The digital transformation in Cameroon presents critical cybersecurity challenges that demand immediate attention and strategic intervention. This comprehensive analysis examines the evolving cybersecurity landscape i...The digital transformation in Cameroon presents critical cybersecurity challenges that demand immediate attention and strategic intervention. This comprehensive analysis examines the evolving cybersecurity landscape in Cameroon from 2020 to 2023, during which cyber-attacks increased by 156% and financial losses from digital fraud exceeded $45 million. This research identifies significant vulnerabilities in Cameroon’s cybersecurity ecosystem through a rigorous assessment of national infrastructure, policy frameworks, and institutional capacities. Recent data indicates that while digital service adoption has grown exponentially, with internet penetration reaching 35.2% in 2023, cybersecurity measures have lagged significantly behind international standards. This analysis draws on comprehensive data from multiple sectors, including financial services, government institutions, and telecommunications, incorporating findings from the National Cybersecurity Assessment Program and the Digital Infrastructure Security Report. The research reveals that 73% of organizations lack dedicated security teams, while response times to cyber incidents average 72 hours—three times than the global standard. Based on these findings, this paper proposes evidence-based solutions for enhancing digital resilience, including policy modernization, capacity-building initiatives, and technical infrastructure development. The recommendations encompass short-term tactical responses, medium-term strategic improvements, and long-term structural changes, providing a comprehensive roadmap for strengthening Cameroon’s national cybersecurity frameworks.展开更多
The NIST Cybersecurity Framework (NIST CSF) serves as a voluntary guideline aimed at helping organizations, tiny and medium-sized enterprises (SMEs), and critical infrastructure operators, effectively manage cyber ris...The NIST Cybersecurity Framework (NIST CSF) serves as a voluntary guideline aimed at helping organizations, tiny and medium-sized enterprises (SMEs), and critical infrastructure operators, effectively manage cyber risks. Although comprehensive, the complexity of the NIST CSF can be overwhelming, especially for those lacking extensive cybersecurity resources. Current implementation tools often cater to larger companies, neglecting the specific needs of SMEs, which can be vulnerable to cyber threats. To address this gap, our research proposes a user-friendly, open-source web platform designed to simplify the implementation of the NIST CSF. This platform enables organizations to assess their risk exposure and continuously monitor their cybersecurity maturity through tailored recommendations based on their unique profiles. Our methodology includes a literature review of existing tools and standards, followed by a description of the platform’s design and architecture. Initial tests with SMEs in Burkina Faso reveal a concerning cybersecurity maturity level, indicating the urgent need for improved strategies based on our findings. By offering an intuitive interface and cross-platform accessibility, this solution aims to empower organizations to enhance their cybersecurity resilience in an evolving threat landscape. The article concludes with discussions on the practical implications and future enhancements of the tool.展开更多
The concept of Supply Chain 4.0 represents a transformative phase in supply chain management through advanced digital technologies like IoT, AI, blockchain, and cyber-physical systems. While these innovations deliver ...The concept of Supply Chain 4.0 represents a transformative phase in supply chain management through advanced digital technologies like IoT, AI, blockchain, and cyber-physical systems. While these innovations deliver operational improvements, the heightened interconnectivity introduces significant cybersecurity challenges, particularly within military logistics, where mission-critical operations and life-safety concerns are paramount. This paper examines these unique cybersecurity requirements, focusing on advanced persistent threats, supply chain poisoning, and data breaches that could compromise sensitive operations. The study proposes a hybrid cybersecurity framework tailored to military logistics, integrating resilience, redundancy, and cross-jurisdictional security measures. Real-world applicability is validated through simulations, offering strategies for securing supply chains while balancing security, efficiency, and flexibility.展开更多
Small and Medium-sized Enterprises (SMEs) are considered the backbone of global economy, but they often face cyberthreats which threaten their financial stability and operational continuity. This work aims to offer a ...Small and Medium-sized Enterprises (SMEs) are considered the backbone of global economy, but they often face cyberthreats which threaten their financial stability and operational continuity. This work aims to offer a proactive cybersecurity approach to safeguard SMEs against these threats. Furthermore, to mitigate these risks, we propose a comprehensive framework of practical and scalable cybersecurity measurements/protocols specifically for SMEs. These measures encompass a spectrum of solutions, from technological fortifications to employee training initiatives and regulatory compliance strategies, in an effort to cultivate resilience and awareness among SMEs. Additionally, we introduce a specially designed a Java-based questionnaire software tool in order to provide an initial framework for essential cybersecurity measures and evaluation for SMEs. This tool covers crucial topics such as social engineering and phishing attempts, implementing antimalware and ransomware defense mechanisms, secure data management and backup strategies and methods for preventing insider threats. By incorporating globally recognized frameworks and standards like ISO/IEC 27001 and NIST guidelines, this questionnaire offers a roadmap for establishing and enhancing cybersecurity measures.展开更多
This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 emp...This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.展开更多
