Ejiofor Oluomachi,Akinsola Ahmed,Wahab Ahmed,Edozie Samson

DOI: https://doi.org/10.29322/IJSRP.14.02.2023.p14610

2024-04-17

Abstract:This article assesses the effectiveness of current cybersecurity regulations and policies in the United States amidst the escalating frequency and sophistication of cyber threats. The focus is on the comprehensive framework established by the U.S. government, with a spotlight on the National Institute of Standards and Technology (NIST) Cybersecurity Framework and key regulations such as HIPAA, GLBA, FISMA, CISA, CCPA, and the DOD Cybersecurity Maturity Model Certification. The study evaluates the impact of these regulations on different sectors and analyzes trends in cybercrime data from 2000 to 2022. The findings highlight the challenges, successes, and the need for continuous adaptation in the face of evolving cyber threats

Cryptography and Security,Computers and Society

Elizabeth A Mumford,Poulami Maitra,Emily F Rothman,Jackie Sheridan-Johnson

DOI: https://doi.org/10.1089/cyber.2023.0147

Abstract:There has been limited examination of the phenomenon of the victim-offender overlap in the field of technology-facilitated abuse (TFA). To design effective strategies to prevent TFA, it is important to understand which individuals are most at risk of victimization, perpetration, and to what extent a subset of people both experience victimization and engage in perpetration. This study drew on Cyber-Abuse Research Initiative (CARI) data, a nationally representative U.S. sample of adults ages 18-35. TFA measurement consisted of parallel scales for victimization and perpetration, each with 27 items assessing forms of technology-facilitated surveillance, monitoring/tracking, interference/communications, reputational harm, controlling/limiting access, and fraud. A bivariate probit of TFA perpetration and TFA victimization, as separate outcomes, was fit to allow for joint estimation of regression coefficients and robust standard errors. Analyses confirmed that TFA, similar to other forms of interpersonal aggression, is characterized by a substantial victim-offender overlap, with 30 percent of the sample reporting involvement both as a victim and as a perpetrator. Internet/social media use and social isolation did not distinguish victimization and perpetration. However, positive and negative affect as well as Lesbian, Gay, Bisexual, Queer, Asexual, or other sexual orientation (LGBQA+) were positively correlated with victimization, whereas female gender and having postsecondary education were positively associated with perpetration. These results may be used to design interventions and anticipate service needs. TFA, as a new topic of research, should capitalize on the theoretical and empirical article related to other forms of the victim-offender overlap.

Matthew Lemanski

DOI: https://doi.org/10.48550/arXiv.1512.06317

2015-12-20

Abstract:The recent passing of the Cybersecurity Information Sharing Act of 2015 introduces a new framework for information sharing between private and US government entities with the expressed intent to identify cybersecurity threats. This is the latest in a series of similar bills that have been introduced to Congress over the last several years. While each of the previous standalone bills were defeated following widespread public resistance, the latest edition was included as an amendment to the United States' 2016 spending bill. This means that any dissenting congressmen unwilling to pass the spending bill with the CISA rider would be willing to risk another government shutdown due to the inability to come to terms on the budget measures. This paper seeks to explore the potential impacts of the measures introduced or enabled by CISA, and consider the formalization of digital privacy rights in an increasingly online and monitored world.

