Yurij Klapkiv,Lyubov Klapkiv

DOI: https://doi.org/10.12955/CBUP.V6.1163

2018-09-24

CBU International Conference Proceedings

Abstract:The problem of fast-rising cyber-risks become very important in the era of the Fourth Industrial Revolution. Cyber-risks cause not only high losses but also break the chain of economic relations between companies and their customers. Besides, cyber risks change their form and structure rapidly, so the tools of risk management must be adequate. That is why the problem of cyber-risk identification and assessment has gotten attention and become so actual. The purpose of this study is to outline new approaches to identifying and estimating cyber-risks based on the dates of the World International Property Organization (WIPO).  In order to conduct our study, we will use various tools and techniques such as: citation analysis, cluster analysis, and visualization. We have analyzed the patent information from the groups of “Electric digital data processing”, “Transmission of digital information” and data processing systems or methods, specially adapted for financial purposes. In our findings, we analyze the technical and economic significance of patents.Our work has led us to conclude that the number of methods of cyber risk identification that were the objects of applications granted by WIPO has a strong connection with the number of cyber-attacks from 2010 to 2017. That is why the innovative methods that were granted have a wide spectrum of influence and could be used in different stages of risk management. We selected patents that based on cyber risk identification and assessment from the data of WIPO and divided these patents into clusters. This helps us in understanding the trends and characters of innovative activities directed to successful management of cyber risks.

Computer Science,Law

Paulo Shakarian,Jana Shakarian,Andrew Ruef

DOI: https://doi.org/10.48550/arXiv.1309.6450

2013-09-25

Cryptography and Security

Abstract:Along with the USA and Russia, China is often considered one of the leading cyber-powers in the world. In this excerpt, we explore how Chinese military thought, developed in the 1990s, influenced their cyber-operations in the early 2000s. In particular, we examine the ideas of "Unrestricted Warfare" and "Active Offense" and discuss how they can permit for the theft of intellectual property. We then specifically look at how the case study of Operation Aurora, a cyber-operation directed against many major U.S. technology and defense firms, reflects some of these ideas.

Puya Pakshad

DOI: https://doi.org/10.4018/979-8-3373-0588-2.ch013

2024-12-10

Abstract:Nation-sponsored cyberattacks pose a significant threat to national security by targeting critical infrastructure and disrupting essential services. One of the most impactful cyber threats affecting South Korea's banking sector and infrastructure was the DarkSeoul cyberattack, which occurred several years ago. Believed to have been orchestrated by North Korean state-sponsored hackers, the attack employed spear phishing, DNS poisoning, and malware to compromise systems, causing widespread disruption. In this paper, we conduct an in-depth analysis of the DarkSeoul attack, examining the techniques used and providing insights and defense recommendations for the global cybersecurity community. The motivations behind the attack are explored, along with an assessment of South Korea's response and the broader implications for cybersecurity policy. Our analysis highlights the vulnerabilities exploited and underscores the need for more proactive defenses against state-sponsored cyber threats. This paper emphasizes the critical need for stronger national cybersecurity defenses in the face of such threats.

Cryptography and Security,Software Engineering

Jonathan W. Z. Lim,Vrizlynn L. L. Thing

DOI: https://doi.org/10.48550/arXiv.2211.09524

2022-11-17

Abstract:Cybercrimes are on the rise, in part due to technological advancements, as well as increased avenues of exploitation. Sophisticated threat actors are leveraging on such advancements to execute their malicious intentions. The increase in cybercrimes is prevalent, and it seems unlikely that they can be easily eradicated. A more serious concern is that the community may come to accept the notion that this will become the trend. As such, the key question revolves around how we can reduce cybercrime in this evolving landscape. In our paper, we propose to build a systematic framework through the lens of a cyber threat actor. We explore the motivation factors behind the crimes and the crime stages of the threat actors. We then formulate intervention plans so as to discourage the act of committing malicious cyber activities and also aim to integrate ex-cyber offenders back into society.

