In the face of increasing cyberattacks, organizations today depend heavily on information technology resources, making regular penetration testing crucial for identifying system vulnerabilities and potential exploits. While automated vulnerability management tools are widely used, they often present challenges such as result interpretation, irrelevant findings, and overwhelming volumes of data that complicate the extraction of critical information. Manual penetration testing, on the other hand, offers greater flexibility, enabling professionals to tailor their methods to the specific characteristics of a given environment. This study focuses on semi-automated penetration testing, blending automated efficiency with manual adaptability, to identify vulnerabilities in a web application, providing insights into optimizing vulnerability detection processes.

Cyber security standards and regulations are pivotal in guiding organizations toward mitigating cyber risks and enhancing their overall security posture. The European Union’s NIS2 Directive, which introduces stringent and comprehensive security requirements, exemplifies a Current regulatory framework designed to address evolving cyber threats. This study critically examines the regulatory, governance, cyber security, and compliance challenges introduced by NIS2 within the Swedish automotive industry. It further explores the strategic integration of NIS2 with existing regulatory frameworks to streamline compliance approaches and foster long term resilience. The findings reveal the increasing complexity and financial implications of compliance, while also identifying significant opportunities to bolster cyber security resilience. This paper underscores the necessity for organizations to adopt proactive and adaptive strategies in response to the dynamic European regulatory landscape. While the focus is on the Swedish automotive sector, the study provides valuable insights that may inform future research into the broader implications of NIS2 across diverse industries and regions within the European Union.

The financial sector is experiencing an increase in cyber incidents, prompting numerous firms to outsource IT infrastructure management. A primary factor contributing to these breaches is that the impacted systems are socio-technical systems (STSs), which include not only technical components such as software and hardware but also physical elements (e.g., robotics, mobility) and social components (e.g., human actors, business processes, and organizational units). Evaluating STS security breaches requires a holistic approach, considering human, organizational, software, and infrastructural elements. The study involves combining strategic factors, including social and organizational dynamics, with technical components such as software and physical infrastructure.

In our previous work, we developed a security attack-monitoring system to tackle these challenges. This framework was developed to monitor, analyze, and model security incidents across the social, cyber, and physical dimensions of cyber-physical systems (CPS). This paper employs the framework to conduct threat-led penetration testing in accordance with the Digital Operational Resilience Act (DORA), thus improving the financial sector’s capacity to address information and communication crises. This study provides important insights into cyberattacks and their impact on the financial sector by examining security breaches reported to the Swedish Civil Contingencies Agency (MSB) by critical service providers. The experiment was performed in collaboration with a prominent Swedish financial institution.

The growing frequency of cyber-attacks on supply chains has jeopardized organizational integrity and data security, underscoring the need to strengthen Cyber Supply Chain Risk Management (CSCRM) frameworks. This paper explores the application, effectiveness, and challenges of three key frameworks—ISO, NIST, and NIS2—in mitigating third-party risks within the cyber supply chain. Using an empirical research approach, data was collected from domain experts in the field of information security. The analysis focuses on how effectively these frameworks enhance organizational data security and the practices surrounding their adoption and implementation. This study contributes valuable insights to CSCRM practices, offering actionable findings for organizations seeking to bolster their cyber defenses. The results also provide policymakers with a deeper understanding of the challenges that need to be addressed for future improvements in CSCRM frameworks.

Ensuring strong security in Cyber-Physical Systems (CPS) is increasingly essential as these systems become integral to contemporary industrial and societal infrastructures. The increasing prevalence of security risks requires the advancement of conventional security engineering approaches to tackle the distinct problems presented by CPS. This study offers a thorough assessment of the research methodologies, approaches, and strategies used in security engineering for cyber-physical systems over the last fifteen years. The review analyses the design and execution of security solutions, including empirical and conceptual investigations, along with the integration and enhancement of existing methodologies. This study seeks to offer a systematic overview of contemporary developments and pinpoint methodological concerns essential for future research in adaptive and security engineering -driven for CPS through an analysis of diverse literature. This study enhances the current discussion by providing a thorough analysis of the research environment, demonstrating the requirement for new and contextually relevant security engineering methodologies.

