Data Security and Privacy: Assessment 2, Banking Sector Solutions
VerifiedAdded on 2020/02/18
|12
|2766
|94
Report
AI Summary
This report analyzes the critical need for data security and privacy within the banking sector, emphasizing the importance of confidentiality, integrity, and authenticity of sensitive financial information. It recommends a defense-in-depth security solution, which includes segmenting the banking network using technologies like Unified Threat Management appliances, Fraud detection systems, Network Access control, and Network analyzers to protect against cyber-attacks, fraud, and hacking. The report details the implementation of these technology solutions and the required organizational changes, including updates to security governance policies, hierarchical user access, employee training, and audit processes. The report also highlights the need for robust authentication methods, network monitoring, and physical security measures to ensure comprehensive data protection, along with the importance of employee and customer awareness to mitigate risks such as phishing and social engineering attacks. Finally, the report emphasizes the necessity of change management to facilitate the adoption of these security measures and minimize service disruptions, ultimately aiming to secure the bank's operations and protect its customers' financial data.
Running Head: ASSESSMENT 2- KEEPING DATA PRIVATE 1
ASSESSMENT 2- KEEPING DATA PRIVATE
ASSESSMENT 2- KEEPING DATA PRIVATE
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
ASSESSMENT 2- KEEPING DATA PRIVATE 2
Table of Contents
Executive Summary.........................................................................................................................3
Technology Solution........................................................................................................................3
Organizational Change....................................................................................................................7
Conclusion.......................................................................................................................................9
References......................................................................................................................................10
Table of Contents
Executive Summary.........................................................................................................................3
Technology Solution........................................................................................................................3
Organizational Change....................................................................................................................7
Conclusion.......................................................................................................................................9
References......................................................................................................................................10
ASSESSMENT 2- KEEPING DATA PRIVATE 3
Executive Summary
Ensuring confidentially, integrity and authenticity of the data is the main goal of any
business organization. Organizations like banks hold vital data which consist of customer
financial information, customer personal information, history of financial transaction and other
organizational employee data. Cyber-attacks, frauds, and hacking are the major threats to this
data and hackers put in continuous effort to compromise these data to get financial gains. Thus,
the banks need to employ a strong technology based solutions in order to ensure the security and
privacy of the data. In this report, a defense in depth security solution is recommended for the
bank which provides the security in a layered manner making it more effective. The technology
solution segments the banking network and makes use of devices like Unified Threat
Management appliances, Fraud detection systems, Network Access control and Network
analyzers to ensure that the banking network is safe and secure from these kinds of attacks.
Employing these technology solutions requires changes in the organizational process and thus
requires changes in the organizational policy and employee training. This report explores all
these aspects in more detail.
Technology Solution
An essential entity that keeps organizations like banks to be functional is its data. The
banks hold huge data of customers which comprise of the financial information of customers,
their personal details, their financial transactions, etc. it is thus necessary to ensure security,
privacy, and confidentiality of this data. Since this data contains vital financial information it is
under continuous threat coming from both internal as well as external sources. Some of them are
Executive Summary
Ensuring confidentially, integrity and authenticity of the data is the main goal of any
business organization. Organizations like banks hold vital data which consist of customer
financial information, customer personal information, history of financial transaction and other
organizational employee data. Cyber-attacks, frauds, and hacking are the major threats to this
data and hackers put in continuous effort to compromise these data to get financial gains. Thus,
the banks need to employ a strong technology based solutions in order to ensure the security and
privacy of the data. In this report, a defense in depth security solution is recommended for the
bank which provides the security in a layered manner making it more effective. The technology
solution segments the banking network and makes use of devices like Unified Threat
Management appliances, Fraud detection systems, Network Access control and Network
analyzers to ensure that the banking network is safe and secure from these kinds of attacks.
Employing these technology solutions requires changes in the organizational process and thus
requires changes in the organizational policy and employee training. This report explores all
these aspects in more detail.