Cryptography and Security,Computers and Society

V Ignat

DOI: https://doi.org/10.1088/1757-899x/147/1/012105

2016-08-01

IOP Conference Series: Materials Science and Engineering

Abstract:Advanced industrial countries are affected by technology theft. German industry annually loses more than 50 billion euros. The main causes are industrial espionage and fraudulent copying patents and industrial products. Many Asian countries are profiteering saving up to 65% of production costs. Most affected are small medium enterprises, who do not have sufficient economic power to assert themselves against some powerful countries. International organizations, such as Interpol and World Customs Organization - WCO - work together to combat international economic crime. Several methods of protection can be achieved by registering patents or specific technical methods for recognition of product originality. They have developed more suitable protection, like Hologram, magnetic stripe, barcode, CE marking, digital watermarks, DNA or Nano-technologies, security labels, radio frequency identification, micro color codes, matrix code, cryptographic encodings. The automotive industry has developed the method "Manufactures against Product Piracy". A sticker on the package features original products and it uses a Data Matrix verifiable barcode. The code can be recorded with a smartphone camera. The smartphone is connected via Internet to a database, where the identification numbers of the original parts are stored.

English Else

Atif Ahmad,Sean B. Maynard,Sameen Motahhir,Moneer Alshaikh

DOI: https://doi.org/10.48550/arXiv.2103.14838

2021-03-27

Cryptography and Security

Abstract:Case-based learning is a powerful pedagogical method of creating dialogue between theory and practice. CBL is particularly suited to executive learning as it instigates critical discussion and draws out relevant experiences. In this paper we used a real-world case to teach Information Security Management to students in Management Information Systems. The real-world case is described in a legal indictment, T-mobile USA Inc v Huawei Device USA Inc. and Huawei Technologies Co. LTD, alleging theft of intellectual property and breaches of contract concerning confidentiality and disclosure of sensitive information. The incident scenario is interesting as it relates to a business asset that has both digital and physical components that has been compromised through an unconventional cyber-physical attack facilitated by insiders. The scenario sparked an interesting debate among students about the scope and definition of security incidents, the role and structure of the security unit, the utility of compliance-based approaches to security, and the inadequate use of threat intelligence in modern security strategies.

DOI: https://doi.org/10.33140/aurdp.01.01.02

2024-02-27

Abstract:Background: Cyber Security is to protect online data and software from cyber threats. These cyberattacks are typically intended to gain access to, change, or delete sensitive information; extort money from users; or disrupt regular corporate activities. It is difficult to keep up a regular follow up with new technologies, so it is necessary to keep the important data safe from cyber threats. There are many types of cyber threats, malware, ransomware, social engineering, phishing etc. To prevent cyber-attacks one can, use password manager tools like LastPass and others. People also use two factor authentication for double security on their accounts. Methods: Boards such as the National Institute of Standards and Technology (NIST) are developing frameworks to assist firms in understanding their security risks, improving cybersecurity procedures, and preventing cyber assaults. The fight against cybercrimes and attack, organizations needed a strong base there are 5 types of cyber securities: Critical Infrastructure Security, application security, network security, cloud security and (IoT) Security. In the modern time the US is highly based on computers and on different software, so it is really important for the US to be more conscious about the security as they get many threats almost every day for hacking their data and accounts. Results and Conclusion: Nowadays, even small businesses rarely recover their loss from the cyber-attacks and many back-off from continuing their businesses after being target of hackers. The first cybercrime attack was recorded in 1988 by a graduate student. Now that large companies and even small businesses are aware of cyber-attacks, they try their best to take every precaution to prevent hacking with double security and password manager tools.

Marshall S. Rich

DOI: https://doi.org/10.3390/analytics2030035

2023-08-11

Analytics

Abstract:The rapid proliferation of cyberthreats necessitates a robust understanding of their evolution and associated tactics, as found in this study. A longitudinal analysis of these threats was conducted, utilizing a six-year data set obtained from a deception network, which emphasized its significance in the study’s primary aim: the exhaustive exploration of the tactics and strategies utilized by cybercriminals and how these tactics and techniques evolved in sophistication and target specificity over time. Different cyberattack instances were dissected and interpreted, with the patterns behind target selection shown. The focus was on unveiling patterns behind target selection and highlighting recurring techniques and emerging trends. The study’s methodological design incorporated data preprocessing, exploratory data analysis, clustering and anomaly detection, temporal analysis, and cross-referencing. The validation process underscored the reliability and robustness of the findings, providing evidence of increasingly sophisticated, targeted cyberattacks. The work identified three distinct network traffic behavior clusters and temporal attack patterns. A validated scoring mechanism provided a benchmark for network anomalies, applicable for predictive analysis and facilitating comparative study of network behaviors. This benchmarking aids organizations in proactively identifying and responding to potential threats. The study significantly contributed to the cybersecurity discourse, offering insights that could guide the development of more effective defense strategies. The need for further investigation into the nature of detected anomalies was acknowledged, advocating for continuous research and proactive defense strategies in the face of the constantly evolving landscape of cyberthreats.