Cryptography and Security,Computers and Society

Tessa Cole

DOI: https://doi.org/10.1108/jfc-10-2022-0261

2023-01-14

Journal of Financial Crime

Abstract:Purpose The criminalization of online financial fraud is examined by analyzing the existing literature, policies and state statutes within the context of the cybercrime ecosystem. Therefore, this paper aims to investigate online fraud policies within the USA and the prevalence of such incidents to explore the effectiveness of current fraud policies. Design/methodology/approach This examination explores policies related to online fraud within the USA by defining online financial fraud incidents within the context of the cybercrime ecosystem and analyzing such incidents with routine activities theory to emphasize the current legislative inadequacies with provisional policy recommendations. Findings This research suggests online financial fraud is not unanimously conceptualized among regulating or criminal institutions. Although federal regulators have governed financial institutions, federal institutions have failed to account for the capabilities of computer-mediated and technological device use (12 USC §1829). Research limitations/implications The limited research analyzing the effectiveness of guardianship that prevents or deters internet-mitigated or dependent financial fraud crimes. Practical implications Policy recommendations include but are not limited to mandating federal and privatized financial institutions to disclose all fraudulent activity to all stakeholders (e.g. customers and local and federal criminal justice agencies). Originality/value This paper provides an innovative approach using a criminological theory and policy framework to examine the prevalence of online fraud and the regulations enacted to counteract such violations.

DOI: https://doi.org/10.54060/a2zjournals.jase.42

2024-01-01

Abstract:Due to the quick development of technology, the digital age has brought with it ad-vantages never before seen, but it has also opened the door to a flood of new cyber security concerns. This study offers detailed analysis of the cyber threat environment in the digital era along with suggestions for doable protective measures. The report outlines a number of cyber threats, including malware, phishing scams, ransomware, and insider threats. It looks at the continually evolving tactics employed by cyber-criminals, such as social engineering, zero-day flaws, and sophisticated persistent threats. The growing hazards associated with cutting-edge technology, such as the Internet of Things (IoT), cloud computing, and artificial intelligence, are also exam-ined. The importance of a multi-layered security strategy to counter these attacks is emphasized in the article. Among the important preventative measures that are presented are robust network security, secure coding methodologies, user awareness training, encryption, access controls, and incident response planning. It also high-lights how crucial it is for people, businesses, and governments to collaborate in or-der to confront cyber risks. By using the recommended solutions and promoting a culture of cyber security awareness, people and organizations may navigate the dig-ital age with confidence and protect themselves from the continuously evolving environment of cyber risks.

Naeem Allah Rakha

DOI: https://doi.org/10.22201/iij.24485306e.2024.2.18892

2024-02-07

Mexican Law Review

Abstract:A lack of standards and regulations for handling digital evidence is impeding its admissibility in court proceedings. This article addresses the challenges of digital forensics in criminal investigations due to the rise of cybercrime. The literature existing studies on digital forensics, legal frameworks, and cybercrime is reviewed in order to find possible solutions. The results demonstrate the importance of collaboration between the legal and technological sectors in developing standardized norms and processes for digital evidence collection and processing. The findings also highlight the importance of digital forensics in criminal investigations and the need for a robust legal framework to combat cybercrime effectively. This note emphasizes the vital significance of digital forensics in criminal investigations and the need to develop standardized rules and procedures for the management of digital evidence. The recommendations presented in this article may assist policymakers and law enforcement authorities in designing legal framework capable of effectively confronting cybercrime.

Kaspar Rosager Ludvigsen,Shishir Nagaraja,Angela Daly

DOI: https://doi.org/10.48550/arXiv.2207.00295

2022-07-01

Abstract:Computational Law has begun taking the role in society which has been predicted for some time. Automated decision-making and systems which assist users are now used in various jurisdictions, but with this maturity come certain caveats. Computational Law exists on the platforms which enable it, in this case digital systems, which means that it inherits the same flaws. Cybersecurity addresses these potential weaknesses. In this paper we go through known issues and discuss them in the various levels, from design to the physical realm. We also look at machine-learning specific adversarial problems. Additionally, we make certain considerations regarding computational law and existing and future legislation. Finally, we present three recommendations which are necessary for computational law to function globally, and which follow ideas in safety and security engineering. As indicated, we find that computational law must seriously consider that not only does it face the same risks as other types of software and computer systems, but that failures within it may cause financial or physical damage, as well as injustice. Consequences of Computational Legal systems failing are greater than if they were merely software and hardware. If the system employs machine-learning, it must take note of the very specific dangers which this brings, of which data poisoning is the classic example. Computational law must also be explicitly legislated for, which we show is not the case currently in the EU, and this is also true for the cybersecurity aspects that will be relevant to it. But there is great hope in EU's proposed AI Act, which makes an important attempt at taking the specific problems which Computational Law bring into the legal sphere. Our recommendations for Computational Law and Cybersecurity are: Accommodation of threats, adequate use, and that humans remain in the centre of their deployment.

