Page 152 - Trust in ICT 2017
P. 152

2                                                    Trust in ICT


            There is also the problem of legal ownership of the data. Many terms of service agreements are silent on the
            question of ownership. Physical control of the personal computer equipment (that is private cloud) is more
            secure  than  having  the  equipment  offsite  and  under  someone  else's  control  (that  is  public  cloud).
            Fundamentally, the private cloud is being seen as more secure with a higher level of control; however, the
            public cloud is being considered to be more flexible and requires less time and money investments from
            users. Public cloud computing service providers have great incentive to prioritize building and maintain a
            strong management of secure data. Some small businesses that do not have expertise in IT security could
            find it more secure to use a public cloud.

            Risk identification, protection, and management
            It is very difficult to prevent risks that people have not identified beforehand. Knowledge societies seem well
            protected than ever to undertake such a task. The information and technological revolution are indisputably
            a great advantage for researchers who have access to a vast amount of resources. Such proliferation may
            make it difficult to identify and manage risks. The knowledge-based process like big data analytics may be
            emerging to expose risks from the undifferentiated flows of available data.
            As a matter of fact, risk identification is a matter of good governance. Information is of no value if people are
            unable to gather and use it. Risk identification requires the efficient activity of data analytics whose technical
            and  scientific  abilities  must  be  recognized  by  the  public  and  private  decision-making  entities.  Risk
            identification has the priority to ensure that key information is passed up to the highest decision-making
            levels,  in  particular  in  cases  of  hacking  or  natural  disasters.  In  order  to  handle  risks,  the  relevant  risk
            management system should report the incident quickly to the decision-makers. The precautionary principle
            on risk is to recommend a proactive approach.

            The monitoring of the predefined risks can also be set up both at the domestic and international levels. In
            the war against terrorism, knowledge on risks becomes a strategic resource. Governments may monitor
            contents, identify access points, and block websites to avoid potential risks. To restrict illegal contents, the
            sophisticated surveillance techniques can be developed.
            Risk management takes information feeds from one or more sources that detect deviations, defects, or other
            patterns  from  security  or  business  applications.  This  can  include  active  sensor  technologies  to  protect,
            monitor, and manage information networks and systems. For risk management, it is important to bear in
            mind the prevention of risks. Sufficient countermeasures are required rather than excessive, unnecessary,
            and pointless measures. Sometimes, the good intentions of risk management become wasteful expenditure
            or  impediments to  growth,  innovation,  and opportunity  for  ICT markets.  By  combining  information  and
            communication technologies such as web-based information security management systems, the defences
            against cyberattacks are enhanced in real time. The information and communication technologies for risk
            protection and management include [40]:
            –       host-based intrusion  detection,  vulnerability  assessment,  configuration  and  policy  compliance,
                    database logs, website logs, and file accesses;
            –       hosts for penetration testing, e-mail scanning, and spam filters;
            –       network intrusion detection and prevention, netflow, and firewall/router/other network devices
                    logs;
            –       access and identity for successful or failed logins, new users, deleted users, privilege escalation, and
                    biometric identities;

            –       website vulnerability detection (cross-site scripting, structured query language (SQL) injection, etc.),
                    pages visited, and referred from;
            –       end-point  monitoring  such  as  permitted  user  activity,  not  permitted  user  activity, data
                    leakage monitoring, universal serial bus (USB) usage monitoring and reporting;
            –       anti-virus, anti-phishing, and malware detection;

            –       audit logs of activity, and audit log collection for operating systems, etc.





            144
   147   148   149   150   151   152   153   154   155   156   157