1st Edition

Next-Generation Enterprise Security and Governance

    264 Pages 34 B/W Illustrations
    by CRC Press

    The Internet is making our daily lives as digital as possible, and this new era is called the Internet of Everything (IoE). The key force behind the rapid growth of the Internet is the technological advancement of enterprises. The digital world we live in is facilitated by these enterprises’ advances and business intelligence. These enterprises need to deal with gazillions of bytes of data, and in today’s age of General Data Protection Regulation, enterprises are required to ensure privacy and security of large-scale data collections. However, the increased connectivity and devices used to facilitate IoE are continually creating more room for cybercriminals to find vulnerabilities in enterprise systems and flaws in their corporate governance.

    Ensuring cybersecurity and corporate governance for enterprises should not be an afterthought or present a huge challenge. In recent times, the complex diversity of cyber-attacks has been skyrocketing, and zero-day attacks, such as ransomware, botnet, and telecommunication attacks, are happening more frequently than before. New hacking strategies would easily bypass existing enterprise security and governance platforms using advanced, persistent threats. For example, in 2020, the Toll Group firm was exploited by a new crypto-attack family for violating its data privacy, where an advanced ransomware technique was launched to exploit the corporation and request a huge figure of monetary ransom. Even after applying rational governance hygiene, cybersecurity configuration and software updates are often overlooked when they are most needed to fight cyber-crime and ensure data privacy. Therefore, the threat landscape in the context of enterprises has become wider and far more challenging. There is a clear need for collaborative work throughout the entire value chain of this network.

    In this context, this book addresses the cybersecurity and cooperate governance challenges associated with enterprises, which will provide a bigger picture of the concepts, intelligent techniques, practices, and open research directions in this area. This book serves as a single source of reference for acquiring the knowledge on the technology, process, and people involved in next-generation privacy and security.

    Chapter 1: Enterprise Threat Intelligence

    Chapter 2: Enabling Corporate and Institutional Governance for Effective IT Governance

    Chapter 3: The Non-Malicious Risky Behaviour in the Enterprise Information System Security

    Chapter 4: Cybersecurity Incident Response in the Enterprise

    Chapter 5: Cyber-enabled crime as an enabler in market manipulation schemes

    Chapter 6: Data Lakes: A Panacea for Big Data Problems, Cyber Safety Issues, and Enterprise Security 

    Chapter 7: The Battle for Cloud Supremacy and the Remaking of Enterprise Security

    Chapter 8: Security, Privacy and Trust of Emerging Intelligent Transportation: Cognitive Internet of Vehicles

    Chapter 9: IT Governance and Enterprise Security Policy in the 6G Era


    Mohiuddin Ahmed, PhD, MACS CP, SMIEEE Mohiuddin Ahmed attained his PhD in Computer Science from the University of New South Wales UNSW Australia). He has made practical and theoretical contributions in big data analytics (summarization) for number of application domains and his research has a high impact on data analytics, critical infrastructure protection (IoT, smart grids), information security against DoS attacks, false data injection attacks, etc., and digital health. He is currently working as a Lecturer in Computing and Security Sciences in the School of Science at Edith Cowan University (ECU), Australia. Prior to joining ECU, he served as a Lecturer in the Centre for Cyber Security and Games at Canberra Institute of Technology (CIT) and was also involved with CIT's Data Strategy Working Group. He is currently exploring blockchain for ensuring security of healthcare devices, securing the prestigious ECU Early Career Researcher Grant. Mohiuddin has led edited books on Data Analytics (CRC Press), Cyber Security (CRC Press) and Blockchain (Cambridge Scholars Publishing). Previously, he has worked in the areas of text mining and predictive analytics in the artificial intelligence division at MIMOS, Malaysia. Currently, Mohiuddin is an editorial advisory board member of Cambridge Scholars Publishing Group in the UK and Associate Editor of the International Journal of Computers and Applications (Taylor & Francis Group). He is a Senior Memebr of IEEE and Australian Computer Society Certified Professional.