Computers and Society,Cryptography and Security

Patricia R Recupero

Abstract:Forensic psychiatrists in the 21st century can expect to encounter technology-related social problems for which existing legal remedies are limited. In addition to the inadequate protection of adolescents using social media as outlined by Costello et al., current laws are often poorly suited to remedy problems such as cyberharassment, sexting among minors, and the publication of threatening or harmful communications online. Throughout history, technological developments have often preceded the introduction of new laws or the careful revision of existing laws. This pattern is evident in many of the newer social problems that involve technology, including cyberbullying, online impersonation, and revenge porn. As specialists working at the intersection of human behavior and the law, forensic psychiatrists are uniquely situated to help legal professionals and others understand the impact of internet-related problematic behaviors on victims and, perhaps, to assist in the development of new legal remedies that are better tailored to our increasingly digital society.

Li Adik Aleksandrovich

DOI: https://doi.org/10.59022/ujldp.92

2023-06-30

Abstract:This article explores the legal and regulatory aspects of cyber law in the digital age. It examines the challenges and issues related to data privacy and security and analyzes the existing legal frameworks for addressing cyber law issues. The article also proposes strategies for enhancing cyber law and legal protections in the digital sphere. Through critical analysis, it discusses the practical and legal implications of cyber law and explores policy considerations for the future. The study emphasizes the importance of robust cyber law regulations to ensure a secure and trustworthy digital environment.

DOI: https://doi.org/10.33140/aurdp.01.01.02

2024-02-27

Abstract:Background: Cyber Security is to protect online data and software from cyber threats. These cyberattacks are typically intended to gain access to, change, or delete sensitive information; extort money from users; or disrupt regular corporate activities. It is difficult to keep up a regular follow up with new technologies, so it is necessary to keep the important data safe from cyber threats. There are many types of cyber threats, malware, ransomware, social engineering, phishing etc. To prevent cyber-attacks one can, use password manager tools like LastPass and others. People also use two factor authentication for double security on their accounts. Methods: Boards such as the National Institute of Standards and Technology (NIST) are developing frameworks to assist firms in understanding their security risks, improving cybersecurity procedures, and preventing cyber assaults. The fight against cybercrimes and attack, organizations needed a strong base there are 5 types of cyber securities: Critical Infrastructure Security, application security, network security, cloud security and (IoT) Security. In the modern time the US is highly based on computers and on different software, so it is really important for the US to be more conscious about the security as they get many threats almost every day for hacking their data and accounts. Results and Conclusion: Nowadays, even small businesses rarely recover their loss from the cyber-attacks and many back-off from continuing their businesses after being target of hackers. The first cybercrime attack was recorded in 1988 by a graduate student. Now that large companies and even small businesses are aware of cyber-attacks, they try their best to take every precaution to prevent hacking with double security and password manager tools.

Ahmed Sleem,

DOI: https://doi.org/10.54216/jcim.100204

2022-01-01

Journal of Cybersecurity and Information Management

Abstract:The digital age has ushered in a new era of connectivity and opportunity. However, it has also made us more vulnerable to cyber threats. In recent years, we have seen a rise in the number and sophistication of cyberattacks. These attacks can have a devastating impact on businesses, governments, and individuals. This paper provides a comprehensive overview of cybersecurity threats and countermeasures. It begins by discussing the different types of cybersecurity threats, including malware, phishing, denial-of-service attacks, and data breaches. The paper then discusses the different types of cybersecurity countermeasures, including firewalls, antivirus software, and intrusion detection systems. The paper concludes by discussing strategies for mitigating risks in the digital age including 1) Investing in cybersecurity solutions, 2) Educating employees about cybersecurity best practices, and 3) Having a plan in place to respond to cyberattacks. By following these strategies, businesses, governments, and individuals can help to protect themselves from cyber threats.

