Cyberspace relies on information technologies to mediate relations between different people, across different communication networks and is reliant on the supporting technology. These interactions typically occur without physical proximity and those working depending on cybersystems must be able to trust the overall human–technical systems that support cyberspace. As such, detailed discussion of cybersecurity policy would be improved by including trust as a key value to help guide policy discussions. Moreover, effective cybersystems must have resilience designed into them. This paper (...) argues that trustworthy cybersystems are a key element to resilient systems, and thus are core to cybersecurity policy. The paper highlights the importance of trustworthiness for resilient cybersystems. The importance of trustworthiness is shown through a discussion of three events where trustworthiness was the target or casualty of cyberattacks: Stuxnet, hacking of communications and the Edward Snowden revelations. The impact of losing trust is highlighted, to underpin the argument that a resilient cybersystem ought to design in trustworthiness. The paper closes off by presenting a general set of policy implications arising from recognition of the interplay between trust, trustworthiness and resilience for effective cybersecurity. (shrink)

The ethical issues raised by cybersecurity practices and technologies are of critical importance. However, there is disagreement about what is the best ethical framework for understanding those issues. In this paper we seek to address this shortcoming through the introduction of a principlist ethical framework for cybersecurity that builds on existing work in adjacent fields of applied ethics, bioethics, and AI ethics. By redeploying the AI4People framework, we develop a domain-relevant specification of five ethical principles in cybersecurity: (...) beneficence, non-maleficence, autonomy, justice, and explicability. We then illustrate the advantages of this principlist framework by examining the ethical issues raised by four common cybersecurity contexts: penetration testing, distributed denial of service attacks (DDoS), ransomware, and system administration. These case analyses demonstrate the utility of this principlist framework as a basis for understanding cybersecurity ethics and for cultivating the ethical expertise and ethical sensitivity of cybersecurity professionals and other stakeholders. (shrink)

Purpose Cybersecurity in healthcare has become an urgent matter in recent years due to various malicious attacks on hospitals and other parts of the healthcare infrastructure. The purpose of this paper is to provide an outline of how core values of the health systems, such as the principles of biomedical ethics, are in a supportive or conflicting relation to cybersecurity. Design/methodology/approach This paper claims that it is possible to map the desiderata relevant to cybersecurity onto the four (...) principles of medical ethics, i.e. beneficence, non-maleficence, autonomy and justice, and explore value conflicts in that way. Findings With respect to the question of how these principles should be balanced, there are reasons to think that the priority of autonomy relative to beneficence and non-maleficence in contemporary medical ethics could be extended to value conflicts in health-related cybersecurity. Research limitations/implications However, the tension between autonomy and justice, which relates to the desideratum of usability of information and communication technology systems, cannot be ignored even if one assumes that respect for autonomy should take priority over other moral concerns. Originality/value In terms of value conflicts, most discussions in healthcare deal with the conflict of balancing efficiency and privacy given the sensible nature of health information. In this paper, the authors provide a broader and more detailed outline. (shrink)

Applications of artificial intelligence (AI) for cybersecurity tasks are attracting greater attention from the private and the public sectors. Estimates indicate that the market for AI in cybersecurity will grow from US$1 billion in 2016 to a US$34.8 billion net worth by 2025. The latest national cybersecurity and defence strategies of several governments explicitly mention AI capabilities. At the same time, initiatives to define new standards and certification procedures to elicit users’ trust in AI are emerging on (...) a global scale. However, trust in AI (both machine learning and neural networks) to deliver cybersecurity tasks is a double edged sword: it can improve substantially cybersecurity practices, but can also facilitate new forms of attacks to the AI applications themselves, which may pose severe security threats. We argue that trust in AI for cybersecurity is unwarranted and that, to reduce security risks, some form of control to ensure the deployment of ‘reliable AI’ for cybersecurity is necessary. To this end, we offer three recommendations focusing on the design, development and deployment of AI for cybersecurity. (shrink)