The efficient transmission of images,which plays a large role inwireless communication systems,poses a significant challenge in the growth of multimedia technology.High-quality images require well-tuned communication ...The efficient transmission of images,which plays a large role inwireless communication systems,poses a significant challenge in the growth of multimedia technology.High-quality images require well-tuned communication standards.The Single Carrier Frequency Division Multiple Access(SC-FDMA)is adopted for broadband wireless communications,because of its low sensitivity to carrier frequency offsets and low Peak-to-Average Power Ratio(PAPR).Data transmission through open-channel networks requires much concentration on security,reliability,and integrity.The data need a space away fromunauthorized access,modification,or deletion.These requirements are to be fulfilled by digital image watermarking and encryption.This paper ismainly concerned with secure image communication over the wireless SC-FDMA systemas an adopted communication standard.It introduces a robust image communication framework over SC-FDMA that comprises digital image watermarking and encryption to improve image security,while maintaining a high-quality reconstruction of images at the receiver side.The proposed framework allows image watermarking based on the Discrete Cosine Transform(DCT)merged with the Singular Value Decomposition(SVD)in the so-called DCT-SVD watermarking.In addition,image encryption is implemented based on chaos and DNA encoding.The encrypted watermarked images are then transmitted through the wireless SC-FDMA system.The linearMinimumMean Square Error(MMSE)equalizer is investigated in this paper to mitigate the effect of channel fading and noise on the transmitted images.Two subcarrier mapping schemes,namely localized and interleaved schemes,are compared in this paper.The study depends on different channelmodels,namely PedestrianAandVehicularA,with a modulation technique namedQuadratureAmplitude Modulation(QAM).Extensive simulation experiments are conducted and introduced in this paper for efficient transmission of encrypted watermarked images.In addition,different variants of SC-FDMA based on the Discrete Wavelet Transform(DWT),Discrete Cosine Transform(DCT),and Fast Fourier Transform(FFT)are considered and compared for the image communication task.The simulation results and comparison demonstrate clearly that DWT-SC-FDMAis better suited to the transmission of the digital images in the case of PedestrianAchannels,while the DCT-SC-FDMA is better suited to the transmission of the digital images in the case of Vehicular A channels.展开更多
Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance,transportation,healthcare,education,...Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance,transportation,healthcare,education,and supply chain management.Blockchain interactions in the heterogeneous network have fascinated more attention due to the authentication of their digital application exchanges.However,the exponential development of storage space capabilities across the blockchain-based heterogeneous network has become an important issue in preventing blockchain distribution and the extension of blockchain nodes.There is the biggest challenge of data integrity and scalability,including significant computing complexity and inapplicable latency on regional network diversity,operating system diversity,bandwidth diversity,node diversity,etc.,for decision-making of data transactions across blockchain-based heterogeneous networks.Data security and privacy have also become the main concerns across the heterogeneous network to build smart IoT ecosystems.To address these issues,today’s researchers have explored the potential solutions of the capability of heterogeneous network devices to perform data transactions where the system stimulates their integration reliably and securely with blockchain.The key goal of this paper is to conduct a state-of-the-art and comprehensive survey on cybersecurity enhancement using blockchain in the heterogeneous network.This paper proposes a full-fledged taxonomy to identify the main obstacles,research gaps,future research directions,effective solutions,andmost relevant blockchain-enabled cybersecurity systems.In addition,Blockchain based heterogeneous network framework with cybersecurity is proposed in this paper tomeet the goal of maintaining optimal performance data transactions among organizations.Overall,this paper provides an in-depth description based on the critical analysis to overcome the existing work gaps for future research where it presents a potential cybersecurity design with key requirements of blockchain across a heterogeneous network.展开更多
Spear Phishing Attacks(SPAs)pose a significant threat to the healthcare sector,resulting in data breaches,financial losses,and compromised patient confidentiality.Traditional defenses,such as firewalls and antivirus s...Spear Phishing Attacks(SPAs)pose a significant threat to the healthcare sector,resulting in data breaches,financial losses,and compromised patient confidentiality.Traditional defenses,such as firewalls and antivirus software,often fail to counter these sophisticated attacks,which target human vulnerabilities.To strengthen defenses,healthcare organizations are increasingly adopting Machine Learning(ML)techniques.ML-based SPA defenses use advanced algorithms to analyze various features,including email content,sender behavior,and attachments,to detect potential threats.This capability enables proactive security measures that address risks in real-time.The interpretability of ML models fosters trust and allows security teams to continuously refine these algorithms as new attack methods emerge.Implementing ML techniques requires integrating diverse data sources,such as electronic health records,email logs,and incident reports,which enhance the algorithms’learning environment.Feedback from end-users further improves model performance.Among tested models,the hierarchical models,Convolutional Neural Network(CNN)achieved the highest accuracy at 99.99%,followed closely by the sequential Bidirectional Long Short-Term Memory(BiLSTM)model at 99.94%.In contrast,the traditional Multi-Layer Perceptron(MLP)model showed an accuracy of 98.46%.This difference underscores the superior performance of advanced sequential and hierarchical models in detecting SPAs compared to traditional approaches.展开更多
In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in ...In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in capturing the dynamic and complex nature of modern cyber threats.To address this gap,we propose a comprehensive framework designed to create authentic network environments tailored for cybersecurity exercise systems.Our framework leverages advanced simulation techniques to generate scenarios that mirror actual network conditions faced by professionals in the field.The cornerstone of our approach is the use of a conditional tabular generative adversarial network(CTGAN),a sophisticated tool that synthesizes realistic synthetic network traffic by learning fromreal data patterns.This technology allows us to handle technical components and sensitive information with high fidelity,ensuring that the synthetic data maintains statistical characteristics similar to those observed in real network environments.By meticulously analyzing the data collected from various network layers and translating these into structured tabular formats,our framework can generate network traffic that closely resembles that found in actual scenarios.An integral part of our process involves deploying this synthetic data within a simulated network environment,structured on software-defined networking(SDN)principles,to test and refine the traffic patterns.This simulation not only facilitates a direct comparison between the synthetic and real traffic but also enables us to identify discrepancies and refine the accuracy of our simulations.Our initial findings indicate an error rate of approximately 29.28%between the synthetic and real traffic data,highlighting areas for further improvement and adjustment.By providing a diverse array of network scenarios through our framework,we aim to enhance the exercise systems used by cybersecurity professionals.This not only improves their ability to respond to actual cyber threats but also ensures that the exercise is cost-effective and efficient.展开更多
