The Strategic Importance of Information Assurance in Combating Modern Cyber Threats


Authors : Rusalyn A. Ubay; Akdam T. Omaron; Al-Hadzrim M. Gajir; Alzyver S. Kadil; Nadzmar R. Arakama; Rosemilyn H. Humam; Garfaiza S. Jamasali; Nelhata H. Talib; Abdurasul M. Insam; Alnizar J. Hussin; Shernahar K. Tahil; Nureeza J. Latorre

Volume/Issue : Volume 9 - 2024, Issue 12 - December

Google Scholar : https://tinyurl.com/36vxakex

Scribd : https://tinyurl.com/mvyfx8kz

DOI : https://doi.org/10.5281/zenodo.14604017

Abstract : In recent years, there has been no end to the types of modern cyber security threats. Information assurance (IA) is a strategic mandate for organizations increasingly reliant on digital technologies. Such needs are confidentiality, integrity, availability, authenticity, and nonrepudiation (NTR), which are also discussed in this study. While the NIST Cybersecurity Framework, ISO 27001, and COBIT have been examined elsewhere by academia, this research seeks to understand theories and look at these established frameworks under actual practice. It investigates IA's basic technologies and apparatus, such as firewalls, intrusion detection/prevention systems, encryption, and vulnerability scanners. Realizing human factors' serious role in security breaches, this paper stresses the importance of security awareness training, dealing with social engineering attacks, and encouraging a security- conscious corporate culture. It also considers the challenges and opportunities IA faces when applied to digital transformation technologies like cloud computing, mobile devices, and the Internet of Things (IoT), pointing out ways of securing these technologies. Finally, monitoring and assessing IA programs are essential through key performance indicators (KPIs), risk assessment methodologies, and security audits to ensure that adjustments are kept in line with deployed threats and business targets. By taking an all-round and forward- looking approach to IA, any organization can fully use its information assets, maintain normal business operations, and press on untroubled by the ever-evolving range of cyber threats.

Keywords : Information Assurance, Cyber Threats, Cybersecurity Frameworks, Digital Transformation.

References :