M. M. Zaporozhchenko,

DOI: https://doi.org/10.31673/2412-4338.2023.015360

2023-01-01

Telecommunication and information technologies

Abstract:In recent years, there has been a trend towards an increase in the number of cyber attacks on organizations and individual users. In many cases, a key factor in the implementation of an information security incident is the attacker's effective preparation for a cyber attack: target selection, reconnaissance, i.e. obtaining any information that may be needed when planning an attack, weaponization based on discovered defense mechanisms, software and hardware, etc. and delivery, i.e. choosing how the malware will reach the victim and what steps will be required to activate it further. Having a significant amount of important and critical information for the organization from the point of view of ensuring security provides the attacker with the opportunity to choose the optimal attack scenario and significantly increases the chances of its success. The problem is that today's OSINT methods and tools allow you to find almost any information that is not protected in a real way, which significantly increases the risks, especially for organizations that find it difficult to control all the information that their employees post on social networks, disclose in interviews or accidentally enters the Internet. However, most intelligence tools are not only available to attackers, so ethical hackers and penetration testers can also use OSINT tools to examine an organization's vulnerabilities and improve its defenses before attackers exploit those vulnerabilities. The article examines the main methods of intelligence based on open sources, considers the most common and most often used OSINT tools, describes the life cycle of a cyber attack and defines the stages that require the use of OSINT tools when conducting an audit of the organization's information security and penetration tests.

Leandros Maglaras,Mohamed Amine Ferrag,Abdelouahid Derhab,Mithun Mukherjee,Helge Janicke,Stylianos Rallis

DOI: https://doi.org/10.48550/arXiv.1901.03899

2019-01-13

Abstract:As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keeping

Cryptography and Security

Md Abdur Rauf,,Md Majadul Islam Jim,Md Mahfuzur Rahman,Md Tariquzzaman,,,

DOI: https://doi.org/10.62304/ijse.v1i04.184

2024-07-16

Abstract:The rapid advancement of technology and the increasing complexity of global supply chains have heightened the need for robust intellectual property (IP) risk management strategies. This study explores the application of artificial intelligence (AI) and big data analytics in enhancing IP risk management within supply chains. A comprehensive literature review was conducted using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) methodology, identifying 578 records through database searches and an additional 90 records through other sources. After removing duplicates, 568 records were screened, with 196 full-text articles assessed for eligibility. Ultimately, 135 articles were included in the final synthesis. The findings reveal that AI-driven predictive analytics significantly enhance the detection and mitigation of IP risks by analyzing large volumes of data from various sources, such as patent filings, market trends, and social media. Big data analytics tools like Hadoop and Spark facilitate real-time monitoring and early identification of potential IP threats, providing a comprehensive view of the supply chain landscape. Several successful case studies across different industries, including pharmaceuticals, electronics, and fashion, demonstrate the practical applications of these technologies in addressing IP risks. However, the review also highlights several challenges, including data quality, scalability, model interpretability, data privacy, and integration with legacy systems. Despite these challenges, the benefits of AI and big data analytics in IP risk management are substantial, enabling organizations to protect their intellectual assets more effectively. The study underscores the need for future research to address these challenges and explore innovative solutions to maximize the potential of AI and big data analytics in IP risk management. By investing in the necessary infrastructure and expertise, organizations can enhance their resilience and maintain a competitive edge in the global market.