In the digital age, the global character of the Internet has significantly improved our daily lives by providing access to large amounts of knowledge and allowing for seamless connections. However, this enormously int...In the digital age, the global character of the Internet has significantly improved our daily lives by providing access to large amounts of knowledge and allowing for seamless connections. However, this enormously interconnected world is not without its risks. Malicious URLs are a powerful menace, masquerading as legitimate links while holding the intent to hack computer systems or steal sensitive personal information. As the sophistication and frequency of cyberattacks increase, identifying bad URLs has emerged as a critical aspect of cybersecurity. This study presents a new approach that enables the average end-user to check URL safety using Microsoft Excel. Using the powerful VirusTotal API for URL inspections, this study creates an Excel add-in that integrates Python and Excel to deliver a seamless, user-friendly interface. Furthermore, the study improves Excel’s capabilities by allowing users to encrypt and decrypt text communications directly in the spreadsheet. Users may easily encrypt their conversations by simply typing a key and the required text into predefined cells, enhancing their personal cybersecurity with a layer of cryptographic secrecy. This strategy democratizes access to advanced cybersecurity solutions, making attentive digital integrity a feature rather than a daunting burden.展开更多
This study investigates how cybersecurity can be enhanced through cloud computing solutions in the United States. The motive for this study is due to the rampant loss of data, breaches, and unauthorized access of inte...This study investigates how cybersecurity can be enhanced through cloud computing solutions in the United States. The motive for this study is due to the rampant loss of data, breaches, and unauthorized access of internet criminals in the United States. The study adopted a survey research design, collecting data from 890 cloud professionals with relevant knowledge of cybersecurity and cloud computing. A machine learning approach was adopted, specifically a random forest classifier, an ensemble, and a decision tree model. Out of the features in the data, ten important features were selected using random forest feature importance, which helps to achieve the objective of the study. The study’s purpose is to enable organizations to develop suitable techniques to prevent cybercrime using random forest predictions as they relate to cloud services in the United States. The effectiveness of the models used is evaluated by utilizing validation matrices that include recall values, accuracy, and precision, in addition to F1 scores and confusion matrices. Based on evaluation scores (accuracy, precision, recall, and F1 scores) of 81.9%, 82.6%, and 82.1%, the results demonstrated the effectiveness of the random forest model. It showed the importance of machine learning algorithms in preventing cybercrime and boosting security in the cloud environment. It recommends that other machine learning models be adopted to see how to improve cybersecurity through cloud computing.展开更多
The research consistently highlights the gender disparity in cybersecurity leadership roles, necessitating targeted interventions. Biased recruitment practices, limited STEM education opportunities for girls, and work...The research consistently highlights the gender disparity in cybersecurity leadership roles, necessitating targeted interventions. Biased recruitment practices, limited STEM education opportunities for girls, and workplace culture contribute to this gap. Proposed solutions include addressing biased recruitment through gender-neutral language and blind processes, promoting STEM education for girls to increase qualified female candidates, and fostering inclusive workplace cultures with mentorship and sponsorship programs. Gender parity is crucial for the industry’s success, as embracing diversity enables the cybersecurity sector to leverage various perspectives, drive innovation, and effectively combat cyber threats. Achieving this balance is not just about fairness but also a strategic imperative. By embracing concerted efforts towards gender parity, we can create a more resilient and impactful cybersecurity landscape, benefiting industry and society.展开更多
Elementary information theory is used to model cybersecurity complexity, where the model assumes that security risk management is a binomial stochastic process. Complexity is shown to increase exponentially with the n...Elementary information theory is used to model cybersecurity complexity, where the model assumes that security risk management is a binomial stochastic process. Complexity is shown to increase exponentially with the number of vulnerabilities in combination with security risk management entropy. However, vulnerabilities can be either local or non-local, where the former is confined to networked elements and the latter results from interactions between elements. Furthermore, interactions involve multiple methods of communication, where each method can contain vulnerabilities specific to that method. Importantly, the number of possible interactions scales quadratically with the number of elements in standard network topologies. Minimizing these interactions can significantly reduce the number of vulnerabilities and the accompanying complexity. Two network configurations that yield sub-quadratic and linear scaling relations are presented.展开更多
Phishing is one of the most common threats on the Internet. Traditionally, detection methods have relied on blacklists and heuristic rules, but these approaches are showing their limitations in the face of rapidly evo...Phishing is one of the most common threats on the Internet. Traditionally, detection methods have relied on blacklists and heuristic rules, but these approaches are showing their limitations in the face of rapidly evolving attack techniques. Artificial Intelligence (AI) offers promising solutions for improving phishing detection, prediction and prevention. In our study, we analyzed three supervised machine learning classifiers and one deep learning classifier for detecting and predicting phishing websites: Naive Bayes, Decision Tree, Gradient Boosting and Multi-Layer Perceptron. The results showed that the Gradient Boosting Classifier performed best, with a precision of 96.2%, a F1-score of 96.6%, recall and precision of 99.9% in all classes, and a mean absolute error (MAE) of just 0.002. Closely followed by the Gradient Boosting Classifier with a precision of 96.2% and a score of 96.6%. In contrast, Naive Bayes and the Decision Tree showed a lower accuracy rate. These results underline the importance of high accuracy in these models to reduce the risk associated with malicious attachments and reinforce security measures in this area of research.展开更多