By examining managers’ decisions about disclosing updated assessments of firms’ risks, we present evidence that the risk factor disclosures are informative. We use the setting of cybersecurity risk factor disclosures after a data breach because data breaches, especially severe breaches, serve as a natural experiment where an exogenous shock to managers’ assessment of their firm’s cybersecurity risks occurs. We analyze the topic from the perspective of two different theoretical lenses: the economic lens of optimal risk exposure and the (...) ethical lens of stakeholder theory. Using a sample of firms experiencing data breaches, we find that firms experiencing a data breach increase the amount of cybersecurity risk factor disclosures compared to matched firms with no data breach. Further investigation reveals that the severity of data breaches affects the results; cybersecurity risk factor disclosures increase only after severe data breaches. While there is no significant market reaction if breached firms’ subsequent annual reports include increased cybersecurity risk factor disclosures, a significant negative market reaction occurs if breached firms decrease cybersecurity risk factor disclosures, regardless of the severity of the breach, implying that the market anticipates increased disclosures after data breaches. (shrink)

Securing the internet has arguably become paradigmatic for modern security practice, not only because modern life is considered to be impossible or valueless if disconnected, but also because emergent cyber-relations and their complex interconnections are refashioning traditional security logics. This paper analyses European modes of governing geared toward securing vital, emergent cyber-systems in the face of the interconnected emergency. It develops the concept of ‘bureaucratic vitalism’ to get at the tension between the hierarchical organization and reductive knowledge frames of security (...) apparatuses on the one hand, and the increasing desire for building ‘resilient’, dispersed, and flexible security assemblages on the other. The bureaucratic/vital juxtaposition seeks to capture the way in which cybersecurity governance takes emergent, complex systems as object and model without fully replicating this ideal in practice. Thus, we are concerned with the question of what happens when security apparatuses appropriate and translate vitalist concepts into practice. Our case renders visible the banal bureaucratic manoeuvres that seek to operate upon security emergencies by fostering connectivities, producing agencies, and staging exercises. (shrink)

Drawing on an analysis of German national cybersecurity policy, this paper argues that cybersecurity has become a key site in which states mobilize science and technology to produce state power. Contributing to science and technology studies work on technoscience and statecraft, I develop the concepts of “territorialization projects” and “digital territory” to capture how the production of state power in the digital age increasingly relies on technoscientific expertise about information infrastructure, shifting tasks of government into the domain of (...) computer scientists and network engineers. The notion of territorialization projects describes states’ ongoing struggle to mobilize science and engineering in order to transform globally distributed information infrastructure into bounded national territory and invest it with patriotic meaning: making digital territory. Digital territory, in other words, is nationalized information infrastructure: it includes building and monopolizing infrastructure as well as normative ideas about nation—who is a digital citizen, and who isn’t; or what constitutes “good” and “bad” digital citizens. Nationalizing information infrastructure and placing statecraft into the hands of scientists and engineers might indicate an emerging form of “techno-nationalism”—a combination of nationalist and technocratic tendencies—raising urgent questions for STS scholarship to investigate the consequences of territorialization projects for justice, democracy, and civic life. (shrink)

Sovereignty and strategic autonomy are felt to be at risk today, being threatened by the forces of rising international tensions, disruptive digital transformations and explosive growth of cybersecurity incidents. The combination of AI and cybersecurity is at the sharp edge of this development and raises many ethical questions and dilemmas. In this commentary, I analyse how we can understand the ethics of AI and cybersecurity in relation to sovereignty and strategic autonomy. The analysis is followed by policy (...) recommendations, some of which may appear to be controversial, such as the strategic use of ethics. I conclude with a reflection on underlying concepts as an invitation for further research. The goal is to inspire policy-makers, academics and business strategists in their work, and to be an input for public debate. (shrink)

Sovereignty and strategic autonomy are felt to be at risk today, being threatened by the forces of rising international tensions, disruptive digital transformations and explosive growth of cybersecurity incidents. The combination of AI and cybersecurity is at the sharp edge of this development and raises many ethical questions and dilemmas. In this commentary, I analyse how we can understand the ethics of AI and cybersecurity in relation to sovereignty and strategic autonomy. The analysis is followed by policy (...) recommendations, some of which may appear to be controversial, such as the strategic use of ethics. I conclude with a reflection on underlying concepts as an invitation for further research. The goal is to inspire policy-makers, academics and business strategists in their work, and to be an input for public debate. (shrink)

