Security predictions — A way to reduce uncertainty

Article


Schatz, D. and Bashroush, R. 2019. Security predictions — A way to reduce uncertainty. Journal of Information Security and Applications. 45, pp. 107-116. https://doi.org/10.1016/j.jisa.2019.01.009
AuthorsSchatz, D. and Bashroush, R.
Abstract

Rapid changes in security threat landscapes cause uncertainty for IT operations and security professionals and may force changes to organizations’ security strategy. Decision support data that help reduce ambiguity or even predict future developments in this regard can thus be of economic value. Based on over 200 security predictions published in 2015, we use a topic modeling approach to identify 17 underlying predicted threat developments. To verify the extent to which these predicted threat topics were realized in 2016, we solicited opinions from respondents with varying experience of IT and information security. In addition, we reviewed secondary sources to corroborate the survey results. Based on the presented findings, we conclude that the security predictions for 2016 did foresee notable developments in that year. The identified latent predictions were related to hacking political campaigns, large-scale data breaches of personal data and health records, increasing threats from various types of malware, specifically ransomware, and large-scale DDoS attacks. The findings of this research are relevant to IT executives and security professionals, who can apply this approach to improve the effectiveness of organizations’ technology and cyber security strategy.

JournalJournal of Information Security and Applications
Journal citation45, pp. 107-116
ISSN2214-2126
Year2019
PublisherElsevier
Digital Object Identifier (DOI)https://doi.org/10.1016/j.jisa.2019.01.009
Publication dates
Online05 Feb 2019
Publication process dates
Accepted29 Jan 2019
Deposited25 Sep 2020
Copyright holder© 2019 Elsevier
Permalink -

https://repository.uel.ac.uk/item/887wv

  • 9
    total views
  • 0
    total downloads
  • 3
    views this month
  • 0
    downloads this month

