Authors :
Rusalyn A. Ubay; Akdam T. Omaron; Al-Hadzrim M. Gajir; Alzyver S. Kadil; Nadzmar R. Arakama; Rosemilyn H. Humam; Garfaiza S. Jamasali; Nelhata H. Talib; Abdurasul M. Insam; Alnizar J. Hussin; Shernahar K. Tahil; Nureeza J. Latorre
Volume/Issue :
Volume 9 - 2024, Issue 12 - December
Google Scholar :
https://tinyurl.com/36vxakex
Scribd :
https://tinyurl.com/mvyfx8kz
DOI :
https://doi.org/10.5281/zenodo.14604017
Abstract :
In recent years, there has been no end to the
types of modern cyber security threats. Information
assurance (IA) is a strategic mandate for organizations
increasingly reliant on digital technologies. Such needs
are confidentiality, integrity, availability, authenticity,
and nonrepudiation (NTR), which are also discussed in
this study. While the NIST Cybersecurity Framework,
ISO 27001, and COBIT have been examined elsewhere by
academia, this research seeks to understand theories and
look at these established frameworks under actual
practice. It investigates IA's basic technologies and
apparatus, such as firewalls, intrusion
detection/prevention systems, encryption, and
vulnerability scanners. Realizing human factors' serious
role in security breaches, this paper stresses the
importance of security awareness training, dealing with
social engineering attacks, and encouraging a security-
conscious corporate culture. It also considers the
challenges and opportunities IA faces when applied to
digital transformation technologies like cloud computing,
mobile devices, and the Internet of Things (IoT), pointing
out ways of securing these technologies. Finally,
monitoring and assessing IA programs are essential
through key performance indicators (KPIs), risk
assessment methodologies, and security audits to ensure
that adjustments are kept in line with deployed threats
and business targets. By taking an all-round and forward-
looking approach to IA, any organization can fully use its
information assets, maintain normal business operations,
and press on untroubled by the ever-evolving range of
cyber threats.
Keywords :
Information Assurance, Cyber Threats, Cybersecurity Frameworks, Digital Transformation.
References :
- Tahil, S. K., Alibasa, J. T., Tahil, S. R. K., Marsin, J., & Tahil, S. S. K. (2023). Preserving and Nurturing Tausug Language: The Bahasa Sug Mobile Learning Application Tool for Enhancing Mother Tongue Development for Toddlers. International Journal of Learning, Teaching and Educational Research, 22(11), 18-35.
- Abduhari, E.S., Shaik, T.C., Adidul, A.B., Ladja, J.H., Saliddin, E.S., Adin, A.J., Rumbahali, F.A., Sali, A.B., Jemser, J.M., & Tahil, S.K. (2024). Access Control Mechanisms and Their Role in Preventing Unauthorized Data Access: A Comparative Analysis of RBAC, MFA, and Strong Passwords. Natural Sciences Engineering and Technology Journal, 5(1), 418-430. https://doi.org/10.37275/nasetjournal.v5i1.62
- Rios, B. (2015). Cybersecurity Expert: Medical Devices Have ‘A Long Way to Go’. Biomedical Instrumentation & Technology, 49(3), 197-200. https://doi.org/10.2345/0899-8205-49.3.197
- Leśkow J. (2024). Introduction to special issue on the Russian-Ukrainian war: Effects on global cybersecurity and digital infrastructure. Applied Cybersecurity & Internet Governance (ACIG), 3(1): 1–4.
- Deng, J., Zhao, L., Yuan, X., Tang, Z., Guo, Q. (2021). Research on the Role-Based Access Control Model and Data Security Method. In: Tian, Y., Ma, T., Khan, M.K. (eds) Big Data and Security. ICBDS 2020. Communications in Computer and Information Science, vol 1415. Springer, Singapore. https://doi.org/10.1007/978-981-16-3150-4_8
- Cremer, F., Sheehan, B., Fortmann, M., Kia, A. N., Mullins, M., Murphy, F., & Materne, S. (2022). Cyber risk and cybersecurity: a systematic review of data availability. The Geneva papers on risk and insurance. Issues and practice, 47(3), 698–736. https://doi.org/10.1057/s41288-022-00266-6
- Clark-Ginsberg, A., & Slayton, R. (2019). Regulating risks within complex sociotechnical systems: Evidence from critical infrastructure cybersecurity standards. Science and Public Policy, 46(3), 339-346.
- Ray, A., & Cleaveland, R. (2015). Security assurance cases for medical cyber-physical systems. IEEE Design & Test, 32(5), 56-65.
- Seng N. (2024). Cybersecurity regulation—types, principles, and country deep dives in Asia. Int Cybersecurity Law Rev, 5(3): 387–411.
- González-Granadillo, G., González-Zarzosa, S., & Diaz, R. (2021). Security information and event management (SIEM): analysis, trends, and usage in critical infrastructures. Sensors, 21(14), 4759.