Sovereignty and strategic autonomy are felt to be at risk today, being threatened by the forces of rising international tensions, disruptive digital transformations and explosive growth of cybersecurity incidents. The combination of AI and cybersecurity is at the sharp edge of this development and raises many ethical questions and dilemmas. In this commentary, I analyse how we can understand the ethics of AI and cybersecurity in relation to sovereignty and strategic autonomy. The analysis is followed by policy (...) recommendations, some of which may appear to be controversial, such as the strategic use of ethics. I conclude with a reflection on underlying concepts as an invitation for further research. The goal is to inspire policy-makers, academics and business strategists in their work, and to be an input for public debate. (shrink)

The 2006 Megan Meier case, where a teenage girl who was bullied on the Internet through e-mail and Myspace which was said to ultimately lead to her suicide, shed light on the cyber bullying issue in schools. This article uses a case study approach to describe how a number of school institutes were grappling with the loss of confidential information and protecting students on the WWW, each through a unique set of circumstances. It will reveal potential reactions of the institutions (...) and possible ways to deal with the cyber threats. With experiences, school districts take measures to offer value education by improving students' knowledge and awareness of Cyberethics, Cybersafety, and Cybersecurity concepts to provide them with the means to protect themselves, and to enhance the safety and security of national infrastructure. (shrink)

Our society is being shaped in a non-negligible way by the technological advances of recent years, especially in information and communications technologies. The pervasiveness and democratization of ICTs have allowed people from all backgrounds to access and use them, which has resulted in new information-based assets. At the same time, this phenomenon has brought a new class of problems, in the form of activists, criminals and state actors that target the new assets to achieve their goals, legitimate or not. (...) class='Hi'>Cybersecurity includes the research, tools and techniques to protect information assets. However, some cybersecurity measures may clash with the ethical values of citizens. We analyze the synergies and tensions between some of these values, namely security, privacy, fairness and autonomy. From this analysis, we derive a value graph, and then we set out to identify those paths in the graph that lead to satisfying all four aforementioned values in the cybersecurity setting, by taking advantage of their synergies and avoiding their tensions. We illustrate our conceptual discussion with examples of enabling technologies. We also sketch how our methodology can be generalized to any setting where several potentially conflicting values have to be satisfied. (shrink)

This article presents an experimental analysis of several cybersecurity risks affecting the human attack surface of Fairmont State University, a mid-size state university. We consider two social engineering experiments: a phishing email barrage and a targeted spearphishing campaign. In the phishing experiment, a total of 4,769 students, faculty, and staff on campus were targeted by 90,000 phishing emails. Throughout these experiments, we explored the effectiveness of three types of phishing awareness training. Our results show that phishing emails that make (...) it through IT’s defenses pose a clear and present threat to large educational organizations. Moreover, we found that simple, visual, instructional guides are more effective training tools than long documents or interactive training. (shrink)

Cybersecurity research often describes people as understanding internet security in terms of metaphorical mental models (e.g., disease risk, physical security risk, or criminal behavior risk). However, little research has directly evaluated if this is an accurate or productive framework. To assess this question, two experiments asked participants to respond to a statistical reasoning task framed in one of four different contexts (cybersecurity, plus the above alternative models). Each context was also presented using either percentages or natural frequencies, and (...) these tasks were followed by a behavioral likelihood rating. As in previous research, consistent use of natural frequencies promoted correct Bayesian reasoning. There was little indication, however, that any of the alternative mental models generated consistently better understanding or reasoning over the actual cybersecurity context. There was some evidence that different models had some effects on patterns of responses, including the behavioral likelihood ratings, but these effects were small, as compared to the effect of the numerical format manipulation. This points to a need to improve the content of actual internet security warnings, rather than working to change the models users have of warnings. (shrink)