    Nour Moustafa, PhD, SMIEEE Dr. Nour Moustafa is Postgraduate Discipline Coordinator (Cyber) and Lecturer in Cyber Security at the School of Engineering and Information Technology (SEIT), University of New South Wales (UNSW)'s UNSW Canberra Australia. He was a Postdoctoral Fellow in Cybersecurity at UNSW Canberra from June 2017 till February 2019. He received his PhD degree in the field of Cyber Security from UNSW in 2017. He obtained his Bachelor’s and master’s degrees in Information Systems in 2009 and 2014, respectively, from the Faculty of Computer and Information, Helwan University, Egypt. His areas of interest include Cyber Security, in particular, Network Security, host- and network- intrusion detection systems, statistics, deep learning, and machine learning techniques. He is interested in designing and developing threat detection and forensic mechanisms to the Industry 4.0 technology for identifying malicious activities from cloud computing, fog computing, IoT and industrial control systems over virtual machines and physical systems. Dr Moustafa established a new theme, the so-called Intelligent Security, at UNSW Canberra Cyber which focuses on developing novel artificial intelligence models for protecting smart systems against cyber threat attacks in 2019. He has several research grants with totalling over AUD 1 Million. He has been awarded the 2020 prestigious Australian Spitfire Memorial Defence Fellowship award. He is also a Senior IEEE Member, ACM member, and CSCRC Fellowship. He has published more than 40 research outputs between 2014 and 2020 in top-tier computing and security journals and conferences, such as IEEE Transactions on forensics and Security, IEEE IoT, and IEEE Transactions on Industrial Informatics. He has served his academic community, as the guest associate editor of IEEE transactions journals, including IEEE Transactions on Industrial Informatics, IEEE IoT Journal, as well as the journals of IEEE Access, Future Internet, Information Security Journal: A Global Perspective, and Electronics. He has also served over seven conferences in leadership roles, involving vice-chair, session chair, Technical Program Committee (TPC) member and proceedings chair, including the 2020 IEEE TrustCom and 2020 32nd Australasian Joint Conference on Artificial Intelligence.

    Associate Professor Abu Barkat Dr Abu Barkat ullah is currently working as an Associated professor at the University of Canberra. He attained his PhD in Computer Science from UNSW Australia in 2009. His research expertise encompasses cyber security and safety, data analytics, decision analytics, evolutionary optimization and covers a wide range of applications. He has been working as editor for books, reviewers for conferences and journals. He actively participated and led local and international conferences. He has experience and expertise delivering Higher Education, research in IT and Cyber Security for domestic and international institutes and universities. Before joining to university of Canberra Dr Abu Barkat ullah was the head of the Department of Cyber Security and Games at Canberra Institute of Technology, Canberra, Australia.. He has set up a Security operations centre for cyber training (TSOC) at CIT, jointly with Aust Cyber, Fifth domain. This project for National Cyber Security Education and Training, CIT (in partnership with Fifth Domain and AustCyber) was awarded winners of the ‘2019 ACT Industry Collaboration Award’. He was a member of CIT’s Academic Council and Corporate Resources Committee. Over the last decade he has been working in collaboration with 15 plus Australian government agencies and private organisations including DTA, Defence, ASD, PwC, Accenture, EY, CSIRO, Netier, ACT government Shared Services to deliver on their workforce IT and Cyber security skills development needs. As an Agile Practitioner, Certified Scrum Master and Certified Scrum Product Owner, he has been leading complex and innovative projects for several years. Recently he has been involved developing and presenting a model of the ‘future skilled workforce’ in the ACT. Dr Barkat ullah is a member of a number of professional bodies, ACS, AISA, IEEE. He has received several awards and recognition for his career achievement including CIT Board Award’ for Leadership, Industry engagement and Business growth.

    Associate Professor Paul Haskell-Dowland Associate Professor Paul Haskell-Dowland is the Associate Dean for Computing and Security in the School of Science at Edith Cowan University and is an associate member of the Centre for Security, Communications & Network Research at Plymouth University (UK). Paul has delivered keynotes, invited presentations, workshops, professional development/training and seminars across the world for audiences including RSA Security, Sri Lanka CERT, ITU and IEEE. He has more than 20 years of experience in cyber security research and education in both the UK and Australia. Paul is the Working Group Coordinator and the ACS/Australian Country Member Representative to the International Federation for Information Processing (IFIP) Technical Committee 11 (TC11 - Security and Privacy Protection in Information Processing Systems), the secretary to IFIP Working Group 11.1 (Information Security Management), the ACS representative to Standards Australia for Risk Management (OB 007) and a member of the ACS Cyber Security Committee, a Fellow of the Higher Education Authority, a Senior Member of the IEEE, an Honorary Fellow of the Sir Alister Hardy Foundation for Ocean Science, a Fellow of the BCS and a Senior Member of the ACS/Certified Professional. He is the author of over 80 papers in refereed international journals and conference proceedings and edited 29 proceedings. Together with colleagues at Plymouth University (Dr Bogdan Ghita and Prof. Steven Furnell), Paul co-invented the ICAlert platform. ICAlert is a managed device that monitors Internet access (initially aimed at primary and secondary schools), targeting users attempting to access illegal content (child abuse images) as well as terrorist content. In February 2017, following several years of trials, a commercial product was launched in collaboration with the SouthWest Grid for Learning and the Internet Watch Foundation.