Sarah Sharifi

2023-01-23

Abstract:The Internet and cyberspace are inseparable aspects of everyone's life. Cyberspace is a concept that describes widespread, interconnected, and online digital technology. Cyberspace refers to the online world that is separate from everyday reality. Since the internet is a recent advance in human lives, there are many unknown and unpredictable aspects to it that sometimes can be catastrophic to users in financial aspects, high-tech industry, and healthcare. Cybersecurity failures are usually caused by human errors or their lack of knowledge. According to the International Business Machines Corporation (IBM) X-Force Threat Intelligence Index in 2020, around 8.5 billion records were compromised in 2019 due to failures of insiders, which is an increase of more than 200 percent compared to the compromised records in 2018. In another survey performed by the Ernst and Young Global Information Security during 2018-2019, it is reported that 34% of the organizations stated that employees who are inattentive or do not have the necessary knowledge are the principal vulnerabilities of cybersecurity, and 22% of the organizations indicated that phishing is the main threat to them. Inattentive users are one of the reasons for data breaches and cyberattacks. The National Cyber Security Centre (NCSC) in the United Kingdom observed that 23.2 million users who were victims of cybersecurity attacks used a carelessly selected password, which is 123456, as their account password. The Annual Cybersecurity Report published by Cisco in 2018 announced that phishing and spear phishing emails are the root causes of many cybersecurity attacks in recent years. Hence, enhancing the cybersecurity behaviors of both personal users and organizations can protect vulnerable users from cyber threats. Both human factors and technological aspects of cybersecurity should be addressed in organizations for a safer environment.

Human-Computer Interaction,Cryptography and Security

Wei Chen,Jianhui Yin,Ye Tian,Haixu Shang,Yuan Li

DOI: https://doi.org/10.1371/journal.pone.0307026

IF: 3.7

2024-08-07

PLoS ONE

Abstract:This study examines the role of intellectual property protection (IPP) in enhancing radical technological innovation (RTI) within national research project teams, using an innovation-driven theory and an ability-motivation-opportunity (AMO) perspective. This study utilizes a sample of 336 national research project team members from various Chinese universities, research institutes, and corporations to analyze the theoretical model. Additionally, a two-stage hybrid partial least squares structural equation modeling (PLS-SEM) approach, combined with artificial neural network techniques (ANN), is employed to evaluate the hypotheses. The empirical findings of this study reveal a positive association between the intensity of IPP and RTI within national research project teams. Research and development investment intensity (R&DII) is identified as the primary predictor, while integrated leadership (IL) and group potential (GP) play crucial moderating roles. These groundbreaking findings extend the scope of innovation-driven and AMO theories, providing a proactive model for national research project teams to propose improvements to the IPP system, ultimately enhancing the realization of RTI.

Tianxiang Dai,Philipp Jeitner,Haya Shulman,Michael Waidner

DOI: https://doi.org/10.48550/arXiv.2205.05473

2022-05-11

Cryptography and Security

Abstract:Internet resources form the basic fabric of the digital society. They provide the fundamental platform for digital services and assets, e.g., for critical infrastructures, financial services, government. Whoever controls that fabric effectively controls the digital society. In this work we demonstrate that the current practices of Internet resources management, of IP addresses, domains, certificates and virtual platforms are insecure. Over long periods of time adversaries can maintain control over Internet resources which they do not own and perform stealthy manipulations, leading to devastating attacks. We show that network adversaries can take over and manipulate at least 68% of the assigned IPv4 address space as well as 31% of the top Alexa domains. We demonstrate such attacks by hijacking the accounts associated with the digital resources. For hijacking the accounts we launch off-path DNS cache poisoning attacks, to redirect the password recovery link to the adversarial hosts. We then demonstrate that the adversaries can manipulate the resources associated with these accounts. We find all the tested providers vulnerable to our attacks. We recommend mitigations for blocking the attacks that we present in this work. Nevertheless, the countermeasures cannot solve the fundamental problem - the management of the Internet resources should be revised to ensure that applying transactions cannot be done so easily and stealthily as is currently possible.

Ding Wei,Wang Yongwen,Wang Yangyuan

2007-01-01

Abstract:In this paper we first analyze the importance of intellectual property (IP) to the integrated circuit IP industry at the industry and firm level. Using detailed data of United States Patent & Trademark Office's (USPTO) database; we find that some countries which own advanced IC technology all have large quantity of IPs, especially invention patents. And successful IC firms in the world mostly benefit massively from IP. In the second section, we trace the history of the world IC industry IP protection, which indicates that the IP and its protection are becoming more and more crucial to the IC industry. Nevertheless, there are fewer independent IPs in China IC industry comparing with some advanced countries; with the development of China IC firms, some overseas firms begin to attack them by patent litigation. China IC industry is now confronted with a troublesome predicament and improvement of the IP is one of the most vital strategic actions for China IC industry. Based on this situation, we propose to establish "Preproduction alliance" for strengthening radical innovation and developing independent IPs of the whole country. Corresponding to different kinds of attacks from oversea firms, we expatiate on several measures to be free or infringements and countermeasures to cope with litigations, which is of great significance for IC firms.

