstract:Organizations must be committed to ensuring the confidentiality, availability, and integrity of the information in their possession to manage legal and regulatory obligations and to maintain trusted business relationships. Information security management systems (ISMSs) support companies to better deal with information security risks and cyber-attacks. Although there are many different approaches to successfully implementing an ISMS in a company, the most important and time-consuming part of establishing an ISMS is a risk assessment. The purpose of this paper was to develop a risk assessment framework that a company followed in the information technology sector to conduct the risk assessment process to comply with International Organization for Standardization (ISO) 27001. The findings analyze the conditions that force organizations to invest in protecting information and the benefits they can derive from this process. In particular, the paper delves into a multinational IT consulting services company that undertakes and implements large business support installation and customization projects. It explains the risk assessment process and the management of the necessary configurations so that its functions are acceptable and in line with information security standards. Finally, it presents the difficulties and challenges encountered.

environmental sciences,environmental studies,green & sustainable science & technology

Moses Ashawa,Ali Mansour,Jackie Riley,Jude Osamor,Nsikak Pius Owoh

DOI: https://doi.org/10.37256/ccds.5120233845

2023-12-25

Cloud Computing and Data Science

Abstract:The significance of the cloud environment is growing in the current digital world. It provides several advantages, such as reduced expenses, the ability to adjust to different needs, adaptability and enhanced cooperation. The field of digital forensic investigations has encountered substantial difficulties in reconciling the requirement for efficient data analysis with the increasing apprehensions regarding privacy in recent times. As investigators analyse digital evidence to unearth crucial information, they must also traverse an intricate network of privacy rules and regulations. Given the increasing prevalence of remote work and the necessity for businesses to be adaptable and quick to react to shifting market circumstances, the cloud infrastructure has become a crucial asset for organisations of various scales. Although the cloud offers benefits such as scalability, flexibility and enhanced collaboration, it presents difficulties in digital forensic investigations regarding data protection, ownership and jurisdictional boundaries. These concerns are becoming increasingly significant as more data is kept in the cloud. In this paper, we present three major challenges that are faced during cloud-based forensics investigation. We analyse the extent to which different data formats increase complexity in forensics investigations in cyberspace. This paper analyses three core challenges facing digital forensics in the cloud environment: legitimacy, complexity and an increase in data volume, looking at the implications these have on data liable for legal issues in court. These challenges contribute to the backlog in digital forensics investigations due to a lack of modularisation of the procedures. To address these concerns, modularisation model is proposed to offer a way to integrate traditional processing functions while ensuring strict adherence to privacy protocols. To overcome these challenges, we propose modularisation as a strategy for improving the future of digital forensic research's operational efficiency, overcoming the identified challenges faced during cloud-based investigations and demonstrating how organisations can mitigate potential risks associated with storing sensitive information in the cloud.

Kitsios,Chatzidimitriou,Kamariotou

DOI: https://doi.org/10.3390/su15075828

IF: 3.9

2023-03-28

Sustainability

Abstract:In order to handle their regulatory and legal responsibilities and to retain trustworthy strategic partnerships, enterprises need to be dedicated to guaranteeing the privacy, accessibility, and authenticity of the data at their disposal. Companies can become more resilient in the face of information security threats and cyberattacks by effectively integrating security strategies. The goal of this article is to describe a plan that a corporation has implemented in the information technology industry in order to ensure compliance with International Organization for Standardization (ISO) 27001. This research demonstrates an examination of the reasons that force enterprises to make a investment in ISO 27001 in addition to the incentives that might be acquired from having undergone this process. In addition, the research examines the reasons that push firms to make an investment in ISO 27001. More particularly, the research investigates an international IT consulting services institution that is responsible for the implementation of large-scale business assistance insertion and projects. It demonstrates the risk management framework and the administrative structure of the appropriate situations so that its procedures are adequate and also in line with the guidelines founded by ISO 27001. In conclusion, it discusses the problems and difficulties that were experienced.

environmental sciences,environmental studies,green & sustainable science & technology

Amar Y. El-Bably,Amar Yasser El-Bably

DOI: https://doi.org/10.26735/wlpw6121

2021-06-01

Journal of Information Security and Cybercrimes Research

Abstract:Information security is the practice of protecting information by mitigating the risk of cyber-attack, and typically includes preventing or reducing the possibility of unauthorized/inappropriate access to data, unlawful use, disclosure, disruption. This concept of information security covers as well various procedures aiming at minimizing the negative effects of such incidents and threats. These threats might be originated from the human behavior which may lead to a wide damage of the organization data assets. Thus, the primary focus of information security is on the balanced protection of confidentiality, integrity and availability of data while maintaining an effective use of the organizations' systems. International standards related to information security such as ISO/IEC 27001 emphasis on effective implementation of the information security policies and applications without hampering the productivity of the organization. This research seeks to draw a set of practical rules to be established within an organization to preserve cybersecurity objectives and protect dada specifically from human errors incidents. The drawn rules are based on ISO/IEC 27001 and its application within organizations will rise the employee’s awareness about their behavior to reduce the impact of such incidents on the organization' systems and data.