Gregory Falco,Eric Rosenbach

DOI: https://doi.org/10.1093/oso/9780197526545.003.0004

2021-11-18

Abstract:The question “What do I need to know about cyber frameworks, standards, and laws?” distills the complex landscape of cyber risk laws, requirements, and standards. The chapter begins with a case study on Nielsen Holdings’ legal and business trouble with the European General Data Protection Regulation (GDPR). It distinguishes compliance from security—explaining how readers can achieve both—and clarifies the dynamic, complex legal landscape in a world of ever-evolving cyber risk. It reviews legislation relating to cyber risk including the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GBLA), the Federal Information Security Management Act (FISMA), and GDPR. The chapter describes the importance of adopting the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework, creating a cyber policy/act/law/regulation “watch list” and purchasing cyber insurance. At the chapter’s end Falco shares Embedded Endurance strategy insight from his experience leading a team developing a cyber standard of care.

S. Nakkeeran,Dr. Dharamveer Singh

DOI: https://doi.org/10.29070/vjj00g84

2024-09-03

Journal of Advances and Scholarly Researches in Allied Education

Abstract:The rise of cybercrime has been a major problem for countries, businesses, and people all around the world. The purpose of this study is to shed light on the difficulties in enforcing laws against cybercrime in India and to highlight the critical need for such a framework in order to stem the tide of this rapidly expanding threat. There has been an upsurge in cybercrime in India in recent years. The fact that it has such a detrimental effect on people's social and economic life makes it a very worrying issue. Data from cybercrime cases prosecuted in India's most susceptible states and cities under the IT Act and the Indian Penal Code formed the basis of our study. In addition, we have examined the data of cybercrime instances perpetrated by individuals of varying ages. In addition to outlining the many reasons for cybercrime and the crimes themselves, this article also provides crucial recommendations on how to reduce cybercrime. Both the investigation and punishment of cybercriminals and the general deterrent against cybercrimes are weakened by these obstacles. To tackle the unique problems posed by cybercrime in India, this study acknowledges the need of a thorough legislative framework and suggests important components that should be included in the laws.

Clara Pettoello-Mantovani

DOI: https://doi.org/10.32996/ijlps.2024.6.2.2

2024-03-03

International Journal of Law and Politics Studies

Abstract:In our interconnected society, crime persists, demanding joint efforts by national and international authorities to detect, prevent, and prosecute criminal activities. Jurisprudential evolution mandates lawmakers to possess a comprehensive legal vision, adapting laws to changing social contexts and emerging criminal methods, especially in technology, including computer technology and Artificial Intelligence (AI). This article comments on the escalating vulnerability of sovereign states and their economies to cyber-attacks. The radical evolution of computer systems has led to new modes of aggression, targeting not only traditional legal assets but also individuals familiar with advanced technology. The emergence of "cyberwarfare" prompts inquiries into potential categorizations within international legal frameworks. Recent global conflicts highlight the potential classification of cyber-attacks on critical infrastructure as war crimes or acts of aggression, urging the International Criminal Court (ICC) to consider incorporating cybercrimes into its core interests. While normative references may lack in existing conventions, the Martens Clause emphasizes treating attacks using technology as equivalent to conventional means. Article 51 of the United Nations Charter implies that cyber weapons could be deemed equivalent to conventional weapons under international law. The article stresses the importance of education and advanced training for legal personnel skilled in identifying cybercrime perpetrators, challenging the ICC to recruit or train individuals with the necessary legal and technical expertise for effective cybersecurity responses. The article briefly explores challenges in conceptualizing and categorizing cybercrimes within existing legal frameworks. The intersection of law and technology necessitates harmonious collaboration between legal and technical experts, acknowledging the intricate web of cyberspace and the implications of cyber threats on global stability and security. In conclusion, the article advocates a fundamental shift in the approach to justice, recognizing the ICC's imperative evolution in addressing cybercrimes. Integrating cybercrimes into the ICC's purview aligns with international law principles, emphasizing the equivalence of cyber weapons to conventional arms. Collaboration between legal and technical experts is essential in navigating the complexities of cybercrimes, ensuring accountability, and upholding justice in the digital age. The article concludes by highlighting the proactive role of the ICC in shaping the future of global justice amid emerging cyber threats.

