Search Results
Az információbiztonság időszerű kérdései a magyarországi kkv-k körében
Current issues of information security among SMEs in Hungary
Összefoglalás.
A tanulmány célja az információbiztonság vizsgálata a magyarországi kis- és középvállalkozások (kkv-k) körében. Tanulmányunk aktualitását az adja, hogy az Európai Unió Bizottsága által évente kiadott Digitális Gazdaság és Társadalom Indexe szerint a magyarországi kkv-kat alacsony adat- és információbiztonsági szint jellemzi. Kutatásunk során egyaránt alkalmaztunk kvalitatív és kvantitatív módszereket. Az előbbinél dokumentumelemzéssel megvizsgáltuk, hogy a hazai szakirodalom milyen fontosabb információbiztonsági kihívásokat azonosít, illetve interjúk segítségével feltérképeztük a kkv-k információbiztonsági gyakorlatait és kihívásait, az utóbbinál pedig egy online, nagymintás kérdőív révén vizsgáltuk a szektor vezetőinek információbiztonsággal kapcsolatos véleményét, fejlettségét.
Summary.
The aim of the study is to examine information security among small and medium-sized enterprises (SMEs) in Hungary. The relevance of our study is that, according to the Digital Economy and Society Index published annually by the Commission of the European Union, Hungarian SMEs are characterised by a low level of data and information security. In our research, we used both qualitative and quantitative methods. In the former, we conducted a document analysis to identify the main information security challenges identified in the domestic literature and mapped the information security practices and challenges of SMEs through interviews, while in the latter, we used an online, large-scale questionnaire to investigate the views and development of the sector’s managers on information security. The findings of our study are based on the responses of 150 SME managers and 31 IT professionals working in the sector. We divided our questionnaire into six sections: demographics, business profile, device usage, digital habits, information security awareness survey based on the international HAIS-Q, information security awareness in daily practice. In the present research we deviated somewhat from the international model, firstly because we had to adapt the model to the domestic requirements and our research objectives, and secondly because this model was only a part of our questionnaire. During the research we have clearly identified the need to develop and implement practice-oriented training programmes that can help managers and IT professionals in the domestic SME sector to develop their information security awareness and even to make the transition to Industry 4.0. Based on the responses to the interview questions, it can be concluded that, overall, SME managers and their organisations are increasingly starting to build cybersecurity solutions and information security measures around their organisation. There is still a need to develop and share information security good practices that can reach SMEs, as there is a need for training and exchange of experiences, but not all companies are fully committed to the issue, so the actual need for action and organisation is ultimately lagging behind. A small proportion of the organisations surveyed have been victims of a cybersecurity incident and a good proportion of SME managers believe that until an incident has happened to an employee or the organisation, they will not learn from it. Basically, there is a growing demand for increased security and the use of security tools and education in information security, but this is evolving as a slow process and not as fast as the world around us is changing, so it is questionable when an information security explosion will occur that may radically change the tools and attitudes of organisations.
://www.pbs.org/newshour/science/ransomware-and-other-data-breaches-linked-to-uptick-in-fatal-heart-attacks [accessed: March 10, 2020]. 2 Ködmön J, Csajbók ZE. Information security in health care. [Információbiztonság az egészségügyben.] Orv Hetil. 2015; 156: 1075
A vállalati biztonsági háló meghatározó tényezői
Determining factors of the corporate safety-net
ISO 31000:2018 Risk management – Guidelines 26 ISO/IEC 27000 Family information security management 27
Kiberbiztonság a koronavírus idején – a COVID–19 nemzetbiztonsági aspektusai
Cyber Security in the Time of the Coronavirus – National Security Aspects of COVID-19
Összefoglaló. A COVID–19 pandémia az információbiztonság területén új kihívásokat jelentett. A távolról végzett munka különböző formái jelentős mértékben növelték az online tér biztonsági kockázatát. Nőtt a hálózatok nagysága, az adatforgalom, és azon felhasználók száma, akiknek nem volt érdemi tapasztalatuk az online térben. A járvány ideje alatt a kibertérből érkező támadások szektoronként és időszakonként eltérő intenzitásúak voltak, a támadások típusa a phishingtől a malwareken keresztül az információs zavarkeltésig széles spektrumban változott. Számos jelenségnek nemzetbiztonsági vonatkozásai is voltak. Összefoglaló cikkünkben a fenti jelenségek nemzetközi és hazai tapasztalatait összegezzük, különös figyelmet szentelve az egészségügyi rendszernek, illetve a vakcinafejlesztés kibertérből érkező fenyegetéseinek.
Summary. During the COVID-19 pandemic, new challenges emerged in the field of information security and cyber security. Home office, home schooling and distance learning, or even telemedicine hit some organizations unprepared. Security risks in online space have increased significantly: the number of network endpoints and the number of computers, laptops and mobile devices have increased with network data traffic as well as the number of users who had no significant experience in online space. They appeared as a significant risk factor. This has been exacerbated, especially in healthcare, by the extremely high workload, which has made systems highly vulnerable. During the epidemic, attacks from cyberspace varied in intensity from sector to sector and period to period. Statistics from international and national organizations have shown that from the end of the first quarter of 2020, the number of cyber security incidents jumped sharply and then remained high even after a small decline. The types of attacks had an extremely wide range: from phishing through malware to misinformation, almost all types of attacks occurred. Many phenomena also had national security implications. Ransomware virus attacks on health have affected almost all health systems and reached high levels by the end of 2020 in particular. It was during the first period that, in an emergency case, there is thought to be an association between a ransomware virus attack and the death of a patient who was not admitted because of the attack.