In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an act...In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an actionable method designed to provide organizations with comprehensive guidelines for conducting IT and cybersecurity risk assessments. Drawing extensively from NIST 800-30 Rev 1, COBIT 5, and ISO 31000, “AssessITS” bridges the gap between high-level theoretical standards and practical implementation challenges. The paper outlines a step-by-step methodology that organizations can simply adopt to systematically identify, analyze, and mitigate IT risks. By simplifying complex principles into actionable procedures, this framework equips practitioners with the tools needed to perform risk assessments independently, without too much reliance on external vendors. The guidelines are developed to be straightforward, integrating practical evaluation metrics that allow for the precise quantification of asset values, threat levels, vulnerabilities, and impacts on confidentiality, integrity, and availability. This approach ensures that the risk assessment process is not only comprehensive but also accessible, enabling decision-makers to implement effective risk mitigation strategies customized to their unique operational contexts. “AssessITS” aims to enable organizations to enhance their IT security strength through practical, actionable guidance based on internationally recognized standards.展开更多
1.INTRODUCTION.The integration of technology in medicine,particularly in the field of radiology,has led to significant advancements in patient care and diagnosis.While this digital transformation of healthcare has bro...1.INTRODUCTION.The integration of technology in medicine,particularly in the field of radiology,has led to significant advancements in patient care and diagnosis.While this digital transformation of healthcare has brought many benefits,it has also exposed radiological systems and sensitive patient data to unprecedented cybersecurity threats.This article aims to highlight the current cyberattack landscape,trends,and benefits of ethical hacking,which could be employed to identify vulnerabilities and improve cybersecurity defenses.展开更多
Technological shifts—coupled with infrastructure, techniques, and applications for big data—have created many new opportunities, business models, and industry expansion that benefit entrepreneurs. At the same time, ...Technological shifts—coupled with infrastructure, techniques, and applications for big data—have created many new opportunities, business models, and industry expansion that benefit entrepreneurs. At the same time, however, entrepreneurs are often unprepared for cybersecurity needs—and the policymakers, industry, and nonprofit groups that support them also face technological and knowledge constraints in keeping up with their needs. To improve the ability of entrepreneurship research to understand, identify, and ultimately help address cybersecurity challenges, we conduct a literature review on the state of cybersecurity. The research highlights the necessity for additional investigation to aid small businesses in securing their confidential data and client information from cyber threats, thereby preventing the potential shutdown of the business.展开更多
The landscape of cybersecurity is rapidly evolving due to the advancement and integration of Artificial Intelligence (AI) and Machine Learning (ML). This paper explores the crucial role of AI and ML in enhancing cyber...The landscape of cybersecurity is rapidly evolving due to the advancement and integration of Artificial Intelligence (AI) and Machine Learning (ML). This paper explores the crucial role of AI and ML in enhancing cybersecurity defenses against increasingly sophisticated cyber threats, while also highlighting the new vulnerabilities introduced by these technologies. Through a comprehensive analysis that includes historical trends, technological evaluations, and predictive modeling, the dual-edged nature of AI and ML in cybersecurity is examined. Significant challenges such as data privacy, continuous training of AI models, manipulation risks, and ethical concerns are addressed. The paper emphasizes a balanced approach that leverages technological innovation alongside rigorous ethical standards and robust cybersecurity practices. This approach facilitates collaboration among various stakeholders to develop guidelines that ensure responsible and effective use of AI in cybersecurity, aiming to enhance system integrity and privacy without compromising security.展开更多
Legacy-based threat detection systems have not been able to keep up with the exponential growth in scope, frequency, and effect of cybersecurity threats. Artificial intelligence is being used as a result to help with ...Legacy-based threat detection systems have not been able to keep up with the exponential growth in scope, frequency, and effect of cybersecurity threats. Artificial intelligence is being used as a result to help with the issue. This paper’s primary goal is to examine how African nations are utilizing artificial intelligence to defend their infrastructure against cyberattacks. Artificial intelligence (AI) systems will make decisions that impact Africa’s future. The lack of technical expertise, the labor pool, financial resources, data limitations, uncertainty, lack of structured data, absence of government policies, ethics, user attitudes, insufficient investment in research and development, and the requirement for more adaptable and dynamic regulatory systems all pose obstacles to the adoption of AI technologies in Africa. The paper discusses how African countries are adopting artificial intelligence solutions for cybersecurity. And it shows the impact of AI to identify shadow data, monitor for abnormalities in data access and alert cyber security professionals about potential threats by anyone accessing the data or sensitive information saving valuable time in detecting and remediating issues in real-time. The study finds that 69.16% of African companies are implementing information security strategies and of these, 45% said they use technologies based on AI algorithms. This study finds that a large number of African businesses use tools that can track and analyze user behaviour in designated areas and spot anomalies, such as new users, strange IP addresses and login activity, changes to permissions on files, folders, and other resources, and the copying or erasure of massive amounts of data. Thus, we discover that just 18.18% of the target has no national cybersecurity strategy or policy. The study proposes using big data security analytics to integrate AI. Adopting it would be beneficial for all African nations, as it provides a range of cyberattack defense techniques.展开更多