Export as

Related outputs

Towards Efficient and Scalable Data-Intensive Content Delivery: State-of-the-Art, Issues and Challenges
Kilanioti, Irene, Fernández-Montes, Alejandro, Fernández-Cerero, Damián, Karageorgos, Anthony, Mettouris, Christos, Nejkovic, Valentina, Albanis, Nikolas, Bashroush, R. and Papadopoulos, George A. 2019. Towards Efficient and Scalable Data-Intensive Content Delivery: State-of-the-Art, Issues and Challenges. in: Kołodziej, Joanna and González-Vélez, Horacio (ed.) High-Performance Modelling and Simulation for Big Data Applications: Selected Results of the COST Action IC1406 cHiPSet Springer, Cham.
Towards a More Representative Definition of Cyber Security
Schatz, Daniel, Bashroush, R. and Wall, J. 2017. Towards a More Representative Definition of Cyber Security. Journal of Digital Forensics, Security and Law. 12 (2), pp. 53-74. https://doi.org/10.15394/jdfsl.2017.1476
Representing Variability in Software Architecture: A Systematic Literature Review
Haider, U., Woods, E. and Bashroush, R. 2018. Representing Variability in Software Architecture: A Systematic Literature Review. International Journal of Software Engineering and Computer Systems. 4 (2), pp. 19-37. https://doi.org/10.15282/ijsecs.4.2.2018.2.0046
The ALI Architecture Description Language
Haider, U., McGregor, John D. and Bashroush, R. 2018. The ALI Architecture Description Language. ACM SIGSOFT Software Engineering Notes. 43 (4), pp. 52-52. https://doi.org/10.1145/3282517.3282545
gUML: Reasoning about Energy at Design Time by Extending UML Deployment Diagrams with Data Centre Contextual Information
Jebraeil, Nigar, Noureddine, A., Doyle, J., Islam, S. and Bashroush, R. 2017. gUML: Reasoning about Energy at Design Time by Extending UML Deployment Diagrams with Data Centre Contextual Information. in: 2017 IEEE World Congress on Services (SERVICES) Institute of Electrical and Electronics Engineers (IEEE). pp. In Press
Cloud Strife: Expanding the Horizons of Cloud Gaming Services
Doyle, J., Islam, S., Bashroush, R. and O'Mahony, Donal 2017. Cloud Strife: Expanding the Horizons of Cloud Gaming Services. in: 2017 IEEE World Congress on Services (SERVICES) Institute of Electrical and Electronics Engineers (IEEE).
Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment
Tawil, Abdel-Rahman H., Taweel, Adel, Naeem, U., Montebello, Matthew, Bashroush, R. and Al-Nemrat, A. 2014. Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment. Journal of Intelligent Information Systems. 43 (1), pp. 1-32. https://doi.org/10.1007/s10844-013-0300-5
Jolinar: Analysing the Energy Footprint of Software Applications (demo)
Noureddine, A., Islam, S. and Bashroush, R. 2016. Jolinar: Analysing the Energy Footprint of Software Applications (demo). in: Proceedings of the 25th International Symposium on Software Testing and Analysis New York, NY, USA ACM. pp. 445-448
CASE Tool support for variability management in software product lines
Bashroush, R., Garba, Muhammad, Rabiser, Rick, Groher, Iris and Botterweck, Goetz 2017. CASE Tool support for variability management in software product lines. ACM Computing Surveys. 50 (1), p. Art. 14. https://doi.org/10.1145/3034827
MUSA: A Scalable Multi-Touch and Multi-Perspective Variability Management Tool
Garba, Muhammad, Noureddine, Adel and Bashroush, R. 2016. MUSA: A Scalable Multi-Touch and Multi-Perspective Variability Management Tool. in: 2016 13th Working IEEE/IFIP Conference on Software Architecture (WICSA) Institute of Electrical and Electronics Engineers (IEEE). pp. 299-302
Economic Valuation for Information Security Investment: A Systematic Literature Review
Schatz, Daniel and Bashroush, R. 2016. Economic Valuation for Information Security Investment: A Systematic Literature Review. Information Systems Frontiers. 19 (5), pp. 1205-1228. https://doi.org/10.1007/s10796-016-9648-8
Modelling large-scale information systems using ADLs – An industrial experience report
Woods, Eoin and Bashroush, R. 2014. Modelling large-scale information systems using ADLs – An industrial experience report. The Journal of Systems and Software. 99 (1), pp. 97-108.
The Impact Of Repeated Data Breach Events On Organisations’ Market Value
Schatz, Daniel and Bashroush, R. 2016. The Impact Of Repeated Data Breach Events On Organisations’ Market Value. Information and Computer Security. 24 (1), pp. 73-92.
Activities of daily life recognition using process representation modelling to support intention analysis
Naeem, U., Bashroush, R., Anthony, Richard, Azam, Muhammad Awais, Tawil, Abdel Rahman, Lee, S. and Mou-Ling, Dennis 2015. Activities of daily life recognition using process representation modelling to support intention analysis. International Journal of Pervasive Computing and Communications. 11 (3), pp. 347-371. https://doi.org/10.1108/IJPCC-01-2015-0002
Using an Architecture Description Language to Model a Large- Scale Information System – An Industrial Experience Report
Woods, Eoin and Bashroush, R. 2012. Using an Architecture Description Language to Model a Large- Scale Information System – An Industrial Experience Report. Proceedings of the Joint 10th Working IEEE/IFIP Conference on Software Architecture & 6th European Conference on Software Architecture. Helsinki Finland Aug 2012
The contribution of architecture description languages to the evaluation of software architectures
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. The contribution of architecture description languages to the evaluation of software architectures.
Using the NaSr Architectural Style to Solve the Broken Hyperlink Problem
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Using the NaSr Architectural Style to Solve the Broken Hyperlink Problem.
Towards an Automated Evaluation Process for Software Architectures
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Towards an Automated Evaluation Process for Software Architectures.
A Real-time Network Emulator: ADLARS Case Study
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. A Real-time Network Emulator: ADLARS Case Study.
A Network Architectural Style for Real-time Systems: NaSr
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. A Network Architectural Style for Real-time Systems: NaSr.
Deriving Product Architectures from an ADLARS Described Reference Architecture using Leopard
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2004. Deriving Product Architectures from an ADLARS Described Reference Architecture using Leopard.
Feature Guided Architecture Development for Embedded System Families
Brown, John, Bashroush, R., Gillan, Charles, Spence, Ivor and Kilpatrick, Peter 2005. Feature Guided Architecture Development for Embedded System Families.