Technology Solution
An essential entity that keeps organizations like banks to be functional is its data. The
banks hold huge data of customers which comprise of the financial information of customers,
their personal details, their financial transactions, etc. it is thus necessary to ensure security,
privacy, and confidentiality of this data. Since this data contains vital financial information it is
under continuous threat coming from both internal as well as external sources. Some of them are
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
ASSESSMENT 2- KEEPING DATA PRIVATE 4
the cyber based attacks, hacking of the data for carrying out frauds, ATM Skimming, phishing,
spoofing, etc. Banks need to prepare themselves to counter such attacks and save themselves and
their customer’s money from being dragged into miscreant’s accounts. The security solution
recommended to the Common Wealth Bank thus is to apply the defense in depth approach to
securing the data and the entire premises (Andress, 2014). The defense in depth strategy provides
security solutions in a layered framework manner. If one layer of the defense is compromised
then the other layers of defense hopefully prevent the full attack on the database. The main
aspects to look upon are using the defense in depth security framework are the technology
solutions, the people, and the operations. This section explains the main technology solution and
their impacts on the security and privacy of the data of the bank.
The network of the entire bank is to be segmented into various segments. The Web
servers, the email servers, the data servers are more vulnerable to cyber-attacks and thus these
servers must be on a private network with communication restricted to some internal as well as
external hosts. This form of isolation is accomplished by creating a subnet known as
Demilitarized Zone (Harkins, 2016). Thus, DMZ network and Private network are in isolation a
firewall or an intrusion detection system can be placed before them to monitor the traffic. Such
confinement by the DMZ prevents the network from email spoofing, phishing, flooding and
denial of service attacks (Hanafizadeh, 2014).
Instead of selecting firewall or an intrusion detection system before a DMZ it is
recommended to make use of unified threat management system which is a standalone appliance
which combines firewall, IDS/IPS, VPN, email and web filtering systems into one single device.
Such UTM shall provide choke points for the traffic entering and exiting from the network and
thus the traffic can be monitored for any kind of active attacks. The firewall shall provide the
the cyber based attacks, hacking of the data for carrying out frauds, ATM Skimming, phishing,
spoofing, etc. Banks need to prepare themselves to counter such attacks and save themselves and
their customer’s money from being dragged into miscreant’s accounts. The security solution
recommended to the Common Wealth Bank thus is to apply the defense in depth approach to
securing the data and the entire premises (Andress, 2014). The defense in depth strategy provides
security solutions in a layered framework manner. If one layer of the defense is compromised
then the other layers of defense hopefully prevent the full attack on the database. The main
aspects to look upon are using the defense in depth security framework are the technology
solutions, the people, and the operations. This section explains the main technology solution and
their impacts on the security and privacy of the data of the bank.
The network of the entire bank is to be segmented into various segments. The Web
servers, the email servers, the data servers are more vulnerable to cyber-attacks and thus these
servers must be on a private network with communication restricted to some internal as well as
external hosts. This form of isolation is accomplished by creating a subnet known as
Demilitarized Zone (Harkins, 2016). Thus, DMZ network and Private network are in isolation a
firewall or an intrusion detection system can be placed before them to monitor the traffic. Such
confinement by the DMZ prevents the network from email spoofing, phishing, flooding and
denial of service attacks (Hanafizadeh, 2014).
Instead of selecting firewall or an intrusion detection system before a DMZ it is
recommended to make use of unified threat management system which is a standalone appliance
which combines firewall, IDS/IPS, VPN, email and web filtering systems into one single device.
Such UTM shall provide choke points for the traffic entering and exiting from the network and
thus the traffic can be monitored for any kind of active attacks. The firewall shall provide the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
ASSESSMENT 2- KEEPING DATA PRIVATE 5
central security features and thus shall deny the communication of unauthorized traffic and
applications. intrusion detection and prevention system shall help the firewall in detecting
harmful network activity and shall trigger analarm for any in theappropriate signature of the
traffic. Due to privatenetworking, the firewall shall be able to provide secure remote connections
(Layton 2016). The applications of webfiltering shall protect the employee systems from
browsing any malicious websites. The SMTP gateway shall act as aspam filter and shall help in
filtering confidential information (Loader,2013). The SMTP relay server shall provide security to
the internal email server of the bank and thus monitor the email traffic. Together the entire UTM
along with the DMZ shall preventattacks like Phishing, IP spoofing, unauthorized access,
recognizance attacks etc (Fonchamnyo, 2013).