Sadikov Ruslan

DOI: https://doi.org/10.59022/ijlp.59

2023-07-09

International Journal of Law and Policy

Abstract:Abstract This article examines the challenges and opportunities faced by legal professionals in the digital age, focusing on the impact of technological innovations, cyber-security and data protection issues, and ethical considerations in legal practice. The rapid evolution of technology has transformed the legal landscape, with artificial intelligence and machine learning streamlining legal services, and block-chain and smart contracts reshaping the way legal professionals conduct their work. However, these advancements also raise concerns surrounding data privacy, security, and ethical obligations. Legal professionals must navigate complex data protection regulations, such as the GDPR and the California Consumer Privacy Act, to ensure compliance and protect their clients' data. The article discusses the importance of data privacy and security in legal practice and the measures that legal professionals need to take to comply with these regulations. Furthermore, the article analyzes the balance between technology adoption and ethical obligations in the legal profession, exploring the challenges of maintaining the attorney-client relationship and ensuring access to justice in a digital world. The article provides a comprehensive analysis of the challenges and opportunities presented by technological advancements in legal practice, proposing potential improvements and recommendations for legal professionals and regulatory bodies to navigate the digital landscape effectively. It also highlights the implications for policymakers and the future of the legal profession, suggesting future research directions in the field of legal practice and the legal profession in the cyber age.

Jason R. C. Nurse

DOI: https://doi.org/10.48550/arXiv.1811.06624

2018-11-15

Cryptography and Security

Abstract:Cybercrime is a significant challenge to society, but it can be particularly harmful to the individuals who become victims. This chapter engages in a comprehensive and topical analysis of the cybercrimes that target individuals. It also examines the motivation of criminals that perpetrate such attacks and the key human factors and psychological aspects that help to make cybercriminals successful. Key areas assessed include social engineering (e.g., phishing, romance scams, catfishing), online harassment (e.g., cyberbullying, trolling, revenge porn, hate crimes), identity-related crimes (e.g., identity theft, doxing), hacking (e.g., malware, cryptojacking, account hacking), and denial-of-service crimes. As a part of its contribution, the chapter introduces a summary taxonomy of cybercrimes against individuals and a case for why they will continue to occur if concerted interdisciplinary efforts are not pursued.

Stacey B. Steinberg

DOI: https://doi.org/10.25172/smulr.77.2.8

2024-01-01

Abstract:Digital technology has changed the landscape young people face as they come of age. It has changed how children interact with their parents, schools, community organizations, and the state. Despite many benefits, digital technologies that employ data collection, algorithms, and artificial intelligence pose significant risks for the next generation. Private businesses can collect, use, and sell a child’s data in ways never imagined by their families. Information collected by third parties with good intentions can be stolen through data breaches. Through faulty algorithms, websites can make inaccurate assumptions about young people’s interests, teachers can make inaccurate assumptions about a student’s potential achievement, and the state can make inaccurate assumptions about a child’s risk to engage in criminal activity. It can also feed young people information that is harmful to their physical or psychological well-being. Meanwhile, current efforts in the United States that promise to protect children online threaten to undermine their right to privacy. United States federal and state laws are ill-equipped to truly offer children online privacy protections. There are few legal remedies available to young people whose data is used in malicious ways. The remedies that do exist are insufficient to simultaneously safeguard children while respecting privacy as young people mature. To that end, this Article seeks to explore how current laws centered on children’s online protection are inadequate, and why the obsession with keeping young people safe online often curtails their need for agency and autonomy. It offers a cogent path forward to guide federal and state policymakers as they update children’s online privacy protection law.