Mauro Barni,Patrizio Campisi,Edward J. Delp,Gwenael Doërr,Jessica Fridrich,Nasir Memon,Fernando Pérez-González,Anderson Rocha,Luisa Verdoliva,Min Wu

2023-09-21

Abstract:Information Forensics and Security (IFS) is an active R&D area whose goal is to ensure that people use devices, data, and intellectual properties for authorized purposes and to facilitate the gathering of solid evidence to hold perpetrators accountable. For over a quarter century since the 1990s, the IFS research area has grown tremendously to address the societal needs of the digital information era. The IEEE Signal Processing Society (SPS) has emerged as an important hub and leader in this area, and the article below celebrates some landmark technical contributions. In particular, we highlight the major technological advances on some selected focus areas in the field developed in the last 25 years from the research community and present future trends.

Cryptography and Security,Computer Vision and Pattern Recognition

Knut Haufe,Ricardo Colomo-Palacios,Srdan Dzombeta,Knud Brandis,Vladimir Stantchev

DOI: https://doi.org/10.12821/ijispm040402

2022-02-02

International Journal of Information Systems and Project Management

Abstract:Securing sensitive organizational data has become increasingly vital to organizations. An Information Security Management System (ISMS) is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security. Key elements of the operation of an ISMS are ISMS processes. However, and in spite of its importance, an ISMS process framework with a description of ISMS processes and their interaction as well as the interaction with other management processes is not available in the literature. Cost benefit analysis of information security investments regarding single measures protecting information and ISMS processes are not in the focus of current research, mostly focused on economics. This article aims to fill this research gap by proposing such an ISMS process framework as the main contribution. It is based on a set of agreed upon ISMS processes in existing standards like ISO 27000 series, COBIT and ITIL. Within the framework, identified processes are described and their interaction and interfaces are specified. This framework helps to focus on the operation of the ISMS, instead of focusing on measures and controls. By this, as a main finding, the systemic character of the ISMS consisting of processes and the perception of relevant roles of the ISMS is strengthened.

Ahmed MohanRaj Alenezi

DOI: https://doi.org/10.48550/arXiv.2305.03059

2023-05-03

Cryptography and Security

Abstract:Digital forensics and cloud forensics are increasingly important fields that face a range of challenges. This study aims to assess the general challenges faced in these fields. A literature review was conducted to identify the major challenges in digital and cloud forensics, including data acquisition, data analysis, data preservation, privacy concerns, and legal issues. The challenges were analyzed in detail, considering the reasons why they are challenges, the impact they have on digital and cloud forensics, and any potential solutions. The study concludes that the challenges faced in digital and cloud forensics are significant and varied, and that addressing these challenges is critical for the effective and efficient use of digital and cloud forensics in investigations. This study provides a valuable overview of the current state of digital and cloud forensic challenges and can help guide future research in this important field.

Ming Hock Yew,Jenson Goh

DOI: https://doi.org/10.48550/arXiv.1606.03546

2016-06-11

Computers and Society

Abstract:This case study introduces a four step approach used by a Singapore small and medium enterprise (SME) in implementing a cloud computing based integrated management system (IMS) to meet the ISO 9001, ISO 14001, and OHSAS 18001 certification requirements. The objectives of this case study are to study: (1) the challenges encountered by an SME during the IMS integration process at each of the four levels of integration (2) the extent which Frugal IT Innovation and Technology Acceptance Model (TAM3) concepts apply to our four step approach. The four step approach was assessed against a framework of four integration levels of the management systems (MS), and also the applicability of two IS theories (Frugal IT Innovation and TAM3). Data was collected via: (1) direct observations (2) participant observations; (3) interviews with key personnel involved in the project; and (4) analysis of documents pertaining to the project. This case study provides an exemplary model on using IS theories and public cloud technologies to develop an effective IMS that other SMEs can learn from.

