Online risks are a concern for citizens in the digital society. Many sectors of the population lack training to face, prevent and solve problematic situations arising from Internet use. University researchers and innovation agents in small towns in southern Spain are carrying out an educational programme of 13 intergenerational workshops to…

In mid-July 2020, the social media site Twitter had over 100 of its most prominent user accounts start to tweet requests to send Bitcoin to specified Bitcoin wallets. The requests promised that the Bitcoin senders would receive their money back doubled, as a gesture of charity amidst the COVID-19 pandemic. The attack appears to have been carried…

Real-life threats are at the root of all possible threats to be encountered on the Internet. All risk headings for the Internet are situations that can be encountered in real life. Therefore, we should pay attention to the risks of the virtual world by learning to use the internet consciously, safely and effectively, and by teaching our children…

While Internet of Things (IoT) devices have increased in popularity and usage, their users have become more susceptible to cyber-attacks, thus emphasizing the need to manage the resulting security risks. However, existing works reveal research gaps in IoT security risk management frameworks where the IoT architecture -- building blocks of the…

ISACA, a non-profit, independent association that advocates for professionals involved in information security, assurance, risk management, and governance, recently updated its IT governance framework, Control Objectives for Information and Related Technology (COBIT). COBIT 2019 presents a logical approach to information technology and policy…

As cyber security attack rates increase, so do cyber security concerns. Cyber security is the collection of tools, policies, security concepts, security measures, risk management approaches, actions, education, applications, security and technologies that can be used in order to protect the cyber environment and user rights. The aim of this study…

Purpose: The information security field requires standardised education. This could be based on generic job profiles and a standard competence framework. The question is whether this is possible and feasible. To find out, the author did a case study: developing an information security master curriculum based on a generic PVIB job profile and the…

As the reported number of data breaches increase and senators push for more disclosure regulation, the SEC "staff" issued a guidance in 2011 on disclosure obligations relating to cybersecurity risks and incidents. More recently, on February 26, 2018 the SEC Commission issued interpretive guidance to help assist public companies prepare…

Employers want applicants with experience, even for entry-level cybersecurity roles. Universities traditionally help students gain cybersecurity experience by hiring them for on-campus jobs or by matching job seekers to employers for off-campus work. A third option is described in this paper in which universities bring external companies on…

The objective of this audit was to determine whether the U.S. Department of Education's (Department) overall information technology (IT) security programs and practices were effective as they relate to Federal information security requirements. In fiscal year (FY) 2020, the focus of the audit was solely on Departmental Systems. This year the focus…

The objective of this audit was to determine whether the U.S. Department of Education's (Department) overall information technology (IT) security programs and practices were effective as they relate to Federal information security requirements. To answer this objective, the Department's performance was rated in accordance with Fiscal Year (FY)…

When the COVID-19 pandemic forced the closure of schools across the nation, many K-12 schools moved from in-person to remote education, increasing their dependence on IT and making them potentially more vulnerable to cyberattacks. Education Facilities, including K-12 schools, is one of the nation's critical infrastructure subsectors. Several…

Background: Internet offers opportunities to people with intellectual disabilities, but it also involves some risks. The aim of this study was to explore these issues considering caregivers and people with intellectual disabilities' perspectives. Materials and Methods: A descriptive, cross-sectional study was conducted. The sample consisted of 77…

This case study follows the security breach that affected Target at the end of 2013 and resulted in the loss of financial data for over 70 million customers. The case provides an overview of the company and describes the reasons that led to one of the biggest security breaches in history. It offers a discussion on Target's vendor management…

Countries in the Gulf represent thriving, globally important commercial centres. They have embraced technology and modern management methods, often originating in the western countries. In adapting to quite different cultures these do not always operate as successfully. The adoption and practices of the Information Security Risk Management (ISRM)…