The convergence of complex networks, IoT, various services, the enormous amount of data over the network, and 5G have brought challenges to the telecom industry for enhanced service delivery and network maintenance and monitoring. With numerous Netrounds probes and test agents generating massive volumes of data, the knowledge produced is underutilized due to the manual search for insight within the data. With the help of Netrounds APIs and machine learning, the automation of Netrounds metrics data aimed to predict the network performance degradation and anomaly detection ahead of time. The automation was expected to provide meaningful data insight and minimize the violation of SLAs in terms of delay and packet loss. These are one of the primary objectives of business continuity management to handle threats and risks for various network and information systems. Automating Netrounds’ open and programable APIs through Python fed data to an automatic machine learning model (supervised learning for prediction and unsupervised learning for anomaly detection). The analytics were used to predict network behavior, anomaly detection, and maintenance of the SLA threshold.

The paper promotes the notion that any security solution for cyber-physical systems (CPS) should be adaptive and based on the type of attacks and their frequency. Namely, the solution should monitor its environment continuously to defend itself from a cyber-attack by modifying its defensive mechanism. Moreover, the research provides analyses of situations where the environment changes dynamically over time, requiring the designated adaptation to contemplate and respond adequately to these changes. In particular, it explores applying adaptive model predictive control concepts derived from control theory to develop specific adaptive security solutions. These systems can make decisions by forecasting their future performance for various modes or options of adaptation. Using quantitative information, the software then selects the adaptations that minimise the cost associated with security failures. This is highly significant considering that CPS are engineered systems built from and depend upon the seamless integration of computational algorithms and physical components. Moreover, security breaches are rising, and CPS are challenged by catastrophic damage, resulting in billions of losses making many of today’s solutions obsolete. While security agents issue new sets of vulnerability indicators and patches to address security breaches, these changes are continuous processes ad infinitum. A case study on a medical emergency response system illustrates the essential and salient futures of the proposed adaptive security framework for CPS.

Cyber security has been a growing concern for large organizations, especially financial and governmental institutions, as security breaches in the systems they depend on have repeatedly resulted in losses of billions of dollars per year, and this cost is on the rise. A primary reason for these breaches is that the systems in question are cyber-physical - a mix of people, processes, technology, and infrastructure. However, existing security solutions for cyber-physical systems are likely to become obsolete; even though security agents issue new sets of vulnerability indicators and patches to address security breaches, these vulnerability indicators change over time, which is a never-ending process. To tackle this problem, a multi-realm security attack event monitoring framework was proposed to monitor, model, and analyse security events in social(business process), cyber, and physical infrastructure components of cyber-physical systems. In this paper, we evaluate this security attack event monitoring framework. The evaluation was performed by using a large-scale case study on a medical emergency response system.

For many industries, the fourth industrial revolution has brought technological advancements in the form of advances in the integration of physical and digital technologies, particularly for cyber-physical systems, that go far beyond speed, scalability, storage, and cost-effectiveness. Smart manufacturing, smart factories, smart warehousing, and smart logistics are every aspect of the enabling Fourth Industrial Revolution. As a result of these improvements and advantages, new attack surfaces have been created that benefit malicious actors. For effective cyber security risk management in the face of converging cyber attacks, it is essential to quantify cyber risks across or within organisations that estimate cyber security risks in monetary value. This study explored and integrated the FAIR methodology(a well-recognized approach for quantitative cyber security risk assessment) to quantify cyber risk. A case study was conducted with one of the largest logistics companies in Scandinavia.

This article demonstrates a significantly different approach to managing probative risks arising from the complex and fast changing relationship between law and computer science. Law's historical problem in adapting to scientific and technologically dependent evidence production is seen less as a socio-techno issue than an ethical failure within criminal justice. This often arises because of an acceptance of epistemological incomprehension between lawyers and scientists. Something compounded by the political economy of criminal justice and safeguard evasion within state institutions. What is required is an exceptionally broad interdisciplinary collaboration to enable criminal justice decision-makers to understand and manage the risk of further ethical failure. If academic studies of law and technology are to address practitioner concerns, it is often necessary, however, to step down the doctrinal analysis to a specific jurisdictional level.