843 resultados para cyber security, securitization, information technology, U.S CYBERCOM
Resumo:
The federal government is currently developing the Nationwide Health Information Network (NHIN). Described as a “network of networks,” the NHIN seeks to provide a nationwide, interoperable health information infrastructure that will securely connect consumers with those involved in health care. As part of the national health information technology (HIT) agenda, the NHIN aims to improve individual and population health by enabling health information to follow the consumer, be available for clinical decision-making, and support important public health measures such as biosurveillance. While the NHIN promises to improve clinical care to individuals and to reduce U.S. health care system costs overall, this electronic environment presents novel challenges for protecting individually identifiable health information. A major barrier to achieving public trust in the NHIN is the development of, and adherence to, a consistent and coordinated approach to privacy and security of health information. This paper will analyze the policy framework for electronic health information exchange with the NHIN. This exercise will demonstrate that the current policy is an effective framework for achieving effective biosurveillance with the NHIN. ^
Resumo:
In the wake of the “9-11” terrorists' attacks, the U.S. Government has turned to information technology (IT) to address a lack of information sharing among law enforcement agencies. This research determined if and how information-sharing technology helps law enforcement by examining the differences in perception of the value of IT between law enforcement officers who have access to automated regional information sharing and those who do not. It also examined the effect of potential intervening variables such as user characteristics, training, and experience, on the officers' evaluation of IT. The sample was limited to 588 officers from two sheriff's offices; one of them (the study group) uses information sharing technology, the other (the comparison group) does not. Triangulated methodologies included surveys, interviews, direct observation, and a review of agency records. Data analysis involved the following statistical methods: descriptive statistics, Chi-Square, factor analysis, principal component analysis, Cronbach's Alpha, Mann-Whitney tests, analysis of variance (ANOVA), and Scheffe' post hoc analysis. ^ Results indicated a significant difference between groups: the study group perceived information sharing technology as being a greater factor in solving crime and in increasing officer productivity. The study group was more satisfied with the data available to it. As to the number of arrests made, information sharing technology did not make a difference. Analysis of the potential intervening variables revealed several remarkable results. The presence of a strong performance management imperative (in the comparison sheriff's office) appeared to be a factor in case clearances and arrests, technology notwithstanding. As to the influence of user characteristics, level of education did not influence a user's satisfaction with technology, but user-satisfaction scores differed significantly among years of experience as a law enforcement officer and the amount of computer training, suggesting a significant but weak relationship. ^ Therefore, this study finds that information sharing technology assists law enforcement officers in doing their jobs. It also suggests that other variables such as computer training, experience, and management climate should be accounted for when assessing the impact of information technology. ^
Resumo:
The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given its rapidly developing cyber security policy. Since the 1990s, we could observe the creation of three broad areas of policy interest: cyber-crime, critical information infrastructures and cyber-defence. One of the main trends transversal to these areas is the importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.
Resumo:
With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognized their responsibilities to safeguard physical and information assets. Security standards can be used as guideline or framework to develop and maintain an adequate information security management system (ISMS). The standards ISO/IEC 27000, 27001 and 27002 are international standards that are receiving growing recognition and adoption. They are referred to as “common language of organizations around the world” for information security. With ISO/IEC 27001 companies can have their ISMS certified by a third-party organization and thus show their customers evidence of their security measures.
Resumo:
Critical infrastructures are based on complex systems that provide vital services to the nation. The complexities of the interconnected networks, each managed by individual organisations, if not properly secured, could offer vulnerabilities that threaten other organisations’ systems that depend on their services. This thesis argues that the awareness of interdependencies among critical sectors needs to be increased. Managing and securing critical infrastructure is not isolated responsibility of a government or an individual organisation. There is a need for a strong collaboration among critical service providers of public and private organisations in protecting critical information infrastructure. Cyber exercises have been incorporated in national cyber security strategies as part of critical information infrastructure protection. However, organising a cyber exercise involved multi sectors is challenging due to the diversity of participants’ background, working environments and incidents response policies. How well the lessons learned from the cyber exercise and how it can be transferred to the participating organisations is still a looming question. In order to understand the implications of cyber exercises on what participants have learnt and how it benefits participants’ organisation, a Cyber Exercise Post Assessment (CEPA) framework was proposed in this research. The CEPA framework consists of two parts. The first part aims to investigate the lessons learnt by participants from a cyber exercise using the four levels of the Kirkpatrick Training Model to identify their perceptions on reaction, learning, behaviour and results of the exercise. The second part investigates the Organisation Cyber Resilience (OCR) of participating sectors. The framework was used to study the impact of the cyber exercise called X Maya in Malaysia. Data collected through interviews with X Maya 5 participants were coded and categorised based on four levels according to the Kirkpatrick Training Model, while online surveys distributed to ten Critical National Information Infrastructure (CNII) sectors participated in the exercise. The survey used the C-Suite Executive Checklist developed by World Economic Forum in 2012. To ensure the suitability of the tool used to investigate the OCR, a reliability test conducted on the survey items showed high internal consistency results. Finally, individual OCR scores were used to develop the OCR Maturity Model to provide the organisation cyber resilience perspectives of the ten CNII sectors.
Resumo:
Abstract This paper uses the framework of the Copenhagen School to understand the process of securitization of cyberspace, exploring how something in such sphere becomes a threat. Seeking to contribute to the debate, this study analyses the securitization discourses of Brazil and of the United States from Hansen and Nissenbaum's (2009) theorization about the existence of a specific sector for cybersecurity. To comprehend the securitization of cyberspace in these terms allows not only to identify distinct levels of securitization, but also to capture the dynamics of cyber threats, distinguishing them from those existent in other sectors, as well as to trace distinctions between tendencies of securitization and militarization.
Resumo:
With the population ageing effect, the technological developments, and pressure to reduce the cost with healthcare, are reunited the conditions for the development of Ambient Assisted Living (AAL) solutions. This work is a revision of the current state of the art. Its aim is the characterization of the AAL solutions, within the AAL4ALL scope. Therefore, it is presented features, scenarios and projects, referring the limitations and the opportunities for the future developments of prototypes using high level information and technology in AAL environments. Moreover, it is presented guidelines of operation, exposing the conceptual approach, and the discussion and conclusion, which present recommendations and current AAL4ALL project positions in terms of concepts and technologies.
Resumo:
Newsletter for Information Technology Department
Resumo:
Newsletter for Information Technology Department
Resumo:
Newsletter for Information Technology Department
Resumo:
Newsletter for Information Technology Department
Resumo:
Newsletter for Information Technology Department
Resumo:
Newsletter for Information Technology Department
Resumo:
Newsletter for Information Technology Department
Resumo:
Newsletter for Information Technology Department