Next, the Bank should make use of Network Access Control solutions and Fraud
detection solutions (Merkow et al, 2014). The Network Access Control solutions shall permit the
central security features and thus shall deny the communication of unauthorized traffic and
applications. intrusion detection and prevention system shall help the firewall in detecting
harmful network activity and shall trigger analarm for any in theappropriate signature of the
traffic. Due to privatenetworking, the firewall shall be able to provide secure remote connections
(Layton 2016). The applications of webfiltering shall protect the employee systems from
browsing any malicious websites. The SMTP gateway shall act as aspam filter and shall help in
filtering confidential information (Loader,2013). The SMTP relay server shall provide security to
the internal email server of the bank and thus monitor the email traffic. Together the entire UTM
along with the DMZ shall preventattacks like Phishing, IP spoofing, unauthorized access,
recognizance attacks etc (Fonchamnyo, 2013).
Next, the Bank should make use of Network Access Control solutions and Fraud
detection solutions (Merkow et al, 2014). The Network Access Control solutions shall permit the
ASSESSMENT 2- KEEPING DATA PRIVATE 6
access to the network based on the security status of the hosts and the authorization of the
accounts. After running the system patch for antivirus, for theoperating system, for anti-malware
and firewall a status of the host is determined and access is given to the network on the basis of
the status of the hosts. This secures the network from unauthorized and unsecuredhost’s access.
Along with fraud detection mechanism, the entire banking network can be protected from fraud
and unauthorized access (Rushanan,2014).
The communication paths must be disconnected in automated ways after a definite period
so as to avoid the risk of accessing these pathways for remote access. These must be
disconnected manually if not done automatically (Mettouris, 2015).
For online banking and for the ATM the bank should employee two two-factor
authentications like the token based user authentication or OTP based authentication to
strengthen the authentication process of the end users while communicating and make use of the
procedure of using anextraordinary mix for the username and passwords. The session for the
transaction should expire if no activity is done in the given duration. The SSL 3.0, RC4 with
128-bit encryption (high) along with RSA with a1024-bit trade to guarantee information shall
reduce the risk of online based frauds (McHugh et al, 2000).
Finally, the Bank should make use of Network analyzer or monitors that regularly
monitors the entire network of the bank and generates the health status of the network, the
activities for a given period and the traffic pattern report etc. These insights provide details on
the activities of the user and help the network administrator to analyze the network pattern and
any suspicious activities (Cavusogluet al, 2009). Along with this above technical solution, the
internal premises of the bank, the banking outlets, and the ATM outlets should be supported with
access to the network based on the security status of the hosts and the authorization of the
accounts. After running the system patch for antivirus, for theoperating system, for anti-malware
and firewall a status of the host is determined and access is given to the network on the basis of
the status of the hosts. This secures the network from unauthorized and unsecuredhost’s access.
Along with fraud detection mechanism, the entire banking network can be protected from fraud
and unauthorized access (Rushanan,2014).
The communication paths must be disconnected in automated ways after a definite period
so as to avoid the risk of accessing these pathways for remote access. These must be
disconnected manually if not done automatically (Mettouris, 2015).
For online banking and for the ATM the bank should employee two two-factor
authentications like the token based user authentication or OTP based authentication to
strengthen the authentication process of the end users while communicating and make use of the
procedure of using anextraordinary mix for the username and passwords. The session for the
transaction should expire if no activity is done in the given duration. The SSL 3.0, RC4 with
128-bit encryption (high) along with RSA with a1024-bit trade to guarantee information shall
reduce the risk of online based frauds (McHugh et al, 2000).
Finally, the Bank should make use of Network analyzer or monitors that regularly
monitors the entire network of the bank and generates the health status of the network, the
activities for a given period and the traffic pattern report etc. These insights provide details on
the activities of the user and help the network administrator to analyze the network pattern and
any suspicious activities (Cavusogluet al, 2009). Along with this above technical solution, the
internal premises of the bank, the banking outlets, and the ATM outlets should be supported with
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
ASSESSMENT 2- KEEPING DATA PRIVATE 7
security features like infrastructure, camera, security guard’s etc. This shall provide physical
security to the entire banking network. Finally, the other two aspects of the defense and depth
strategy are the people and the operations. The people include the customers and the employees.
They must be trained regarding various kinds of threats and the safeguard mechanism they can
employ to prevent frauds. The operations are discussed in next section. Thus, the defense in
depth strategy where the network is segmented is the recommended solution for the bank.