The rapid integration of artificial intelligence (AI) into critical sectors has revealed a complex landscape of cybersecurity challenges that are unique to these advanced technologies. AI systems, with their extensive...The rapid integration of artificial intelligence (AI) into critical sectors has revealed a complex landscape of cybersecurity challenges that are unique to these advanced technologies. AI systems, with their extensive data dependencies and algorithmic complexities, are susceptible to a broad spectrum of cyber threats that can undermine their functionality and compromise their integrity. This paper provides a detailed analysis of these threats, which include data poisoning, adversarial attacks, and systemic vulnerabilities that arise from the AI’s operational and infrastructural frameworks. This paper critically examines the effectiveness of existing defensive mechanisms, such as adversarial training and threat modeling, that aim to fortify AI systems against such vulnerabilities. In response to the limitations of current approaches, this paper explores a comprehensive framework for the design and implementation of robust AI systems. This framework emphasizes the development of dynamic, adaptive security measures that can evolve in response to new and emerging cyber threats, thereby enhancing the resilience of AI systems. Furthermore, the paper addresses the ethical dimensions of AI cybersecurity, highlighting the need for strategies that not only protect systems but also preserve user privacy and ensure fairness across all operations. In addition to current strategies and ethical concerns, this paper explores future directions in AI cybersecurity.展开更多
文摘The digital transformation in Cameroon presents critical cybersecurity challenges that demand immediate attention and strategic intervention. This comprehensive analysis examines the evolving cybersecurity landscape in Cameroon from 2020 to 2023, during which cyber-attacks increased by 156% and financial losses from digital fraud exceeded $45 million. This research identifies significant vulnerabilities in Cameroon’s cybersecurity ecosystem through a rigorous assessment of national infrastructure, policy frameworks, and institutional capacities. Recent data indicates that while digital service adoption has grown exponentially, with internet penetration reaching 35.2% in 2023, cybersecurity measures have lagged significantly behind international standards. This analysis draws on comprehensive data from multiple sectors, including financial services, government institutions, and telecommunications, incorporating findings from the National Cybersecurity Assessment Program and the Digital Infrastructure Security Report. The research reveals that 73% of organizations lack dedicated security teams, while response times to cyber incidents average 72 hours—three times than the global standard. Based on these findings, this paper proposes evidence-based solutions for enhancing digital resilience, including policy modernization, capacity-building initiatives, and technical infrastructure development. The recommendations encompass short-term tactical responses, medium-term strategic improvements, and long-term structural changes, providing a comprehensive roadmap for strengthening Cameroon’s national cybersecurity frameworks.
文摘The NIST Cybersecurity Framework (NIST CSF) serves as a voluntary guideline aimed at helping organizations, tiny and medium-sized enterprises (SMEs), and critical infrastructure operators, effectively manage cyber risks. Although comprehensive, the complexity of the NIST CSF can be overwhelming, especially for those lacking extensive cybersecurity resources. Current implementation tools often cater to larger companies, neglecting the specific needs of SMEs, which can be vulnerable to cyber threats. To address this gap, our research proposes a user-friendly, open-source web platform designed to simplify the implementation of the NIST CSF. This platform enables organizations to assess their risk exposure and continuously monitor their cybersecurity maturity through tailored recommendations based on their unique profiles. Our methodology includes a literature review of existing tools and standards, followed by a description of the platform’s design and architecture. Initial tests with SMEs in Burkina Faso reveal a concerning cybersecurity maturity level, indicating the urgent need for improved strategies based on our findings. By offering an intuitive interface and cross-platform accessibility, this solution aims to empower organizations to enhance their cybersecurity resilience in an evolving threat landscape. The article concludes with discussions on the practical implications and future enhancements of the tool.
文摘The concept of Supply Chain 4.0 represents a transformative phase in supply chain management through advanced digital technologies like IoT, AI, blockchain, and cyber-physical systems. While these innovations deliver operational improvements, the heightened interconnectivity introduces significant cybersecurity challenges, particularly within military logistics, where mission-critical operations and life-safety concerns are paramount. This paper examines these unique cybersecurity requirements, focusing on advanced persistent threats, supply chain poisoning, and data breaches that could compromise sensitive operations. The study proposes a hybrid cybersecurity framework tailored to military logistics, integrating resilience, redundancy, and cross-jurisdictional security measures. Real-world applicability is validated through simulations, offering strategies for securing supply chains while balancing security, efficiency, and flexibility.
文摘Small and Medium-sized Enterprises (SMEs) are considered the backbone of global economy, but they often face cyberthreats which threaten their financial stability and operational continuity. This work aims to offer a proactive cybersecurity approach to safeguard SMEs against these threats. Furthermore, to mitigate these risks, we propose a comprehensive framework of practical and scalable cybersecurity measurements/protocols specifically for SMEs. These measures encompass a spectrum of solutions, from technological fortifications to employee training initiatives and regulatory compliance strategies, in an effort to cultivate resilience and awareness among SMEs. Additionally, we introduce a specially designed a Java-based questionnaire software tool in order to provide an initial framework for essential cybersecurity measures and evaluation for SMEs. This tool covers crucial topics such as social engineering and phishing attempts, implementing antimalware and ransomware defense mechanisms, secure data management and backup strategies and methods for preventing insider threats. By incorporating globally recognized frameworks and standards like ISO/IEC 27001 and NIST guidelines, this questionnaire offers a roadmap for establishing and enhancing cybersecurity measures.
文摘This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.
基金the Deanship of Scientific Research,Princess Nourah bint Abdulrahman University,through the Program of Research Project Funding After Publication,Grant No.(44-PRFA-P-131).