The advent of Generative AI, particularly through Large Language Models (LLMs) like ChatGPT and its successors, marks a paradigm shift in the AI landscape. Advanced LLMs exhibit multimodality, handling diverse data formats, thereby broadening their application scope. However, the complexity and emergent autonomy of these models introduce challenges in predictability and legal compliance. This paper analyses the legal and regulatory implications of Generative AI and LLMs in the European Union context, focusing on liability, privacy, intellectual property, and cybersecurity. It (...) examines the adequacy of the existing and proposed EU legislation, including the Artificial Intelligence Act (AIA), in addressing the challenges posed by Generative AI in general and LLMs in particular. The paper identifies potential gaps and shortcomings in the EU legislative framework and proposes recommendations to ensure the safe and compliant deployment of generative models. (shrink)

Cybersecurity aggregates are numerical data obtained by aggregation on features along a database of cybersecurity reports. These aggregates are obtained by integration of time-stamped tables using some recent results of non-standard calculus. Time-series of aggregates are shown to contain relevant information about the concrete system dealt with. Trend time series is also forecasted using known data-driven methods. Although absolute forecasting of trend time series is not obtained, a directional forecasting of trend time series is achieved thence validated by (...) means of a rolling cross validation scheme on a public database of Scareware reports. (shrink)

Purpose This study aims to identify and analyse the issues faced by internet-based small businesses in developing countries regarding cybersecurity and document how these businesses address the risks. Design/methodology/approach This study used the qualitative method. Respondents were internet-based small businesses selected by using theoretical sampling. Data were collected by using interviews and observations. The validity of the analysis was ensured by using triangulation and member checking. Findings This study reveals that small businesses managed to identify the loss of physical (...) and monetary assets as possible damage. However, only a few businesses identified loss of intangible assets as possible cyber risks. Most small businesses had used basic cybersecurity measures to protect data access and some primary business activities. Unfortunately, they rarely take initiatives in preventing and early detecting cyber risks. Research limitations/implications Findings of this study cannot be generalised as it aims to obtain new insights and document unexplored findings. Thus, if this study’s findings are going to be generalised, it is necessary to conduct an additional study. Secondly, this study did not assess how far small business had fulfilled the relevant information security framework as assessment required additional research, and this study only aimed to map the current situation in small businesses. Practical implications This study emphasised the importance of identifying valuable assets or resources when implementing cybersecurity measures. Focusing on security measures to protect identified assets from cyber risk will make the efforts more efficient and effective than using standardised cybersecurity measures. Third-party developers can also use this study to understand small businesses’ current cybersecurity implementation and their characters to design online platforms that suit these needs. Governments can also design educational activities that address small businesses’ lack of knowledge. Originality/value Most studies which focus on small businesses and information technology usually only discuss how they use IT. This study also brings new contributions by focusing on developing countries and specifically addresses internet-based technology cyber risk faced by e-commerce businesses. The qualitative method is used as most studies in e-commerce adoption were positivistic in nature, and inductive-based studies were rarely found on the topic. (shrink)

Cyber risk has become one of the greatest threats to firms in recent years. Accordingly, boards of directors must be continually vigilant about this danger. They have a duty to ensure that the companies adopt appropriate cybersecurity measures to manage the risk of cyber fraud. Boards should also ensure that the firm disclose material cyber risk and breaches. We examine how the board’s gender composition can influence the extent of such disclosure, based on a sample of the companies listed (...) on the S&P/TSX 60 Index over the period 2014–2018. Results show evidence of a positive association between the presence and level of cybersecurity disclosure and board gender diversity. However, the board must boast a critical mass of at least three women before this positive impact can be observed. Our findings contribute to the debate on the importance of gender diversity by adding the concept of the positive influence of heterogeneity on cyber disclosure. We also augment the literature on the critical mass of women in boardrooms by providing empirical evidence that three or more women constitute the threshold for better governance. Our study has important implications for investors, stakeholders and regulators. If investors wish to increase cybersecurity disclosure, they should ask for more diversified boards. Our findings support regulators in their efforts to increase women’s representation on boards by providing empirical evidence of better outcomes with this type of board composition. (shrink)

In this chapter, I draw on my previous work on trust and cybersecurity to offer a definition of trust and trustworthiness to understand to what extent trusting AI for cybersecurity tasks is justified and what measures can be put in place to rely on AI in cases where trust is not justified, but the use of AI is still beneficial.