Organizational Change
The new technology solution makes use of segmentation of the entire network and
devices like Network access control, new authentication mechanism, fraud detection system,
network analyzer etc. This new network solution brings in changes in the traditional form of
organizational process. The biggest change comes is in the form of changes in the security
governance policy. The organization needs to adopt a strong security policy framework based on
the defense in depth strategy framework. This security policy framework shall act as the
guideline for the implementation of the defense in depth strategy. This security policy framework
shall contain the activities to be done for risk management, for fraud management, for disaster
management, for data recovery, for data loss prevention mechanisms, for actions to be performed
if there is any kind of cyber-attack or any other attack. Thus, a new set of security policy
framework shall be formulated and should be incorporated in the organization (Knapp, 2014).
The new technology solution is making use of network segmentation and two-way
authentication mechanism for the authorized users. The network segmentation shall result in the
formulation of hierarchical based user access, and along with the network control access only
authorized users shall be gaining access to the network. The organization needs to provide a list
security features like infrastructure, camera, security guard’s etc. This shall provide physical
security to the entire banking network. Finally, the other two aspects of the defense and depth
strategy are the people and the operations. The people include the customers and the employees.
They must be trained regarding various kinds of threats and the safeguard mechanism they can
employ to prevent frauds. The operations are discussed in next section. Thus, the defense in
depth strategy where the network is segmented is the recommended solution for the bank.
Organizational Change
The new technology solution makes use of segmentation of the entire network and
devices like Network access control, new authentication mechanism, fraud detection system,
network analyzer etc. This new network solution brings in changes in the traditional form of
organizational process. The biggest change comes is in the form of changes in the security
governance policy. The organization needs to adopt a strong security policy framework based on
the defense in depth strategy framework. This security policy framework shall act as the
guideline for the implementation of the defense in depth strategy. This security policy framework
shall contain the activities to be done for risk management, for fraud management, for disaster
management, for data recovery, for data loss prevention mechanisms, for actions to be performed
if there is any kind of cyber-attack or any other attack. Thus, a new set of security policy
framework shall be formulated and should be incorporated in the organization (Knapp, 2014).
The new technology solution is making use of network segmentation and two-way
authentication mechanism for the authorized users. The network segmentation shall result in the
formulation of hierarchical based user access, and along with the network control access only
authorized users shall be gaining access to the network. The organization needs to provide a list
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
ASSESSMENT 2- KEEPING DATA PRIVATE 8
of organizational hierarchy in order to prevent access of the internal users on the data not
authorized to them. For example, a help desk agent should not have access to the data of the
ATM pin database. This may create a risk of internal theft of the data. Thus, the
organizationalhierarchy of the users is to be formulated and authentication mechanism for the
users must be done based on the hierarchy. Thus, there is a need to train the employees on how
to make use of new authentication mechanism so that they may carry out the banking services
properly (D'Arcy, 2014).
The segmentation of the network shall result in the physical positional changes of some
of the devices like aserver, some departments etc. so that the entire network can be segmented
properly in a secured manner. The implementation of the new technology solution shall require
the company to employ some specialized employees like a network administrator, a trouble
shooter and network security manager.
The audit team traditional process shall change and thus their process should become
more elaborate one. The audit team needs to make aregular audit of the new devices incorporated
in the organization. They should monitor the network reports generated by the network analyzer
system and should make audit assessments for devices like the firewalls, the intrusion detection
system, SMTP relay server, SMTP gateway, new authentication mechanism etc. along with the
traditional auditing of the network. Thus, the audit team check-list must be changed and the audit
team should be trained if needed to how to make anaudit of these devices and their users.
The employees get an additional duty to train their customers on various security aspects
like the new authentication mechanism, ATM skimming risks, the new communication numbers
for reporting ATM loss, etc. along with it the entire end –users must be made aware of the
of organizational hierarchy in order to prevent access of the internal users on the data not
authorized to them. For example, a help desk agent should not have access to the data of the
ATM pin database. This may create a risk of internal theft of the data. Thus, the
organizationalhierarchy of the users is to be formulated and authentication mechanism for the
users must be done based on the hierarchy. Thus, there is a need to train the employees on how
to make use of new authentication mechanism so that they may carry out the banking services
properly (D'Arcy, 2014).