文摘The efficient transmission of images,which plays a large role inwireless communication systems,poses a significant challenge in the growth of multimedia technology.High-quality images require well-tuned communication standards.The Single Carrier Frequency Division Multiple Access(SC-FDMA)is adopted for broadband wireless communications,because of its low sensitivity to carrier frequency offsets and low Peak-to-Average Power Ratio(PAPR).Data transmission through open-channel networks requires much concentration on security,reliability,and integrity.The data need a space away fromunauthorized access,modification,or deletion.These requirements are to be fulfilled by digital image watermarking and encryption.This paper ismainly concerned with secure image communication over the wireless SC-FDMA systemas an adopted communication standard.It introduces a robust image communication framework over SC-FDMA that comprises digital image watermarking and encryption to improve image security,while maintaining a high-quality reconstruction of images at the receiver side.The proposed framework allows image watermarking based on the Discrete Cosine Transform(DCT)merged with the Singular Value Decomposition(SVD)in the so-called DCT-SVD watermarking.In addition,image encryption is implemented based on chaos and DNA encoding.The encrypted watermarked images are then transmitted through the wireless SC-FDMA system.The linearMinimumMean Square Error(MMSE)equalizer is investigated in this paper to mitigate the effect of channel fading and noise on the transmitted images.Two subcarrier mapping schemes,namely localized and interleaved schemes,are compared in this paper.The study depends on different channelmodels,namely PedestrianAandVehicularA,with a modulation technique namedQuadratureAmplitude Modulation(QAM).Extensive simulation experiments are conducted and introduced in this paper for efficient transmission of encrypted watermarked images.In addition,different variants of SC-FDMA based on the Discrete Wavelet Transform(DWT),Discrete Cosine Transform(DCT),and Fast Fourier Transform(FFT)are considered and compared for the image communication task.The simulation results and comparison demonstrate clearly that DWT-SC-FDMAis better suited to the transmission of the digital images in the case of PedestrianAchannels,while the DCT-SC-FDMA is better suited to the transmission of the digital images in the case of Vehicular A channels.
基金The authors would like to acknowledge the Institute for Big Data Analytics and Artificial Intelligence(IBDAAI),Universiti TeknologiMARA and the Ministry of Higher Education,Malaysia for the financial support through Fundamental Research Grant Scheme(FRGS)Grant No.FRGS/1/2021/ICT11/UITM/01/1.
文摘Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance,transportation,healthcare,education,and supply chain management.Blockchain interactions in the heterogeneous network have fascinated more attention due to the authentication of their digital application exchanges.However,the exponential development of storage space capabilities across the blockchain-based heterogeneous network has become an important issue in preventing blockchain distribution and the extension of blockchain nodes.There is the biggest challenge of data integrity and scalability,including significant computing complexity and inapplicable latency on regional network diversity,operating system diversity,bandwidth diversity,node diversity,etc.,for decision-making of data transactions across blockchain-based heterogeneous networks.Data security and privacy have also become the main concerns across the heterogeneous network to build smart IoT ecosystems.To address these issues,today’s researchers have explored the potential solutions of the capability of heterogeneous network devices to perform data transactions where the system stimulates their integration reliably and securely with blockchain.The key goal of this paper is to conduct a state-of-the-art and comprehensive survey on cybersecurity enhancement using blockchain in the heterogeneous network.This paper proposes a full-fledged taxonomy to identify the main obstacles,research gaps,future research directions,effective solutions,andmost relevant blockchain-enabled cybersecurity systems.In addition,Blockchain based heterogeneous network framework with cybersecurity is proposed in this paper tomeet the goal of maintaining optimal performance data transactions among organizations.Overall,this paper provides an in-depth description based on the critical analysis to overcome the existing work gaps for future research where it presents a potential cybersecurity design with key requirements of blockchain across a heterogeneous network.
基金funded by the Deanship of Graduate Studies and Scientific Research at Jouf University under Grant Number(DGSSR-2023-02-02513).
文摘Spear Phishing Attacks(SPAs)pose a significant threat to the healthcare sector,resulting in data breaches,financial losses,and compromised patient confidentiality.Traditional defenses,such as firewalls and antivirus software,often fail to counter these sophisticated attacks,which target human vulnerabilities.To strengthen defenses,healthcare organizations are increasingly adopting Machine Learning(ML)techniques.ML-based SPA defenses use advanced algorithms to analyze various features,including email content,sender behavior,and attachments,to detect potential threats.This capability enables proactive security measures that address risks in real-time.The interpretability of ML models fosters trust and allows security teams to continuously refine these algorithms as new attack methods emerge.Implementing ML techniques requires integrating diverse data sources,such as electronic health records,email logs,and incident reports,which enhance the algorithms’learning environment.Feedback from end-users further improves model performance.Among tested models,the hierarchical models,Convolutional Neural Network(CNN)achieved the highest accuracy at 99.99%,followed closely by the sequential Bidirectional Long Short-Term Memory(BiLSTM)model at 99.94%.In contrast,the traditional Multi-Layer Perceptron(MLP)model showed an accuracy of 98.46%.This difference underscores the superior performance of advanced sequential and hierarchical models in detecting SPAs compared to traditional approaches.
基金supported in part by the Korea Research Institute for Defense Technology Planning and Advancement(KRIT)funded by the Korean Government’s Defense Acquisition Program Administration(DAPA)under Grant KRIT-CT-21-037in part by the Ministry of Education,Republic of Koreain part by the National Research Foundation of Korea under Grant RS-2023-00211871.