Today, social engineering techniques are the most common way of committing cybercrimes through the intrusion and infection of computer systems. Cybersecurity experts use the term “social engineering” to highlight the “human factor” in digitized systems, as social engineering attacks aim at manipulating people to reveal sensitive information. In this paper, we explore how discursive framings of individual versus collective security by cybersecurity experts redefine roles and responsibilities at the digitalized workplace. We will first show how the rhetorical figure (...) of the deficient user is constructed vis-à-vis notions of security in social engineering discourses. Second, we will investigate the normative tensions that these practices create. To do so, we link work in science and technology studies on the politics of deficit construction to recent work in critical security studies on securitization and resilience. Empirically, our analysis builds on a multi-sited conference ethnography during three cybersecurity conferences as well as an extensive document analysis. Our findings suggest a redistribution of institutional responsibility to the individual user through three distinct social engineering story lines—“the oblivious employee,” “speaking code and social,” and “fixing human flaws.” Finally, we propose to open up the discourse on social engineering and its inscribed politics of deficit construction and securitization and advocate for companies and policy makers to establish and foster a culture of collective cyber in/security and corporate responsibility. (shrink)

A “national security–centric” approach currently dominates cybersecurity policies and practices. Derived from a realist theory of world politics in which states compete with each other for survival and relative advantage, the principal cybersecurity threats are conceived as those affecting sovereign states, such as damage to critical infrastructure within their territorial jurisdictions. As part of a roundtable on “Competing Visions for Cyberspace,” this essay presents an alternative approach to cybersecurity that is derived from the tradition of “human security.” (...) Rather than prioritizing territorial sovereignty, this approach prioritizes the individual, and views networks as part of the essential foundation for the modern exercise of human rights, such as access to information, freedom of thought, and freedom of association. The foundational elements of a human-centric approach to cybersecurity are outlined and contrasted with the prevailing trends around national security–centric practices. A human-centric approach strives for indivisible network security on a planetary scale for the widest possible scope of human experience, and seeks to ensure that such principles are vigorously monitored and defended by multiple and overlapping forms of independent oversight and review. (shrink)

Purpose This paper aims to outline how destructive communication exemplified by ransomware cyberattacks destroys the process of organization, causes a “state of exception,” and thus constitutes organization. The authors build on Agamben's state of exception and translate it into communicative constitution of organization theory. Design/methodology/approach A significant increase of cyberattacks have impacted organizations in recent times and laid organizations under siege. This conceptual research builds on illustrative cases chosen by positive deviance case selection of ransomware attacks. Findings CCO theory focuses (...) mainly on ordering characteristics of communication. The authors aim to complement this view with a perspective on destructive communication that destroys the process of organization. Based on illustrative cases, the authors conceptualize a process model of destructive CCO. Practical implications The authors expand thoughts about a digital “corporate immune system” to question current offensive cybersecurity strategies of deterrence and promote resilience approaches instead. Originality/value Informed by destructive communication of cyberattacks, this theory advancement supports arguments to include notions of disorder into CCO theory. Furthermore, the paper explains where disruptions like cyberattacks may trigger sensemaking and change to preserve stability. Finally, a novel definition of ‘destructive CCO’ is provided: Destructive Communication Constitutes Organization by disrupting and destroying its site and surface while triggering sensemaking and becoming part of sensemaking itself. (shrink)