Heru Susanto,Mohammad Nabil Almunawar,Yong Chee Tuan

DOI: https://doi.org/10.48550/arXiv.1203.6622

2012-03-29

Abstract:Security is a hot issue to be discussed, ranging from business activities, correspondence, banking and financial activities; it requires prudence and high precision. Since information security has a very important role in supporting activities of the organization, we need a standard or benchmark which regulates governance over information security. The main objective of this paper is to implement a novel practical approach framework to the development of information security management system (ISMS) assessment and monitoring software, called by I-SolFramework. System / software is expected to assist stakeholders in assessing the level of their ISO27001 compliance readiness, the software could help stakeholders understood security control or called by compliance parameters, being shorter, more structured, high precision and measured forecasting.

Cryptography and Security,Software Engineering

George Grispos,William Bradley Glisson,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.48550/arXiv.1708.05374

2017-08-17

Cryptography and Security

Abstract:The synthesis of technology and the medical industry has partly contributed to the increasing interest in Medical Cyber-Physical Systems (MCPS). While these systems provide benefits to patients and professionals, they also introduce new attack vectors for malicious actors (e.g. financially-and/or criminally-motivated actors). A successful breach involving a MCPS can impact patient data and system availability. The complexity and operating requirements of a MCPS complicates digital investigations. Coupling this information with the potentially vast amounts of information that a MCPS produces and/or has access to is generating discussions on, not only, how to compromise these systems but, more importantly, how to investigate these systems. The paper proposes the integration of forensics principles and concepts into the design and development of a MCPS to strengthen an organization's investigative posture. The framework sets the foundation for future research in the refinement of specific solutions for MCPS investigations.

Abdullah Mujawib Alashjaee,Fahad Alqahtani

DOI: https://doi.org/10.1109/access.2024.3369604

IF: 3.9

2024-03-02

IEEE Access

Abstract:Secure storage model for digital forensics represents essential progress in the domain, addressing the major problems associated with protecting and maintaining digital evidence. This method employs recent encryption systems and optimal key generation methods to ensure the confidentiality and integrity of data throughout the investigative process. Cloud forensics is an intelligent development of digital forensics to be preserved against online hacking. But, centralized evidence gathered and preservation reduces the reliability of digital evidence. The architecture for digital forensics in an Infrastructure as a Service (IaaS) cloud platform is a crucial structure intended to simplify the collection and protection of evidence while preserving the integrity and origin of digital objects within cloud-based methods. This architecture integrates numerous modules and methods to address the exclusive tasks modeled by cloud computing (CC) environments in the framework of forensic investigations. This paper develops a new digital forensic architecture utilizing the Authentication with Optimal Key Generation Encryption (DFA-AOKGE) technique. The main intention of the DFA-AOKGE method is to use a BC-distributed design to allocate data between numerous peers for data collection and safe storage. Additionally, the DFA-AOKGE model uses the Secure Block Verification Mechanism (SBVM) for the authentication procedure. Also, the secret keys can be produced by the usage of the Enhanced Equilibrium Optimizer (EEO) model. Furthermore, the encryption of the data takes place using a multikey homomorphic encryption (MHE) approach and is then saved in the cloud server. The simulation value of the DFA-AOKGE methodology takes place in terms of different aspects. The simulation results exhibited that the DFA-AOKGE system shows prominent performance over other recent approaches in terms of different measures.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jorge Ribeiro,Victor Alves,Henrique Vicente,José Neves

DOI: https://doi.org/10.1007/978-3-319-91334-6_2

2018-06-03

Abstract:Over the past few decades many different Information Technologies (IT) policies have been introduced, including COSO, ITIL, PMBook, CMM, ISO 2700x, Six Sigma, being COBIT IT (Control Objectives for IT) the framework that encompasses all IT and Information Systems (IS) governance activities at the organization’s level. As part of the applicability of quality services certification (ISO 9001) in all IT services of a public institution, it is presented a case study aimed at planning, managing and monitoring technological security infrastructures. It followed the guidelines for the ISO 2700x family, COBIT, ITIL and other standards and conducted a survey to complement the IT process’s objectives. With regard to an action-research methodology for problem-solving (i.e., a kind of attempt to improve or investigate practice) and according to the issue under analyze, the question is put into the terms, viz. “How can the ISO 2700x, COBIT, ITIL and other guidelines help with the planning, management and monitoring of technological security infrastructures and minimize the risk management of IT and IS?”. Indeed, it may be resolved that it is possible to achieve the goals of planning, managing and monitoring a technological security infrastructure. In the future, we will use Artificial Intelligence based approaches to problem solving such as Artificial Neural Networks and Cased Based Reasoning, to evaluate this issue.