文摘In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in capturing the dynamic and complex nature of modern cyber threats.To address this gap,we propose a comprehensive framework designed to create authentic network environments tailored for cybersecurity exercise systems.Our framework leverages advanced simulation techniques to generate scenarios that mirror actual network conditions faced by professionals in the field.The cornerstone of our approach is the use of a conditional tabular generative adversarial network(CTGAN),a sophisticated tool that synthesizes realistic synthetic network traffic by learning fromreal data patterns.This technology allows us to handle technical components and sensitive information with high fidelity,ensuring that the synthetic data maintains statistical characteristics similar to those observed in real network environments.By meticulously analyzing the data collected from various network layers and translating these into structured tabular formats,our framework can generate network traffic that closely resembles that found in actual scenarios.An integral part of our process involves deploying this synthetic data within a simulated network environment,structured on software-defined networking(SDN)principles,to test and refine the traffic patterns.This simulation not only facilitates a direct comparison between the synthetic and real traffic but also enables us to identify discrepancies and refine the accuracy of our simulations.Our initial findings indicate an error rate of approximately 29.28%between the synthetic and real traffic data,highlighting areas for further improvement and adjustment.By providing a diverse array of network scenarios through our framework,we aim to enhance the exercise systems used by cybersecurity professionals.This not only improves their ability to respond to actual cyber threats but also ensures that the exercise is cost-effective and efficient.
文摘In the digital age, the global character of the Internet has significantly improved our daily lives by providing access to large amounts of knowledge and allowing for seamless connections. However, this enormously interconnected world is not without its risks. Malicious URLs are a powerful menace, masquerading as legitimate links while holding the intent to hack computer systems or steal sensitive personal information. As the sophistication and frequency of cyberattacks increase, identifying bad URLs has emerged as a critical aspect of cybersecurity. This study presents a new approach that enables the average end-user to check URL safety using Microsoft Excel. Using the powerful VirusTotal API for URL inspections, this study creates an Excel add-in that integrates Python and Excel to deliver a seamless, user-friendly interface. Furthermore, the study improves Excel’s capabilities by allowing users to encrypt and decrypt text communications directly in the spreadsheet. Users may easily encrypt their conversations by simply typing a key and the required text into predefined cells, enhancing their personal cybersecurity with a layer of cryptographic secrecy. This strategy democratizes access to advanced cybersecurity solutions, making attentive digital integrity a feature rather than a daunting burden.
文摘This study investigates how cybersecurity can be enhanced through cloud computing solutions in the United States. The motive for this study is due to the rampant loss of data, breaches, and unauthorized access of internet criminals in the United States. The study adopted a survey research design, collecting data from 890 cloud professionals with relevant knowledge of cybersecurity and cloud computing. A machine learning approach was adopted, specifically a random forest classifier, an ensemble, and a decision tree model. Out of the features in the data, ten important features were selected using random forest feature importance, which helps to achieve the objective of the study. The study’s purpose is to enable organizations to develop suitable techniques to prevent cybercrime using random forest predictions as they relate to cloud services in the United States. The effectiveness of the models used is evaluated by utilizing validation matrices that include recall values, accuracy, and precision, in addition to F1 scores and confusion matrices. Based on evaluation scores (accuracy, precision, recall, and F1 scores) of 81.9%, 82.6%, and 82.1%, the results demonstrated the effectiveness of the random forest model. It showed the importance of machine learning algorithms in preventing cybercrime and boosting security in the cloud environment. It recommends that other machine learning models be adopted to see how to improve cybersecurity through cloud computing.
文摘The research consistently highlights the gender disparity in cybersecurity leadership roles, necessitating targeted interventions. Biased recruitment practices, limited STEM education opportunities for girls, and workplace culture contribute to this gap. Proposed solutions include addressing biased recruitment through gender-neutral language and blind processes, promoting STEM education for girls to increase qualified female candidates, and fostering inclusive workplace cultures with mentorship and sponsorship programs. Gender parity is crucial for the industry’s success, as embracing diversity enables the cybersecurity sector to leverage various perspectives, drive innovation, and effectively combat cyber threats. Achieving this balance is not just about fairness but also a strategic imperative. By embracing concerted efforts towards gender parity, we can create a more resilient and impactful cybersecurity landscape, benefiting industry and society.
文摘Elementary information theory is used to model cybersecurity complexity, where the model assumes that security risk management is a binomial stochastic process. Complexity is shown to increase exponentially with the number of vulnerabilities in combination with security risk management entropy. However, vulnerabilities can be either local or non-local, where the former is confined to networked elements and the latter results from interactions between elements. Furthermore, interactions involve multiple methods of communication, where each method can contain vulnerabilities specific to that method. Importantly, the number of possible interactions scales quadratically with the number of elements in standard network topologies. Minimizing these interactions can significantly reduce the number of vulnerabilities and the accompanying complexity. Two network configurations that yield sub-quadratic and linear scaling relations are presented.
文摘Phishing is one of the most common threats on the Internet. Traditionally, detection methods have relied on blacklists and heuristic rules, but these approaches are showing their limitations in the face of rapidly evolving attack techniques. Artificial Intelligence (AI) offers promising solutions for improving phishing detection, prediction and prevention. In our study, we analyzed three supervised machine learning classifiers and one deep learning classifier for detecting and predicting phishing websites: Naive Bayes, Decision Tree, Gradient Boosting and Multi-Layer Perceptron. The results showed that the Gradient Boosting Classifier performed best, with a precision of 96.2%, a F1-score of 96.6%, recall and precision of 99.9% in all classes, and a mean absolute error (MAE) of just 0.002. Closely followed by the Gradient Boosting Classifier with a precision of 96.2% and a score of 96.6%. In contrast, Naive Bayes and the Decision Tree showed a lower accuracy rate. These results underline the importance of high accuracy in these models to reduce the risk associated with malicious attachments and reinforce security measures in this area of research.