Healthcare cybersecurity is increasingly targeted by malicious hackers. This sector has many vulnerabilities and health data is very sensitive and valuable. Consequently, any damage caused by malicious intrusions is particularly alarming. The consequences of these attacks can be enormous and endanger patient care. Amongst the already-implemented cybersecurity measures and the ones that need to be further improved, this paper aims to demonstrate how penetration tests can greatly benefit healthcare cybersecurity. It is already proven that this approach has (...) enforced cybersecurity in other sectors. However, it is not popular in healthcare since many prejudices still surround the hacking practice and there is a lack of education on hackers’ categories and their ethics. The present analysis aims to comprehend what hacker ethics is and who ethical hackers are. Currently, hacker ethics has the status of personal ethics; however, to employ penetration testers in healthcare, it is recommended to draft an official code of ethics, comprising principles, standards, expectations, and best practices. Additionally, it is important to distinguish between malicious hackers and ethical hackers. Amongst the latter, penetration testers are only a sub-category. Acknowledging the subtle differences between ethical hackers and penetration testers allows to better understand why and how the latter can offer their services to healthcare facilities. (shrink)

Recent data breaches underscore the importance of organizational cybersecurity. However, the high costs of such security can force chief financial officers (CFOs) to make difficult financial and ethical trade-offs that have both business and societal implications. We employ a 2 × 2 randomized experiment that varies both an observed scenario CFO’s investment decision (invest/not invest in security) and organizational outcomes (positive/negative) to investigate these trade-offs. Participant managers assess the observed CFO’s investment behavior and indicate their own intentions to invest. (...) Results indicate that when the observed scenario CFO invests in security, managers primarily follow their peers when making investment decisions. However, when the observed CFO does not invest in security, managers make their own decisions by engaging in more in-depth reasoning that includes assessment of the seriousness of consequences, as well as the ethical and societal considerations. Moderated mediation findings further deconstruct and corroborate these relationships. (shrink)

Policy-makers involved in cybersecurity governance should pay close attention to the ‘generative metaphors’ they use to describe and understand new technologies. Generative metaphors structure our understanding of policy problems by imposing mental models of both the problem and possible solutions. As a result, they can also constrain ethical reasoning about new technologies, by uncritically carrying over assumptions about moral roles and obligations from an existing domain. The discussion of global governance of cybersecurity problems has to date been dominated (...) by the metaphor of ‘cyber war’. In this paper, I argue that this metaphor diminishes possibilities for international collaboration in this area by limiting states to reactive policies of naming and shaming rather than proactive actions to address systemic features of cyberspace. We suggest that alternative metaphors—such as health, ecosystem, and architecture—can help expose the dominance of the war metaphor and provide a more collaborative and conceptually accurate frame for negotiations. (shrink)

In this moment of rising nationalism worldwide, governments, civil society groups, transnational companies, and web users all complain of increasing regional fragmentation online. While prior work in this area has primarily focused on issues of government censorship and regulatory compliance, we use an inductive and qualitative approach to examine targeted blocking by corporate entities of entire regions motivated by concerns about fraud, abuse, and theft. Through participant-observation at relevant events and intensive interviews with experts, we document the quest by professionals (...) tasked with preserving online security to use new machine-learning based techniques to develop a “fairer” system to determine patterns of “good” and “bad” usage. However, we argue that without understanding the systematic social and political conditions that produce differential behaviors online, these systems may continue to embed unequal treatments, and troublingly may further disguise such discrimination behind more complex and less transparent automated assessment. In order to support this claim, we analyze how current forms of regional blocking incentivize users in blocked regions to behave in ways that are commonly flagged as problematic by dominant security and identification systems. To realize truly global, non-Eurocentric cybersecurity techniques would mean incorporating the ecosystems of service utilization developed by marginalized users rather than reasserting norms of an imagined user that casts aberrations as suspect. (shrink)

This article reports from the International Conference on Cyberlaw, Cybercrime & Cybersecurity. The Conference was addressed by more than 150 speakers backed by more than 80 supporters. It was a wonderful opportunity to network with international thought leaders under one roof.