Alan Gillies

DOI: https://doi.org/10.1108/17542731111139455

2011-06-14

The TQM Journal

Abstract:Purpose The ISO27001 standard provides a model for “establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS)”. This paper seeks to consider the global adoption of the ISO27000 series of standards, and to compare them with the adoption rates for ISO9000 and ISO14000. The paper aims to compare the barriers to adoption for the different standards. Design/methodology/approach Previous studies suggest that ISO27001 adoption is slower than for the other standards. The uptake of ISO27001 has been slower than the related management system standards ISO9001 and ISO14001, with approximately half the certifications compared with ISO14001. In response to the issues raised in this analysis, the paper considers how an approach based on a maturity model can be used to help overcome these barriers, especially in smaller companies. Findings The 2008 survey of ISO27001‐certificated companies found that 50 per cent of the certificated organisations which responded had fewer than 200 employees, and were therefore in the SME category. Perhaps more surprisingly, around half of these had fewer than 50 employees The framework has used the ISO27002 code of practice to define the elements, which should be considered within the ISMS. Each element is then developed through a maturity model lifecycle to develop processes to the point where an ISO27001‐compliant ISMS can be implemented. Originality/value The principal contribution of the paper is a step‐by‐step framework designed to simplify the process for organisations working towards ISO27001 and offer significant benefits at milestones before systems are mature enough to achieve certification.

Oluwaseun Oladeji Olaniyi,Olajide Oyebola Omogoroye,Folashade Gloria Olaniyi,Adegbenga Ismaila Alao,Tunbosun Oyewale Oladoyinbo

DOI: https://doi.org/10.9734/jerr/2024/v26i61160

2024-05-04

Journal of Engineering Research and Reports

Abstract:This research paper explores the integration of Enterprise Risk Management (ERM), the ISO 27001 standard, and mobile forensics methodologies as a comprehensive framework for enhancing digital security measures within modern business ecosystems. Employing a quantitative research design, this paper utilized a survey methodology, gathering data from 372 professionals across various sectors including risk management, IT/security, and forensic analysis. The analysis was conducted using Partial Least Squares Structural Equation Modeling (PLS-SEM) to test the research hypotheses and assess the impact of the integrated approach on organizational digital security capabilities. The findings reveal a significant positive effect of integrating ERM, ISO 27001, and mobile forensics on an organization’s ability to manage digital risks effectively. Specifically, the integrated approach was found to enhance strategic digital security management, improve the identification, assessment, and mitigation of digital risks, strengthen information security management practices, and elevate the effectiveness and efficiency of digital crime investigation processes. These outcomes underscore the value of a cohesive strategy that leverages the strengths of ERM, ISO 27001, and mobile forensics in addressing the complex and interconnected digital threat landscape. Based on the results, the study recommends adopting a holistic security framework, investing in continuous professional development, leveraging technological advancements for proactive security management, and fostering a culture of security and collaboration. Such measures are crucial for organizations aiming to enhance their resilience against cyber threats and protect their digital assets in the face of sophisticated cyber-attacks. This research contributes to the field of cybersecurity by providing empirical evidence on the benefits of an integrated approach to digital security, offering practical guidelines for organizations seeking to improve their digital security measures, and highlighting the need for continuous adaptation and collaboration in the fight against cyber threats.

R Tatiara,A N Fajar,B Siregar,W Gunawan

DOI: https://doi.org/10.1088/1742-6596/978/1/012039

2018-03-01

Journal of Physics: Conference Series

Abstract:The purpose of this research is to determine multi factors that inhibiting the implementation of the ISMS based on ISO 2700. It is also to propose a follow-up recommendation on the factors that inhibit the implementation of the ISMS. Data collection is derived from questionnaires to 182 respondents from users in data center operation (DCO) at bca, Indonesian telecommunication international (telin), and data centre division at Indonesian Ministry of Health. We analysing data collection with multiple linear regression analysis and paired t-test. The results are multiple factors which inhibiting the implementation of the ISMS from the three organizations which has implement and operate the ISMS, ISMS documentation management, and continual improvement. From this research, we concluded that the processes of implementation in ISMS is the necessity of the role of all parties in succeeding the implementation of the ISMS continuously.