文摘In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an actionable method designed to provide organizations with comprehensive guidelines for conducting IT and cybersecurity risk assessments. Drawing extensively from NIST 800-30 Rev 1, COBIT 5, and ISO 31000, “AssessITS” bridges the gap between high-level theoretical standards and practical implementation challenges. The paper outlines a step-by-step methodology that organizations can simply adopt to systematically identify, analyze, and mitigate IT risks. By simplifying complex principles into actionable procedures, this framework equips practitioners with the tools needed to perform risk assessments independently, without too much reliance on external vendors. The guidelines are developed to be straightforward, integrating practical evaluation metrics that allow for the precise quantification of asset values, threat levels, vulnerabilities, and impacts on confidentiality, integrity, and availability. This approach ensures that the risk assessment process is not only comprehensive but also accessible, enabling decision-makers to implement effective risk mitigation strategies customized to their unique operational contexts. “AssessITS” aims to enable organizations to enhance their IT security strength through practical, actionable guidance based on internationally recognized standards.
文摘1.INTRODUCTION.The integration of technology in medicine,particularly in the field of radiology,has led to significant advancements in patient care and diagnosis.While this digital transformation of healthcare has brought many benefits,it has also exposed radiological systems and sensitive patient data to unprecedented cybersecurity threats.This article aims to highlight the current cyberattack landscape,trends,and benefits of ethical hacking,which could be employed to identify vulnerabilities and improve cybersecurity defenses.
文摘Technological shifts—coupled with infrastructure, techniques, and applications for big data—have created many new opportunities, business models, and industry expansion that benefit entrepreneurs. At the same time, however, entrepreneurs are often unprepared for cybersecurity needs—and the policymakers, industry, and nonprofit groups that support them also face technological and knowledge constraints in keeping up with their needs. To improve the ability of entrepreneurship research to understand, identify, and ultimately help address cybersecurity challenges, we conduct a literature review on the state of cybersecurity. The research highlights the necessity for additional investigation to aid small businesses in securing their confidential data and client information from cyber threats, thereby preventing the potential shutdown of the business.
文摘The landscape of cybersecurity is rapidly evolving due to the advancement and integration of Artificial Intelligence (AI) and Machine Learning (ML). This paper explores the crucial role of AI and ML in enhancing cybersecurity defenses against increasingly sophisticated cyber threats, while also highlighting the new vulnerabilities introduced by these technologies. Through a comprehensive analysis that includes historical trends, technological evaluations, and predictive modeling, the dual-edged nature of AI and ML in cybersecurity is examined. Significant challenges such as data privacy, continuous training of AI models, manipulation risks, and ethical concerns are addressed. The paper emphasizes a balanced approach that leverages technological innovation alongside rigorous ethical standards and robust cybersecurity practices. This approach facilitates collaboration among various stakeholders to develop guidelines that ensure responsible and effective use of AI in cybersecurity, aiming to enhance system integrity and privacy without compromising security.
文摘Legacy-based threat detection systems have not been able to keep up with the exponential growth in scope, frequency, and effect of cybersecurity threats. Artificial intelligence is being used as a result to help with the issue. This paper’s primary goal is to examine how African nations are utilizing artificial intelligence to defend their infrastructure against cyberattacks. Artificial intelligence (AI) systems will make decisions that impact Africa’s future. The lack of technical expertise, the labor pool, financial resources, data limitations, uncertainty, lack of structured data, absence of government policies, ethics, user attitudes, insufficient investment in research and development, and the requirement for more adaptable and dynamic regulatory systems all pose obstacles to the adoption of AI technologies in Africa. The paper discusses how African countries are adopting artificial intelligence solutions for cybersecurity. And it shows the impact of AI to identify shadow data, monitor for abnormalities in data access and alert cyber security professionals about potential threats by anyone accessing the data or sensitive information saving valuable time in detecting and remediating issues in real-time. The study finds that 69.16% of African companies are implementing information security strategies and of these, 45% said they use technologies based on AI algorithms. This study finds that a large number of African businesses use tools that can track and analyze user behaviour in designated areas and spot anomalies, such as new users, strange IP addresses and login activity, changes to permissions on files, folders, and other resources, and the copying or erasure of massive amounts of data. Thus, we discover that just 18.18% of the target has no national cybersecurity strategy or policy. The study proposes using big data security analytics to integrate AI. Adopting it would be beneficial for all African nations, as it provides a range of cyberattack defense techniques.
文摘The rapid integration of artificial intelligence (AI) into critical sectors has revealed a complex landscape of cybersecurity challenges that are unique to these advanced technologies. AI systems, with their extensive data dependencies and algorithmic complexities, are susceptible to a broad spectrum of cyber threats that can undermine their functionality and compromise their integrity. This paper provides a detailed analysis of these threats, which include data poisoning, adversarial attacks, and systemic vulnerabilities that arise from the AI’s operational and infrastructural frameworks. This paper critically examines the effectiveness of existing defensive mechanisms, such as adversarial training and threat modeling, that aim to fortify AI systems against such vulnerabilities. In response to the limitations of current approaches, this paper explores a comprehensive framework for the design and implementation of robust AI systems. This framework emphasizes the development of dynamic, adaptive security measures that can evolve in response to new and emerging cyber threats, thereby enhancing the resilience of AI systems. Furthermore, the paper addresses the ethical dimensions of AI cybersecurity, highlighting the need for strategies that not only protect systems but also preserve user privacy and ensure fairness across all operations. In addition to current strategies and ethical concerns, this paper explores future directions in AI cybersecurity.