A Generic Reference Software Architecture for Load Balancing Over Mirrored Web Servers: NaSr Case Study
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2005. A Generic Reference Software Architecture for Load Balancing Over Mirrored Web Servers: NaSr Case Study.
ADLARS: An Architecture Description Language for Software Product Lines
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2005. ADLARS: An Architecture Description Language for Software Product Lines.
Weaving Behaviour into Feature Models for Embedded System Families
Brown, John, Gawley, Rachel, Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Gillan, Charles 2006. Weaving Behaviour into Feature Models for Embedded System Families.
Towards More Flexible Architecture Description Languages for Industrial Applications
Bashroush, R., Spence, Ivor, Kilpatrick, Peter and Brown, John 2006. Towards More Flexible Architecture Description Languages for Industrial Applications. in:
Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications
Fritzsche, M, Gilani, Wasif, Spence, Ivor, Kilpatrick, Peter, Brown, John and Bashroush, R. 2008. Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications. in: Schierferdecker, Ina and Hartman, Alan (ed.) Model Driven Architecture – Foundations and Applications Springer.
A Multiple Views Model for Variability Management in Software Product Lines
Bashroush, R., Spence, Ivor, Kilpatrick, Peter, Brown, John and Gillan, Charles 2008. A Multiple Views Model for Variability Management in Software Product Lines. Proceedings of the Second International Workshop on Variability Modelling of Software-intensive Systems (VaMoS2008). Essen, Germany 16 - 18 Jan 2008
ALI: An Extensible Architecture Description Language for Industrial Applications
Bashroush, R., Spence, Ivor, Kilpatrick, Peter, Brown, John, Gilani, Wasif and Fritzsche, M 2008. ALI: An Extensible Architecture Description Language for Industrial Applications. in: Springer.
Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications
Bashroush, R. and Spence, Ivor 2008. Towards Performance Related Decision Support for Model Driven Engineering of Enterprise SOA Applications. in: Proceedings of 15th IEEE International Conference on Engineering of Computer-Based Systems (ECBS) IEEE. pp. 57-65
A Scalable Multiple Perspective Variability Management CASE Tool
Bashroush, R. 2010. A Scalable Multiple Perspective Variability Management CASE Tool. 14th International Software Product Line Conference (SPLC). South Korea Sep 2010
A NUI Based Multiple Perspective Variability Modelling CASE Tool
Bashroush, R. 2010. A NUI Based Multiple Perspective Variability Modelling CASE Tool. in: Babar, Muhammad Ali and Gorton, IAn (ed.) Software Architecture: Proceedings of 4th European Conference, ECSA 2010, Copenhagen, Denmark, August 23-26, 2010 Springer.
Logical Reasoning and Decision Making
Ong, D, Khaddaj, Souheil and Bashroush, R. 2011. Logical Reasoning and Decision Making. 10th IEEE International Conference on Cybernetic Intelligent Systems. London Aug 2011
A Provisioning Model towards OAuth 2.0 Optimization
Nouriddine, Moustafa and Bashroush, R. 2011. A Provisioning Model towards OAuth 2.0 Optimization. 10th IEEE International Conference on Cybernetic Intelligent Systems. London Sep 2011
A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise
Nouriddine, Moustafa and Bashroush, R. 2011. A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
Modality Cost Analysis: A Methodology for Cost Effective Datacenter Capacity Planning in the Cloud
Nouriddine, Moustafa and Bashroush, R. 2011. Modality Cost Analysis: A Methodology for Cost Effective Datacenter Capacity Planning in the Cloud.
Modality Cost Analysis Based Methodology for Cost Effective Datacenter Capacity Planning in the Cloud
Nouriddine, Moustafa and Bashroush, R. 2011. Modality Cost Analysis Based Methodology for Cost Effective Datacenter Capacity Planning in the Cloud. Ubiquitous Computing and Communication Journal.
Sufficiency of Windows Event log as Evidence in Digital Forensics
Ibrahim, Nurdeen, Al-Nemrat, Ameer, Jahankhani, Hamid and Bashroush, R. 2011. Sufficiency of Windows Event log as Evidence in Digital Forensics. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
GSi Compliant RAS for Public Private Sector Partnership
Fawzi, Fawzi and Bashroush, R. 2011. GSi Compliant RAS for Public Private Sector Partnership. Proceedings of the 7th International Conference on Global Security, Safety & Sustainability (ICGS3). Greece Aug 2011
Case Study: Using ADLARS to Design and Develop a Real-Time Network Emulator
Bashroush, R., Al-Nemrat, Ameer, Bachrouch, Mohammad and Spence, Ivor 2011. Case Study: Using ADLARS to Design and Develop a Real-Time Network Emulator. Proceedings of the International Conference on Information and Communication Systems (ICICS 2011). Jordan May 2011
Visualizing Variability Models Using Hyperbolic Trees
Bashroush, R., Al-Nemrat, Ameer, Bachrouch, Mohammad and Jahankhani, Hamid 2011. Visualizing Variability Models Using Hyperbolic Trees. Proceedings of the 23rd International Conference on Advanced Information Systems Engineering Forum(CAiSE Forum 2011). London Jun 2011
A Cost Effective Cloud Datacenter Capacity Planning Method Based on Modality Cost Analysis
Bashroush, R. and Nouriddine, Moustafa 2013. A Cost Effective Cloud Datacenter Capacity Planning Method Based on Modality Cost Analysis. International Journal of Communication Networks and Distributed Systems. 11 (3), pp. 250-261.
Challenges in the Application of Feature Modelling in Fixed Line Telecommunications
Gillan, Charles, Kilpatrick, Peter, Spence, Ivor, Brown, T. John, Bashroush, R. and Gawley, Rachel 2007. Challenges in the Application of Feature Modelling in Fixed Line Telecommunications. Proceedings of the First International Workshop on Variability Modelling of Software-intensive Systems (VaMoS 2007), Lemrick, Ireland, Jan 16 -18, 2007. C Gillan
Using a Software Product Line Approach in Designing Grid Services
Bashroush, R. and Perrott, Ronald 2005. Using a Software Product Line Approach in Designing Grid Services. 4th UK e-Science All Hands Meeting (AHM2005). Nottingham, UK Sep 2005
Requirements Modelling and Design Notations for Software Product Lines
Brown, T. John, Gawley, Rachel, Spence, Ivor, Kilpatrick, Peter, Gillan, Charles and Bashroush, R. 2007. Requirements Modelling and Design Notations for Software Product Lines. Proceedings of the First International Workshop on Variability Modelling of Software-intensive Systems (VaMoS2007), Lemrick, Ireland, Jan 16-18, 2007. T J. Brown