The segmentation of the network shall result in the physical positional changes of some
of the devices like aserver, some departments etc. so that the entire network can be segmented
properly in a secured manner. The implementation of the new technology solution shall require
the company to employ some specialized employees like a network administrator, a trouble
shooter and network security manager.
The audit team traditional process shall change and thus their process should become
more elaborate one. The audit team needs to make aregular audit of the new devices incorporated
in the organization. They should monitor the network reports generated by the network analyzer
system and should make audit assessments for devices like the firewalls, the intrusion detection
system, SMTP relay server, SMTP gateway, new authentication mechanism etc. along with the
traditional auditing of the network. Thus, the audit team check-list must be changed and the audit
team should be trained if needed to how to make anaudit of these devices and their users.
The employees get an additional duty to train their customers on various security aspects
like the new authentication mechanism, ATM skimming risks, the new communication numbers
for reporting ATM loss, etc. along with it the entire end –users must be made aware of the
ASSESSMENT 2- KEEPING DATA PRIVATE 9
ongoing phishing attacks, social engineering attacks, spam based attacks and must be provided
the training to make use of practices that avoid such kinds of attacks. These practices shall avoid
the organization to become the victim of the reconnaissance attack (Gallieret al, 2014).
Finally, the organization should employ a security framework as per the information
security triad supporting the confidentially, integrity and authenticity of the database. The above
technology solution supports this framework and thus must be implemented properly after a
proper planning so that the implementation is effective and secures the entire network properly.
Every change in the organization process is subjected to have employee resistance. Thus, the
organization leaders need to make their employees understand the need of this change by giving
information like the goal of this change the advantages due to this change. Thus, the leaders need
to come up with a proper change management plan so that the recommended solution is
implemented. Moreover for the time period of the implementation it is quite possible that the
banking services shall be disrupted. Thus, the bank should provide proper and prior information
to its customer regarding such upgrading and no availability of the services.
Conclusion
The bank needs to adapt the information security triad of providing confidentiality,
integrity, and authenticity of the data in order to secure the entire banking operations and
services. Since this data contains vital financial information it is under continuous threat coming
from both internal as well as external sources. Some of them are the cyber based attacks, hacking
of the data for carrying out frauds, ATM Skimming, phishing, spoofing, etc. Banks need to
prepare themselves to counter such attacks and save themselves and their customer’s money
from being dragged into miscreant’s accounts. The security solution recommended to the
ongoing phishing attacks, social engineering attacks, spam based attacks and must be provided
the training to make use of practices that avoid such kinds of attacks. These practices shall avoid
the organization to become the victim of the reconnaissance attack (Gallieret al, 2014).
Finally, the organization should employ a security framework as per the information
security triad supporting the confidentially, integrity and authenticity of the database. The above
technology solution supports this framework and thus must be implemented properly after a
proper planning so that the implementation is effective and secures the entire network properly.
Every change in the organization process is subjected to have employee resistance. Thus, the
organization leaders need to make their employees understand the need of this change by giving
information like the goal of this change the advantages due to this change. Thus, the leaders need
to come up with a proper change management plan so that the recommended solution is
implemented. Moreover for the time period of the implementation it is quite possible that the
banking services shall be disrupted. Thus, the bank should provide proper and prior information
to its customer regarding such upgrading and no availability of the services.
Conclusion
The bank needs to adapt the information security triad of providing confidentiality,
integrity, and authenticity of the data in order to secure the entire banking operations and
services. Since this data contains vital financial information it is under continuous threat coming
from both internal as well as external sources. Some of them are the cyber based attacks, hacking
of the data for carrying out frauds, ATM Skimming, phishing, spoofing, etc. Banks need to
prepare themselves to counter such attacks and save themselves and their customer’s money
from being dragged into miscreant’s accounts. The security solution recommended to the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
ASSESSMENT 2- KEEPING DATA PRIVATE 10
Common Wealth Bank thus is to apply the defense in depth approach to securing the data and the
entire premises. The defense in depth strategy provides security solutions in a layered framework
manner.
Common Wealth Bank thus is to apply the defense in depth approach to securing the data and the
entire premises. The defense in depth strategy provides security solutions in a layered framework
manner.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
ASSESSMENT 2- KEEPING DATA PRIVATE 11
References
Andress, J. (2014). The basics of information security: understanding the fundamentals of
InfoSec in theory and practice. Syngress.