  1. Tahil, S. K., Alibasa, J. T., Tahil, S. R. K., Marsin, J., & Tahil, S. S. K. (2023). Preserving and Nurturing Tausug Language: The Bahasa Sug Mobile Learning Application Tool for Enhancing Mother Tongue Development for Toddlers. International Journal of Learning, Teaching and Educational Research22(11), 18-35.
  2. Abduhari, E.S., Shaik, T.C., Adidul, A.B., Ladja, J.H., Saliddin, E.S., Adin, A.J., Rumbahali, F.A., Sali, A.B., Jemser, J.M., & Tahil, S.K.  (2024). Access Control Mechanisms and Their Role in Preventing Unauthorized Data Access: A Comparative Analysis of RBAC, MFA, and Strong Passwords. Natural Sciences Engineering and Technology Journal5(1), 418-430. https://doi.org/10.37275/nasetjournal.v5i1.62
  3. Rios, B. (2015). Cybersecurity Expert: Medical Devices Have ‘A Long Way to Go’. Biomedical Instrumentation & Technology, 49(3), 197-200. https://doi.org/10.2345/0899-8205-49.3.197
  4. Leśkow J. (2024). Introduction to special issue on the Russian-Ukrainian war: Effects on global cybersecurity and digital infrastructure. Applied Cybersecurity & Internet Governance (ACIG), 3(1): 1–4.
  5. Deng, J., Zhao, L., Yuan, X., Tang, Z., Guo, Q. (2021). Research on the Role-Based Access Control Model and Data Security Method. In: Tian, Y., Ma, T., Khan, M.K. (eds) Big Data and Security. ICBDS 2020. Communications in Computer and Information Science, vol 1415. Springer, Singapore. https://doi.org/10.1007/978-981-16-3150-4_8
  6. Cremer, F., Sheehan, B., Fortmann, M., Kia, A. N., Mullins, M., Murphy, F., & Materne, S. (2022). Cyber risk and cybersecurity: a systematic review of data availability. The Geneva papers on risk and insurance. Issues and practice47(3), 698–736. https://doi.org/10.1057/s41288-022-00266-6 
  7. Clark-Ginsberg, A., & Slayton, R. (2019). Regulating risks within complex sociotechnical systems: Evidence from critical infrastructure cybersecurity standards. Science and Public Policy46(3), 339-346.
  8. Ray, A., & Cleaveland, R. (2015). Security assurance cases for medical cyber-physical systems. IEEE Design & Test32(5), 56-65.
  9. Seng N. (2024). Cybersecurity regulation—types, principles, and country deep dives in Asia. Int Cybersecurity Law Rev, 5(3): 387–411.
  10. González-Granadillo, G., González-Zarzosa, S., & Diaz, R. (2021). Security information and event management (SIEM): analysis, trends, and usage in critical infrastructures. Sensors21(14), 4759.
  11. Ani, U. D., He, H., & Tiwari, A. (2019). Human factor security: evaluating the cybersecurity capacity of the industrial workforce. Journal of Systems and Information Technology21(1), 2-35.
  12. Hamill, J. T., Deckro, R. F., & Kloeber, J. M. (2022). Evaluating information assurance strategies. In Handbook of Scholarly Publications from the Air Force Institute of Technology (AFIT), 1, 3-32.
  13. AlGhamdi, S., Win, K. T., & Vlahu-Gjorgievska, E. (2020). Information security governance challenges and critical success factors: Systematic review. Computers & security99, 102030.
  14. Tahil, S.K. (2024). Integrating Computer Science in Basic Education Curriculum: Enhancing Innovation and Sophistication for Global Competitiveness. International Journal of Learning, Teaching and Educational Research. 23(8), 203-221. https://doi.org/10.26803/ijlter.23.8.11
  15. Ahmad, A., Desouza, K. C., Maynard, S. B., Naseer, H., & Baskerville, R. L. (2020). How integration of cyber security management and incident response enables organizational learning. Journal of the Association for Information Science and Technology71(8), 939-953.
  16. Patel, A. U., Williams, C. L., Hart, S. N., Garcia, C. A., Durant, T. J. S., Cornish, T. C., & McClintock, D. S. (2023). Cybersecurity and Information Assurance for the Clinical Laboratory. The journal of applied laboratory medicine8(1), 145–161. https://doi.org/10.1093/jalm/jfac119
  17. Dunn Cavelty, M. (2018). Cybersecurity research meets science and technology studies. Politics and Governance6(2), 22-30.
  18. Chowdhury, N., & Gkioulos, V. (2021). Cyber security training for critical infrastructure protection: A literature review. Computer Science Review40, 100361.
  19. Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby H., & Stoddart, K. (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & security56, 1-27.
  20. Zhao Z, Hsu C, Harn L, Xia Z, Jiang X, Liu L. (2024). Lightweight ring-neighbor-based user authentication and group-key agreement for internet of drones. Cybersecurity, 7(1).
  21. Awang H, Mansor NS, Zolkipli MF, Malami STS, Mohd Zaini K, Yau TD. (2024). Cybersecurity awareness among special needs students: The role of parental control. Mesopotamian Journal of CyberSecurity (MJCS), 4(2), 63–73.
  22. Srinivas, J., Das, A. K., & Kumar, N. (2019). Government regulations in cyber security: Framework, standards and recommendations. Future generation computer systems92, 178-188.
  23. Caramancion, K. M., Li, Y., Dubois, E., & Jung, E. S. (2022). The missing case of disinformation from the cybersecurity risk continuum: A comparative assessment of disinformation with other cyber threats. Data7(4), 49.
  24. Shukla A., Katt, B., Nweke, L.O., Yeng, P.K., & Weldehawaryat, G.K. (2022). System security assurance: A systematic literature review. Computer Science Review, Vol 45,100496, https://doi.org/10.1016/j.cosrev.2022.100496
  25. Heaton, J., & Parlikad, A. K. (2019). A conceptual framework for the alignment of infrastructure assets to citizen requirements within a Smart Cities framework. Cities90, 32-41.
  26. A. Y. Al Hammadi, C. YeobYeun and E. Damiani (2020). Novel EEG Risk Framework to Identify Insider Threats in National Critical Infrastructure Using Deep Learning Techniques. 2020 IEEE International Conference on Services Computing (SCC), 69-471, https://doi.org/10.1109/SCC49832.2020.00071

In recent years, there has been no end to the types of modern cyber security threats. Information assurance (IA) is a strategic mandate for organizations increasingly reliant on digital technologies. Such needs are confidentiality, integrity, availability, authenticity, and nonrepudiation (NTR), which are also discussed in this study. While the NIST Cybersecurity Framework, ISO 27001, and COBIT have been examined elsewhere by academia, this research seeks to understand theories and look at these established frameworks under actual practice. It investigates IA's basic technologies and apparatus, such as firewalls, intrusion detection/prevention systems, encryption, and vulnerability scanners. Realizing human factors' serious role in security breaches, this paper stresses the importance of security awareness training, dealing with social engineering attacks, and encouraging a security- conscious corporate culture. It also considers the challenges and opportunities IA faces when applied to digital transformation technologies like cloud computing, mobile devices, and the Internet of Things (IoT), pointing out ways of securing these technologies. Finally, monitoring and assessing IA programs are essential through key performance indicators (KPIs), risk assessment methodologies, and security audits to ensure that adjustments are kept in line with deployed threats and business targets. By taking an all-round and forward- looking approach to IA, any organization can fully use its information assets, maintain normal business operations, and press on untroubled by the ever-evolving range of cyber threats.

Keywords : Information Assurance, Cyber Threats, Cybersecurity Frameworks, Digital Transformation.

Never miss an update from Papermashup

Get notified about the latest tutorials and downloads.

Subscribe by Email

Get alerts directly into your inbox after each post and stay updated.
Subscribe
OR

Subscribe by RSS

Add our RSS to your feedreader to get regular updates from us.
Subscribe