Amitai, E. (2011). Cybersecurity in the private sector. Issues in Science and Technology, 28(1), 58-62. [Full text available in the Computer and Applied Sciences Complete database.]
The article looks at the issues related to
cyber-security in private sector in the U.S. It is mentioned that the
current incentives for corporations to better secure their computer
systems are not aligned in a way to promote voluntarily actions and no
major public funds have been made available.
Also given that after major security breaches in 2011, the U.S. Senate
has introduced several proposals to enhance cyber security which include
a new national data-breach reporting policy.
Gooden, D. (2011, October 27). Insulin pump hack delivers fatal dosage over the air. Retrieved from http://www.theregister.co.uk/2011/10/27/fatal_insulin_pump_attack/
In a hack fitting of a James Bond movie, a security researcher has
devised an attack that hijacks nearby insulin pumps, enabling him to
surreptitiously deliver fatal doses to diabetic patients who rely on
them. The attack on wireless insulin pumps made by medical devices giant Medtronic was demonstrated Tuesday at the Hacker Halted
conference in Miami. It was delivered by McAfee's Barnaby Jack, the
same researcher who last year showed how to take control of two widely
used models of automatic teller machines so he could to cause them to spit out a steady stream of dollar bills.
Guimares, M. A. M., Said, H., & Austin, R. (2012). Experience with video games for security. Journal of Computing Sciences in Colleges, 27(3), 95-104. [Full text available in the ACM Digital Library database.]
This paper describes the creation of video games to teach security. The
first section explains why video games can be effective tools for
improving security awareness. The next section provides an overview of
existing video games related to security. The third section describes
why three platforms for building videogames were selected. The last
section describes the prototypes created and the results of classroom
testing.
Kapner, S. (2011, October 31). Hackers press the 'schmooze' button. Wall Street Journal. Retrieved from http://on.wsj.com/uAOcbX
Chris Patten called a large investment-management firm
to report that he was going through a divorce and was worried that his
wife had set up an account under a false name. And with that story—entirely plausible but in this case a lie—a
customer-service representative turned over customer account numbers and
other details with a readiness that makes banks and other companies
cringe. ... As banks and other large companies spend large amounts of money on
building firewalls and using complex technology to fortify their
systems, it is often their own employees who are letting identity
thieves in the door.
Papanikolaou, A., Karakoidas, V., Vlachos, V., Venieris, A., Ilioudis, C., & Zouganelis, G. (2011). A hacker's perspective on cybersecurity. Paper presented at the 15th Panhellenic Conference on Informatics, Kastoria, Greece. [Full text available in the IEEE Computer Society Digital Library database.]
Information
Systems Security experts should be able to confront new, unknown
threats. Therefore, "out-of-the-box" thinking is a necessary skill which
can not be taught using traditional educational methodologies. In order
to introduce our students into the mentality of modern adversaries and
cyber criminals we designed a course based on the well-established
theoretical frameworks of Information Systems Security as well as the
unconventional challenges which experienced hackers use for training
newcomers. Moreover, we developed additional open source software tools
which encourage the collaboration between students and confront
plagiarism or cheating attempts during the exams. Our course in a Higher
Education Institute has been enriched with the use of the Hackademic
tool, a virtual framework that allows students to perform hacking
attacks and penetration testing in a deliberately vulnerable, but
isolated, safe and controlled environment.