- Ani, U. D., He, H., & Tiwari, A. (2019). Human factor security: evaluating the cybersecurity capacity of the industrial workforce. Journal of Systems and Information Technology, 21(1), 2-35.
- Hamill, J. T., Deckro, R. F., & Kloeber, J. M. (2022). Evaluating information assurance strategies. In Handbook of Scholarly Publications from the Air Force Institute of Technology (AFIT), 1, 3-32.
- AlGhamdi, S., Win, K. T., & Vlahu-Gjorgievska, E. (2020). Information security governance challenges and critical success factors: Systematic review. Computers & security, 99, 102030.
- Tahil, S.K. (2024). Integrating Computer Science in Basic Education Curriculum: Enhancing Innovation and Sophistication for Global Competitiveness. International Journal of Learning, Teaching and Educational Research. 23(8), 203-221. https://doi.org/10.26803/ijlter.23.8.11
- Ahmad, A., Desouza, K. C., Maynard, S. B., Naseer, H., & Baskerville, R. L. (2020). How integration of cyber security management and incident response enables organizational learning. Journal of the Association for Information Science and Technology, 71(8), 939-953.
- Patel, A. U., Williams, C. L., Hart, S. N., Garcia, C. A., Durant, T. J. S., Cornish, T. C., & McClintock, D. S. (2023). Cybersecurity and Information Assurance for the Clinical Laboratory. The journal of applied laboratory medicine, 8(1), 145–161. https://doi.org/10.1093/jalm/jfac119
- Dunn Cavelty, M. (2018). Cybersecurity research meets science and technology studies. Politics and Governance, 6(2), 22-30.
- Chowdhury, N., & Gkioulos, V. (2021). Cyber security training for critical infrastructure protection: A literature review. Computer Science Review, 40, 100361.
- Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby H., & Stoddart, K. (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & security, 56, 1-27.
- Zhao Z, Hsu C, Harn L, Xia Z, Jiang X, Liu L. (2024). Lightweight ring-neighbor-based user authentication and group-key agreement for internet of drones. Cybersecurity, 7(1).
- Awang H, Mansor NS, Zolkipli MF, Malami STS, Mohd Zaini K, Yau TD. (2024). Cybersecurity awareness among special needs students: The role of parental control. Mesopotamian Journal of CyberSecurity (MJCS), 4(2), 63–73.
- Srinivas, J., Das, A. K., & Kumar, N. (2019). Government regulations in cyber security: Framework, standards and recommendations. Future generation computer systems, 92, 178-188.
- Caramancion, K. M., Li, Y., Dubois, E., & Jung, E. S. (2022). The missing case of disinformation from the cybersecurity risk continuum: A comparative assessment of disinformation with other cyber threats. Data, 7(4), 49.
- Shukla A., Katt, B., Nweke, L.O., Yeng, P.K., & Weldehawaryat, G.K. (2022). System security assurance: A systematic literature review. Computer Science Review, Vol 45,100496, https://doi.org/10.1016/j.cosrev.2022.100496
- Heaton, J., & Parlikad, A. K. (2019). A conceptual framework for the alignment of infrastructure assets to citizen requirements within a Smart Cities framework. Cities, 90, 32-41.
- A. Y. Al Hammadi, C. YeobYeun and E. Damiani (2020). Novel EEG Risk Framework to Identify Insider Threats in National Critical Infrastructure Using Deep Learning Techniques. 2020 IEEE International Conference on Services Computing (SCC), 69-471, https://doi.org/10.1109/SCC49832.2020.00071
In recent years, there has been no end to the
types of modern cyber security threats. Information
assurance (IA) is a strategic mandate for organizations
increasingly reliant on digital technologies. Such needs
are confidentiality, integrity, availability, authenticity,
and nonrepudiation (NTR), which are also discussed in
this study. While the NIST Cybersecurity Framework,
ISO 27001, and COBIT have been examined elsewhere by
academia, this research seeks to understand theories and
look at these established frameworks under actual
practice. It investigates IA's basic technologies and
apparatus, such as firewalls, intrusion
detection/prevention systems, encryption, and
vulnerability scanners. Realizing human factors' serious
role in security breaches, this paper stresses the
importance of security awareness training, dealing with
social engineering attacks, and encouraging a security-
conscious corporate culture. It also considers the
challenges and opportunities IA faces when applied to
digital transformation technologies like cloud computing,
mobile devices, and the Internet of Things (IoT), pointing
out ways of securing these technologies. Finally,
monitoring and assessing IA programs are essential
through key performance indicators (KPIs), risk
assessment methodologies, and security audits to ensure
that adjustments are kept in line with deployed threats
and business targets. By taking an all-round and forward-
looking approach to IA, any organization can fully use its
information assets, maintain normal business operations,
and press on untroubled by the ever-evolving range of
cyber threats.
Keywords :
Information Assurance, Cyber Threats, Cybersecurity Frameworks, Digital Transformation.