The Security Challenges Emerging from the Technological Developments

A Practical Case Study of Organizational Awareness to the Security Risks

Abstract

An increase number of cyberattacks on public and private organizations have been performed by exploiting their social and technological vulnerabilities. Mainly, these attacks aim to obtain illegal profits by extorting organizations, affecting their reputation and normal operation. In order to minimize the impact of these attacks, it is essential that these organizations not only implement preventive actions and efficient security mechanisms, but also continually evaluate the security risks their staff are exposed to when performing their job tasks. This paper presents a case study to assess the private and public Portuguese organizations security related practices followed by their staff. The results obtained by a conducted survey allow the analysis of behaviours and practices followed by the staff of these organizations and also allow to draw conclusions about their security procedures and risk awareness.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

References

  1. 1.

    (2017) Outbreak WCry/WannaCry Ransomware | www.cert.be. https://www.cert.be/docs/outbreak-wcrywannacry-ransomware.html

  2. 2.

    Petya ransomware outbreak: Here’s what you need to know. https://www.symantec.com/blogs/threat-intelligence/petya-ransomware-wiper

  3. 3.

    (2017) Gartner says 8.4 billion connected “Things” will be in use in 2017, up 31 percent from 2016. https://www.gartner.com/en/newsroom/press-releases/2017-02-07-gartner-says-8-billion-connected-things-will-be-in-use-in-2017-up-31-percent-from-2016

  4. 4.

    Global cybersecurity index. https://www.itu.int/en/ITU-D/Cybersecurity/Pages/global-cybersecurity-index.aspx

  5. 5.

    Oliphant R, McGoogan C (2017) The telegraph. https://www.telegraph.co.uk/news/2017/06/28/nato-assisting-ukrainian-cyber-defences-ransom-ware-attack-cripples/

  6. 6.

    Vodafone Fundação Vodafone apresenta 1a Aldeia Inteligente de Montanha. https://press.vodafone.pt/2016/02/23/fundacao-vodafone-apresenta-1a-aldeia-inteligente-de-montanha-3/

  7. 7.

    Hue products - meethue | Philips lighting. https://www2.meethue.com/en-us/products

  8. 8.

    Nest Nest learning thermostat | programs itself then pays for itself. https://www.nest.com/thermostats/nest-learning-thermostat/overview/

  9. 9.

    August smart lock | control and monitor your door from anywhere. https://august.com/products/august-smart-lock-connect

  10. 10.

    Fox-Brewster T (2016) Is this one company to blame for cameras exploited in record web attacks?. https://www.forbes.com/sites/thomasbrewster/2016/10/07/chinese-firm-xm-blamed-for-epic-ddos-attacks/

  11. 11.

    ISO/IEC (2018) ISO/IEC 27000:2018. http://www.iso.org

  12. 12.

    Allen TA (2018) NIST special publication 800-series general information. https://www.nist.gov/itl/nist-special-publication-800-series-general-information

  13. 13.

    OECD OECD guidelines for the security of information systems and networks: towards a culture of security - OECD. http://www.oecd.org

  14. 14.

    OECD Digital security risk management - OECD. http://www.oecd.org

  15. 15.

    PORDATA PORDATA - empresas: total e por dimensão. https://www.pordata.pt

  16. 16.

    PORDATA PORDATA - pequenas e médias empresas em % do total de empresas: total e por dimensão. https://www.pordata.pt

  17. 17.

    DRE (2015) Resolução do conselho de ministros 36/2015, 2015-06-12. https://dre.pt

  18. 18.

    (2017) Competências Digitais. http://www.incode2030.gov.pt/portugal-e-competencias-digitais

  19. 19.

    ISO/IEC ISO/IEC 27001 Information security management. http://www.iso.org/cms/render/live/en/sites/isoorg/home/standards/popular-standards/isoiec-27001-information-securit.html

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Pedro Pinto.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Costa, P., Montenegro, R., Pereira, T. et al. The Security Challenges Emerging from the Technological Developments. Mobile Netw Appl 24, 2032–2037 (2019). https://doi.org/10.1007/s11036-018-01208-0

Download citation

Keywords

  • Cybersecurity
  • Awareness
  • Security practices