Pawee Jenweeranon

DOI: https://doi.org/10.1515/ajle-2017-0001

2017-08-01

Asian Journal of Law and Economics

Abstract:Abstract The patent assertion entity (PAE) which known as “the world, particularly severe impact in the US Specifically, in 2013, the report entitled “Patent Assertion and US Innovation” issued by the National Economic Council and Council of Economic Advisers of the US clearly reflected the significant harm of patent assertion toward the economic development of the country. Moreover, the Congress of the United States planned to reconsider the Innovation Act for combating PAEs at the beginning of May. The ongoing discussion in the Congress implies that analyzing the 2015 proposed Innovation Act is important for finding appropriate solutions to solve the remaining problem regarding the abuse of patent litigation in the US, specifically, Patent Trolling activity costs the US economy billions of dollars per year. The IT industry is the main target of patent trollers, briefly, due to the standard for considering the eligibility criteria for a software patent is still weak. Admittedly, many legal scholars believe that the proposed bill will be the significant tool for solving the abuse of patent litigation. For this reason, this research will analyze the major provisions in the proposed bill. Additionally, related cases in the US also will be addressed in this research, for instance, the case between Octane Fitness, LLC and ICON Health & Fitness, Inc. which will be discussed herein. This paper will define the concept of the patent assertion or patent troll and examine the relationship with IT industry. The paper will then clarify the significant role of the Innovation Act 2015 in the patent assertion. Further, this thesis will compare the major provisions of the Innovation Bill 2015 by separating into five main issues with the regulatory framework in Japan and Taiwan, study the rules which were laid down in the landmark cases to understand the court interpretation and propose the suggestion for selected countries to address aforementioned problem. In other words, an analysis of the Patent Assertion Entities situation in Japan and Taiwan will be conducted focusing on the regulatory framework for preventing patent troll and its activities because Japanese and Taiwanese IT Industry normally be targeted by foreign patent trollers. This situation led to the defensive measures issued by the Japanese and Taiwanese government which will be addressed in this paper. A comparative study of the Innovation bill and the domestic laws of Taiwan, Japan, and related factors will be analyzed herein.

Igor Kotenko,Semyon Khmyrov,,

DOI: https://doi.org/10.21681/2311-3456-2022-4-52-79

2022-01-01

Voprosy kiberbezopasnosti

Abstract:Purpose of the paper: analysis of models and techniques used for attribution of cybersecurity violators in the interests of building a promising attribution system in the implementation of targeted attacks against critical information infrastructure objects. Research method: system analysis of open sources of data on the attribution of cyber-violators in the implementation of targeted attacks against critical information infrastructure objects over a period mainly over the last 5 years. The result obtained: based on the consideration of open sources, the paper presents an analysis of the models and techniques used to attribute cyber intruders in the implementation of targeted attacks and used both in scientific and practical projects. The paper analyzes new models used for attribution, allowing the collection of data at the tactical-technical and socio-political levels. The main indicators of ongoing cyber attacks and intruders that are essential for the implementation of attribution processes are identified. The procedure for generating data for profiling cybergroups is considered, as well as the possibility of using the considered models and techniques in the interests of building a promising system for attribution of a cyber intruder in the implementation of targeted attacks against critical information infrastructure objects. The analysis was carried out according to sources over a twentyyear period, meanwhile, the main works under consideration were published in the last 5 years. The analysis does not claim to be complete, but an attempt is made to cover the most significant studies. Scientific novelty lies in the fact that the presented paper is one of the first domestic works that provides a detailed analysis of studies published in recent years in the field of attribution of cyber security violators. Models such as «cyber intrusion chain», «unified cyber intrusion chain», Diamond basic and extended intrusion analysis models, ATT&CK model are considered. Examples of attribution methods for argumentation-based reasoning with evidence at the technical and social levels and the use of technical artifacts to identify false flags in attribution are given. Besides, the paper also lists trends in the usage of modern solutions for detecting and attributing attacks based on artificial intelligence and machine learning.

