Further Strategy Analysis of Cybersecurity Incidents

J 2021

Further Strategy Analysis of Cybersecurity Incidents

SZÁDECZKY, Tamás, Zsolt BEDERNA a Zoltan RAJNAI

Základní údaje

Originální název

Further Strategy Analysis of Cybersecurity Incidents

Autoři

SZÁDECZKY, Tamás (348 Maďarsko, garant, domácí), Zsolt BEDERNA a Zoltan RAJNAI

Vydání

Land Forces Academy Review, 2021, 2247-840X

Další údaje

Jazyk

angličtina

Typ výsledku

Článek v odborném periodiku

Obor

50501 Law

Stát vydavatele

Polsko

Utajení

není předmětem státního či obchodního tajemství

Odkazy

URL

Kód RIV

RIV/00216224:14220/21:00124490

Organizační jednotka

Právnická fakulta

DOI

http://dx.doi.org/10.2478/raft-2021-0032

Klíčová slova anglicky

cybersecurity; incidents

Změněno: 5. 4. 2022 22:20, JUDr. Jakub Klodwig

Anotace

V originále

In current socio-economic processes, info-communication services play a determining role, modifying the activities of certain actors. The growing dependence that has developed over the past two decades has imposed the need to give political will to security, which has led to an iterative evolution of the regulatory environment. Therefore, the regulatory framework requires certain entities to develop safeguards including controls that enhance both prevention and response in a manner commensurate with the business value of the information to be protected. However, due to the nature of cybersecurity, developing such countermeasures is not the task of a standalone organization but all entities in cyberspace in a wide range, from individuals to the public sector. Therefore, each entity involved must design protection capabilities in a manner commensurate with the risk, which requires strategic tools and methods and drives organizations to learn from their security incidents. Following our previous paper “Business strategy analysis of cybersecurity incidents” (Bederna et al.) on the topic, this paper reviews the essential formal security strategy formulation tools applied in the cases of Yahoo! and Estonia. Both are based on publicly available information. The analysis confirms the importance of managements’ or the government’s attitude and support for solving cybersecurity challenges.

Návaznosti

EF16_019/0000822, projekt VaV

Název: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Citovat

SZÁDECZKY, Tamás, Zsolt BEDERNA a Zoltan RAJNAI. Further Strategy Analysis of Cybersecurity Incidents. Land Forces Academy Review. 2021, roč. 26, č. 3, s. 251-260. ISSN 2247-840X. Dostupné z: https://dx.doi.org/10.2478/raft-2021-0032.

@article{1845300,
   author = {Szádeczky, Tamás and Bederna, Zsolt and Rajnai, Zoltan},
   article_number = {3},
   doi = {http://dx.doi.org/10.2478/raft-2021-0032},
   keywords = {cybersecurity; incidents},
   language = {eng},
   issn = {2247-840X},
   journal = {Land Forces Academy Review},
   title = {Further Strategy Analysis of Cybersecurity Incidents},
   url = {https://www.sciendo.com/article/10.2478/raft-2021-0032},
   volume = {26},
   year = {2021}
}

TY  - JOUR
ID  - 1845300
AU  - Szádeczky, Tamás - Bederna, Zsolt - Rajnai, Zoltan
PY  - 2021
TI  - Further Strategy Analysis of Cybersecurity Incidents
JF  - Land Forces Academy Review
VL  - 26
IS  - 3
SP  - 251-260
EP  - 251-260
SN  - 2247840X
KW  - cybersecurity
KW  - incidents
UR  - https://www.sciendo.com/article/10.2478/raft-2021-0032
N2  - In current socio-economic processes, info-communication services play a determining role, modifying the activities of certain actors. The growing dependence that has developed over the past two decades has imposed the need to give political will to security, which has led to an iterative evolution of the regulatory environment. Therefore, the regulatory framework requires certain entities to develop safeguards including controls that enhance both prevention and response in a manner commensurate with the business value of the information to be protected. However, due to the nature of cybersecurity, developing such countermeasures is not the task of a standalone organization but all entities in cyberspace in a wide range, from individuals to the public sector. Therefore, each entity involved must design protection capabilities in a manner commensurate with the risk, which requires strategic tools and methods and drives organizations to learn from their security incidents. Following our previous paper “Business strategy analysis of cybersecurity incidents” (Bederna et al.) on the topic, this paper reviews the essential formal security strategy formulation tools applied in the cases of Yahoo! and Estonia. Both are based on publicly available information. The analysis confirms the importance of managements’ or the government’s attitude and support for solving cybersecurity challenges.
ER  -

SZÁDECZKY, Tamás, Zsolt BEDERNA a Zoltan RAJNAI. Further Strategy Analysis of Cybersecurity Incidents. \textit{Land Forces Academy Review}. 2021, roč.~26, č.~3, s.~251-260. ISSN~2247-840X. Dostupné z: https://dx.doi.org/10.2478/raft-2021-0032.

Podrobný výpis o publikaci