Fear appeals are used in many domains. Cybersecurity researchers are also starting to experiment with fear appeals, many reporting positive outcomes. Yet there are ethical concerns related to the use of fear to motivate action. In this paper, we explore this aspect from the perspectives of cybersecurity fear appealdeployersandrecipients. We commenced our investigation by considering fear appeals from three foundational ethical perspectives. We then consulted the two stakeholder groups to gain insights into the ethical concerns they consider to (...) be pertinent. We first consulteddeployers: (a) fear appeal researchers and (b) Chief Information Security Officers (CISOs), and then potential cybersecurity fear appealrecipients:members of a crowdsourcing platform. We used their responses to develop aneffects-reasoning matrix, identifying the potential benefits and detriments of cybersecurity fear appeals for all stakeholders. Using these insights, we derived six ethical principles to guide cybersecurity fear appeal deployment. We then evaluated a snapshot of cybersecurity studies using the ethical principle lens. Our contribution is,first, a list of potential detriments that could result from the deployment of cybersecurity fear appeals andsecond, the set of six ethical principles to inform the deployment of such appeals. Both of these are intended to inform cybersecurity fear appeal design and deployment. (shrink)

The purpose of the study is to determine the prospects for the export of Russian information technologies and cooperation in the fields of artificial intelligence and cybersecurity with the countries of the Association of Southeast Asian Nations. The article discusses the request of the ASEAN countries in the field of AI and cybersecurity, the level of development of the digital economy in this region and its impact on the prospects for Russian IT-exports; in addition, the structure and dynamics (...) of Russian IT-exports to the world market are presented. The scientific novelty lies in the reassessment of the prospects for cooperation between Russia and the ASEAN countries in the field of IT, AI and cybersecurity. As a result, the factors influencing the competitiveness of Russia in the field of IT were identified and the leading Russian IT-companies and their experience in the global market were analyzed. Based on this, a conclusion was made about the prospects for the export of Russian IT and cooperation in the field of AI and cybersecurity with the ASEAN countries. (shrink)

The initial online publication incorrectly contained Supplementary Information.

The increasingly prominent role of digital technologies during the coronavirus pandemic has been accompanied by concerning trends in privacy and digital ethics. But more robust protection of our rights in the digital realm is possible in the future. -/- After surveying some of the challenges we face, I argue for the importance of diplomacy. Democratic countries must try to come together and reach agreements on minimum standards and rules regarding cybersecurity, privacy and the governance of AI.

This work is an initial step toward developing a cognitive theory of cyber deception. While widely studied, the psychology of deception has largely focused on physical cues of deception. Given that present‐day communication among humans is largely electronic, we focus on the cyber domain where physical cues are unavailable and for which there is less psychological research. To improve cyber defense, researchers have used signaling theory to extended algorithms developed for the optimal allocation of limited defense resources by using deceptive (...) signals to trick the human mind. However, the algorithms are designed to protect against adversaries that make perfectly rational decisions. In behavioral experiments using an abstract cybersecurity game (i.e., Insider Attack Game), we examined human decision‐making when paired against the defense algorithm. We developed an instance‐based learning (IBL) model of an attacker using the Adaptive Control of Thought‐Rational (ACT‐R) cognitive architecture to investigate how humans make decisions under deception in cyber‐attack scenarios. Our results show that the defense algorithm is more effective at reducing the probability of attack and protecting assets when using deceptive signaling, compared to no signaling, but is less effective than predicted against a perfectly rational adversary. Also, the IBL model replicates human attack decisions accurately. The IBL model shows how human decisions arise from experience, and how memory retrieval dynamics can give rise to cognitive biases, such as confirmation bias. The implications of these findings are discussed in the perspective of informing theories of deception and designing more effective signaling schemes that consider human bounded rationality. (shrink)