Shaharyar Khan,Stuart Madnick,Stuart E Madnick

DOI: https://doi.org/10.1109/tdsc.2021.3093214

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Recent cyber-physical attacks, such as Stuxnet, Triton etc., have invoked an ominous realization about the vulnerability of critical infrastructure, including water, power and gas distribution systems. Traditional IT security-biased protection methods that focus on improving cyber hygiene are largely impotent in the face of targeted attacks by advanced cyber-adversaries. Thus, there is an urgent need to analyze the safety and security of critical infrastructure in a holistic fashion, leveraging the physics of the cyber-physical system. System-Theoretic Accident Model & Processes (STAMP) offers a powerful framework to analyze complex systems; hitherto, STAMP has been used extensively to perform safety analyses but an integrated safety and cybersecurity analysis of industrial control systems (ICS) has not been published. This paper uses the electrical generation and distribution system of an archetypal industrial facility to demonstrate the application of a STAMP-based method – called Cybersafety – to identify and mitigate cyber-vulnerabilities in ICS. The key contribution of this work is to differentiate the additional steps required to perform a holistic cybersecurity analysis for an ICS of significant size and complexity and to present the analysis in a structured format that can be emulated for larger systems with many interdependent subsystems.

computer science, information systems, software engineering, hardware & architecture

Victor Wan,Yi Jiming

DOI: https://doi.org/10.1080/20517483.2021.1978679

2021-01-02

Peking University Law Journal

Abstract:At the advent of a new millennium, nations around the world have been challenged by a surge of financial, geopolitical, and environmental crises that informs global societies of an incoming revolution that will reform the socioeconomic order of the modern world. As this new age descends upon us, it is profoundly evident that the future will be defined by our grasp on digital information technologies, the multilateral legal systems that govern them, and the numerous advantages that these systems will afford our societies. The controversial discourse of the Fourth Industrial Revolution, otherwise known as Industry 4.0, imparts an objective truth that the Information Age will present us with substantial systems of technological growth, which accordingly translates to systems of economic expansion. The last several decades of technological development have afforded us with transformative tools in the form of supercomputers, artificial intelligence, information technologies, and a variety of smart devices. Regulating the legal mechanisms that govern the utility and development of these technologies is instrumental to benefitting from the economic prosperity, political strength, and developmental capacities that will follow. This article aims to conduct a comparative legal study of the mechanisms of intellectual property rights protections in their intersection with tort liability structures in the PRC and the USA – two global superpowers at the forefront of both technology and jurisprudence. Analyzing the mechanisms of both countries – particularly with the focus of indirect contributory infringements, intellectual property rights abuse, and structural legal reforms – will provide us with a better understanding of the current state of legal standards in domestic and international governance systems. The study will begin with a bilateral deconstruction of each nation’s intellectual property classifications and protections before engaging in the significant processes of historical legal reform. Subsequently, the article will analyze modern legal interactions between tort liability structures and intellectual property protections while subjecting their current forms against the impeding challenges of technological development as afforded through Industry 4.0. Finally, the article will conclude with an objective view of the future of both nations in the reform of intellectual property law.

DOI: https://doi.org/10.52866/ijcsm.2023.01.01.0019

2023-01-19

Iraqi Journal for Computer Science and Mathematics

Abstract:Today, cybersecurity is considered one of the most noteworthy topics that are circulated frequently among companies in order to protect their data from hacking operations. The emergence of cyberspace contributed to the growth of electronic systems. It is a virtual digital space through which interconnection is established between computers and smartphones connected within the Internet of Things environment. This space is critical in building a safe digital environment free of threats and cybercrime. It is only possible to make a digital environment with the presence of cyberspace, which contains modern technologies that make this environment safe and far from unauthorized individuals. Cybersecurity has a wide range of challenges and obstacles in performance, and it is difficult for companies to face them. In this report, the most significant practices, sound, and good strategies will be studied to stop cybercrime and make a digital environment that guarantees data transfers between electronic devices safely and without the presence of malicious software. This report concluded that the procedures provided by cybersecurity are required and must be taken care of and developed.