Cavusoglu, H., Raghunathan, S., & Cavusoglu, H. (2009). Configuration of and interaction
between information security technologies: The case of firewalls and intrusion detection
systems. Information Systems Research, 20(2), 198-217.
D'Arcy, J., Herath, T., & Shoss, M. K. (2014). Understanding employee responses to stressful
information security requirements: a coping perspective. Journal of Management
Information Systems, 31(2), 285-318.
Fonchamnyo, D. C. (2013). Customers’ perception of E-banking adoption in Cameroon: An
empirical assessment of an extended TAM. International Journal of Economics and
Finance, 5(1), 166-176.
Galliers, R. D., & Leidner, D. E. (Eds.). (2014). Strategic information management: challenges
and strategies in managing information systems. Routledge.
Hanafizadeh, P., Keating, B. W., & Khedmatgozar, H. R. (2014). A systematic review of Internet
banking adoption. Telematics and informatics, 31(3), 492-510.
Harkins, M. W. (2016). Introduction. In Managing Risk and Information Security (pp. 1-16).
Apress, Berkeley, CA.
Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress.
References
Andress, J. (2014). The basics of information security: understanding the fundamentals of
InfoSec in theory and practice. Syngress.
Cavusoglu, H., Raghunathan, S., & Cavusoglu, H. (2009). Configuration of and interaction
between information security technologies: The case of firewalls and intrusion detection
systems. Information Systems Research, 20(2), 198-217.
D'Arcy, J., Herath, T., & Shoss, M. K. (2014). Understanding employee responses to stressful
information security requirements: a coping perspective. Journal of Management
Information Systems, 31(2), 285-318.
Fonchamnyo, D. C. (2013). Customers’ perception of E-banking adoption in Cameroon: An
empirical assessment of an extended TAM. International Journal of Economics and
Finance, 5(1), 166-176.
Galliers, R. D., & Leidner, D. E. (Eds.). (2014). Strategic information management: challenges
and strategies in managing information systems. Routledge.
Hanafizadeh, P., Keating, B. W., & Khedmatgozar, H. R. (2014). A systematic review of Internet
banking adoption. Telematics and informatics, 31(3), 492-510.
Harkins, M. W. (2016). Introduction. In Managing Risk and Information Security (pp. 1-16).
Apress, Berkeley, CA.
Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress.
ASSESSMENT 2- KEEPING DATA PRIVATE 12
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and
compliance. CRC Press.
Loader, B. D., & Thomas, D. (Eds.). (2013). Cybercrime: Security and surveillance in the
information age. Routledge.
McHugh, J., Christie, A., & Allen, J. (2000). Defending yourself: The role of intrusion detection
systems. IEEE software, 17(5), 42-51.
Merkow, M. S., & Breithaupt, J. (2014). Information security: Principles and practices. Pearson
Education.
Mettouris, C., Maratou, V., Vuckovic, D., Papadopoulos, G. A., & Xenos, M. (2015).
Information Security Awareness through a Virtual World: An end-user requirements
analysis. In Proc. 5th International Conference on Information Society and Technology–
ICIST (pp. 273-278).
Rushanan, M., Rubin, A. D., Kune, D. F., & Swanson, C. M. (2014). SoK: Security and privacy
in implantable medical devices and body area networks. In Security and Privacy (SP), 2014
IEEE Symposium on (pp. 524-539). IEEE.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and
compliance. CRC Press.
Loader, B. D., & Thomas, D. (Eds.). (2013). Cybercrime: Security and surveillance in the
information age. Routledge.
McHugh, J., Christie, A., & Allen, J. (2000). Defending yourself: The role of intrusion detection
systems. IEEE software, 17(5), 42-51.
Merkow, M. S., & Breithaupt, J. (2014). Information security: Principles and practices. Pearson
Education.
Mettouris, C., Maratou, V., Vuckovic, D., Papadopoulos, G. A., & Xenos, M. (2015).
Information Security Awareness through a Virtual World: An end-user requirements
analysis. In Proc. 5th International Conference on Information Society and Technology–
ICIST (pp. 273-278).
Rushanan, M., Rubin, A. D., Kune, D. F., & Swanson, C. M. (2014). SoK: Security and privacy
in implantable medical devices and body area networks. In Security and Privacy (SP), 2014
IEEE Symposium on (pp. 524-539). IEEE.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 12
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.