In addition to distance measures and the associated increase in cyber threats, the emerging threats related to vaccination, which is central to the fight against the epidemic, should also be highlighted. This period has shed light on how many vulnerabilities there are, from vaccine development through drug trials to delivery to vaccines and the organization of vaccines, that cybercriminals are able to attack. In order to prevent and combat these threats and attacks, and to respond appropriately, complex, multidisciplinary collaborations are needed in which security science has a privileged place. In our review article, we summarize the international and national experiences of the above phenomena, paying special attention to the health care system and the threats coming from cyberspace in vaccine development.
Aggregált avatárok szerepe a VR biztonságban
Role of aggregated avatars in VR security
Összefoglalás.
A tanulmány az avatárok új típusát, az absztrakt aggregált avatárokat mutatja be, amelyek a kognitív hűség növelésére összpontosítanak. Ezek az avatárok nem antropomorf formákat használnak, hanem egyszerű, változó formákat és színeket, amelyek lehetővé teszik a rendszer általános állapotának közvetítését. A MaxWhere VR keretrendszert használva a tanulmányban bemutatok egy prototípus implementációt, amely érzelmeket megjelenítő absztrakt megjelenítési módot alkalmaz. Az avatár kifejezőkészségének vizsgálatára egy kísérleti keretrendszert ismertetek, amely lehetővé teszi a felhasználói interakciók és azok hatásának értékelését a virtuális munkakörnyezetben. Ezt követően elemzem az absztrakt aggregált avatárok lehetséges hozzájárulását a VR-alkalmazások informatikai biztonságához. Ezek az avatárok anonimitást biztosítanak, csökkentik az adatexponálást, és előrelépést jelenthetnek az adatgyűjtés és elemzés területén.
Summary.
This study summarizes the concept of ‘abstract aggregated avatars’ as a novel approach to enhance user experience. Visually, these avatars, unlike anthropomorphic or zoomorphic ones, are based on abstract, low-level visual languages using dynamic shapes and colors. Functionally, they can exhibit a collective, aggregated representation of pertinent system data, aggregating user interactions and other significant events within a virtual space that are relevant to the application. They can facilitate a more generalized examination of VR environments, often necessary or more effective than realistic representations.
A prototype implementation of an aggregated avatar is created using the MaxWhere VR framework, an innovative 3D virtual reality platform. This framework allows users to navigate interactive 3D spaces, enhancing user experience and work efficiency. The reference implementation uses ’emotional display’ as visual representation. It can express a range of emotional states through a color-changing sphere and cube-like structure, changing size, color, transparency, and rotation speed. I employ the valence-arousal model as an intermediate representation layer to map emotional states, using data collected from MaxWhere’s virtual space to calculate these values. Data from the virtual environment reflects the recent, aggregated user interactions and virtual space utilization, translating intense and balanced usage into positive emotional values and monotonous or superficial usage into boredom or irritation.
I examine the avatar’s expressiveness through an experimental framework. It uses the same MaxWhere component which manages the look and working logic of aggregated avatar. Logging functions in the component track events and emotional values, allowing for a detailed analysis of the avatar’s effectiveness. We can create video sequences using the logging capabilities of the framework and conduct a survey to measure how correctly participants can match user interactions with avatar behaviors. The result can be used to design expressive aggregated avatars based on quantitative feedback.
Finally, the study addresses how abstract aggregated avatars can contribute to the information security of VR applications. These avatars help protect user identity, reduce public data exposure, minimize the attack surface, aid in detecting abnormal behaviors, and enhance data analysis and security strategies.
I conclude that these avatars offer new, innovative solutions for workplace environments while improving the security of virtual spaces.
Folyamatalapú, szabványos irányítási rendszerek a biztonságos és rugalmas vállalati működésért
Process-based, standardized management systems for secure and resilient corporate operations
szolgáltatásirányítási rendszer követelményei) 51 ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection – Information security management
Az online platformok diskurzusának moderációja és biztonsági aggályai
Moderation and security concerns about discourses on online platforms
://doi.org/10.48550/arXiv.2012.15606 21 von Solms, R. & van Niekerk, J. (2013) From information security to cyber security. Computers & Security, Vol. 38. pp. 97
. Detecting stress in spoken English using decision trees and support vector machines. In: James M. Hogan — Paul Montague — Martin K. Purvis — Chris Steketee (eds): ACSW Frontiers’ 04. Proceedings of the Second Workshop on Australasian Information Security
A csökkentett paraméteres biometrikus hitelesítés jelentősége kórházak kritikus informatikai infrastruktúráiban
The significance of biometric authentication with reduced parameters in critical IT infrastructures at hospitals
References 1 Ahlfeldt, R. (2008) Information Security in Distributed Healthcare, Exploring the Needs for Achieving Patient Safety and Patient Privacy
perfect operations in such a system, built on the basis of given algorithms in a distributed decentralized information system using cryptographic information security methods.’ 51 In other domestic legislative initiatives on the legal status of