In cybersecurity, there is a call for adaptive, accurate and efficient procedures to identifying performance shortcomings and security breaches. The increasing complexity of both Internet services and traffic determines a scenario that in many cases impedes the proper deployment of intrusion detection and prevention systems. Although it is a common practice to monitor network and applications activity, there is not a general methodology to codify and interpret the recorded events. Moreover, this lack of methodology somehow erodes the possibility of (...) diagnosing whether event detection and recording is adequately performed. As a result, there is an urge to construct general codification and classification procedures to be applied on any type of security event in any activity log. This work is focused on defining such a method using the so-called normalized compression distance (NCD). NCD is parameter-free and can be applied to determine the distance between events expressed using strings. As a first step in the concretion of a methodology for the integral interpretation of security events, this work is devoted to the characterization of web logs. On the grounds of the NCD, we propose an anomaly-based procedure for identifying web attacks from web logs. Given a web query as stored in a security log, a NCD-based feature vector is created and classified using a support vector machine. The method is tested using the CSIC-2010 data set, and the results are analyzed with respect to similar proposals. (shrink)

Currently, the Internet information and communication network has become an integral part of human life. People use social networks such as Twitter, VKontakte, Facebook, etc., to establish global contacts, exchange opinions, gain knowledge, etc. The active participation of not only individual users, but also information organizations in the entire world space makes it necessary to develop measures that correspond to modern trends in the development of information and communication technologies to ensure national security, in particular, the organization of events related (...) to countering the strengthening of ideas of extremism and terrorism. Countering the spread of aggressive information on the global network is an urgent problem of society and government agencies, this task is solved by filtering unwanted Internet resources. However, terrorist and extremist groups rationally use web technologies to perform various functions, including information dissemination, propaganda, fundraising and extremist missions. In such a situation, the Internet poses a threat to national security. In this paper, we investigate the issue of creating semantic analysis models to identify extremist messages in the Kazakh language. For the study, a proprietary text corpus was assembled and models based on bigrams and word input methods were proposed. According to the results of experiments, the proposed model shows the highest indicators for evaluating machine learning methods. (shrink)

Like previous educational technologies, artificial intelligence in education threatens to disrupt the status quo, with proponents highlighting the potential for efficiency and democratization, and skeptics warning of industrialization and alienation. However, unlike frequently discussed applications of AI in autonomous vehicles, military and cybersecurity concerns, and healthcare, AI’s impacts on education policy and practice have not yet captured the public’s attention. This paper, therefore, evaluates the status of AIEd, with special attention to intelligent tutoring systems and anthropomorphized artificial educational agents. (...) I discuss AIEd’s purported capacities, including the abilities to simulate teachers, provide robust student differentiation, and even foster socio-emotional engagement. Next, to situate developmental pathways for AIEd going forward, I contrast sociotechnical possibilities and risks through two idealized futures. Finally, I consider a recent proposal to use peer review as a gatekeeping strategy to prevent harmful research. This proposal serves as a jumping off point for recommendations to AIEd stakeholders towards improving their engagement with socially responsible research and implementation of AI in educational systems. (shrink)

FOIS is the flagship conference of the International Association for Ontology and its Applications, a non-profit organization which promotes interdisciplinary research and international collaboration at the intersection of philosophical ontology, linguistics, logic, cognitive science, and computer science. This book presents the papers delivered at FOIS 2023, the 13th edition of the Formal Ontology in Information Systems conference. The event was held as a sequentially-hybrid event, face-to-face in Sherbrooke, Canada, from 17 to 20 July 2023, and online from 18 to 20 (...) September 2023. In total, 62 articles from 19 different countries were submitted, out of which 25 were accepted for inclusion in the conference and for publication; corresponding to an acceptance rate of 40 percent. The contributions are separated into the book’s three sections: (1) Foundational ontological issues; (2) Methodological issues around the development, alignment, verification and use of ontologies; and (3) Domain ontologies and ontology-based applications. In these sections, ontological aspects from a wide variety of fields are covered, primarily from various engineering domains including cybersecurity, manufacturing, petroleum engineering, and robotics, but also extending to the humanities, social sciences, medicine, and dentistry. A noticeable trend among the contributions in this edition of the conference is the recognition that improving the tools to analyze, align, and improve ontologies is of paramount importance in continuing to advance the field of formal ontology. The book will be of interest to all formal and applied ontology researchers, and to those who use formal ontologies and information systems as part of their work. (shrink)