Paul Benjamin Lowry,Clay Posey,Rebecca J. Bennett,Tom L. Roberts,Rebecca Becky J. Bennett

DOI: https://doi.org/10.1111/isj.12063

IF: 7.767

2015-02-24

Information Systems Journal

Abstract:Research shows that organisational efforts to protect their information assets from employee security threats do not always reach their full potential and may actually encourage the behaviours they attempt to thwart, such as reactive computer abuse (CA). To better understand this dilemma, we use fairness theory (FT) and reactance theory (RT) to explain why employees may blame organisations for and retaliate against enhanced information security policies (ISPs). We tested our model with 553 working professionals and found support for most of it. Our results show that organisational trust can decrease reactive CA. FT suggests that explanation adequacy (EA) is an important factor that builds trust after an event. Our results also suggest that trust both fully mediates the relationship between EA and CA and partially mediates the relationship between perceived freedom restrictions related to enhanced ISPs and reactive CA. EA also had a strong negative relationship with freedom restrictions. Moreover, organisational security education, training and awareness (SETA) initiatives decreased the perceptions of external control and freedom restrictions and increased EA, and advance notification of changes increased EA. We also included 14 control variables and rival explanations to determine with more confidence what drove reactive CA in our context. Notably, the deterrence theory (DT)‐based constructs of sanction severity, certainty and celerity had no significant influence on reactive CA. We provide support for the importance of respectful communication efforts and SETA programmes, coupled with maximising employee rights and promoting trust and fairness to decrease reactive CA. These efforts can protect organisations from falling victim to their own organisational security efforts.

information science & library science

YAN Yi-zhou

DOI: https://doi.org/10.3969/j.issn.1008-7729.2007.03.016

2007-01-01

Abstract:With the popularization of computers and networks,it has become more and more convenient and rapid for people to exchange information.At the same time,cybercrime has become more and more complicated and harmful.What worries people is that because the establishment of legal system lags behind,there is a short- age in legislation to convict a few late-model criminal acts in returns the phenomenon unable but leaning on back to existence networks.The author tries to analyses several kinds of main cybercriminal acts and makes an approach to a few the matter of legislation for cybercrime.

Mary Ellen O’Connell,M. E. O'Connell

DOI: https://doi.org/10.1093/jcsl/krs017

2012-07-01

Journal of Conflict and Security Law

Abstract:Which government agency should have primary responsibility for the Internet? The USA seems to have decided this question in favour of the military—the US military today has the largest concentration of expertise and legal authority with respect to cyberspace. Those in the legal community who support this development are divided as to the appropriate legal rules to guide the military in its oversight of the Internet. Specialists on the international law on the use of force argue that with analogy and interpretation, current international law can be applied in a way that allows great freedom without sending the message that the USA is acting lawlessly when it comes to the Internet. Others reject this argument as unnecessary and potentially too restrictive. The USA need not observe international law rules, especially not with respect to the Internet. The way forward is to follow the Cold War strategy of threatening enemies with overwhelming force and preparing to act on these threats. This article also questions the application of international law on the use of force to the Internet. Rather than rejecting international law in general, however, the thesis here is that international law rules governing economic activity and communications are the relevant ones for activity on the Internet. Moving away from military analogy in general and Cold War deterrence in particular, will result in the identification and application of rules with a far better chance of keeping the Internet open and safer for all.

English Else