Search results

Outlines the special characteristics of the Athens stock exchange which may cause misspecification in the simple market model and make Dimson type models more appropriate. Refers to previous research on then and nonsynchronous trading, discusses the methodological issues involved and applies both simple and Dimson type models to 1993‐1997 data for 22 Greek shares. Finds the latter “in many ways more useful” than the simple model, summarizes the main conclusions and suggests that they may be particularly suited to emerging markets in bullish periods.

The purpose of this paper is to examine the relationship between beta and returns in the Athens stock exchange (ASE), taking into account the difference between positive and negative market excess returns' yields.

The data were taken from DataStream database and the sample period consists of 12 years divided into four six‐year periods such that the test periods do not overlap. Regression analysis is applied, using both the traditional (unconditional) test procedure and the conditional approach.

The estimation of return and beta without differentiating positive and negative market excess returns produces a flat unconditional relationship between return and beta. However, when using the conditional capital asset pricing model (CAPM) and cross‐sectional regression analysis, the evidence tends to support the significant positive relationship in up market and a significant negative relationship in down market.

The small number of listed companies in the ASE led to the inclusion of the financial and insurance companies in the sample, and to the formation of a small number of portfolios. The same research methodology could be applied to individual stocks of the ASE and with the exclusion of all financial companies.

The results tend to support the existence of a conditional CAPM relation between risk and realized return trade‐off.

Security information management systems (SIMs) have been providing a unified distributed platform for the efficient management of security information produced by corresponding mechanisms within an organization. However, these systems currently lack the capability of producing and enforcing response policies, mainly due to their limited incident response (IR) functionality. This paper explores the nature of SIMs while proposing a set of requirements that could be satisfied by SIMs for the efficient and effective handling of security incidents.

These requirements are presented in a high‐level architectural concept and include policy visualization, system intelligence to enable automated policy management, as well as, data mining elements for inspection, evaluation and enhancements of IR policies.

A primitive mechanism that could guarantee the freshness and accuracy of state information that SIMs provide in order to launch solid response alarms and actions for a specific incident or a series of incidents is proposed, along with a role based access control administrative model (ARBAC) based on a corporate model for IR. Basic forensic and trace‐back concepts that should be integrated into SIMs in order to provide the rich picture of the IR puzzle are also examined.

The support of policy compliance and validation tools to SIMs is also addressed.

The aforementioned properties could greatly assist in automating the IR capability within an organization.

The paper proposes looking at the automation of the incident response (IR) process, through formal, systematic and standardized methods for collection, normalization and correlation of security data (i.e. vulnerability, exploit and intrusion detection information).

The paper proposes the incident response intelligence system (IRIS) that models the context of discovered vulnerabilities, calculates their significance, finds and analyzes potential exploit code and defines the necessary intrusion detection signatures that combat possible attacks, using standardized techniques. It presents the IRIS architecture and operations, as well as the implementation issues.

The paper presents detailed evaluation results obtained from real‐world application scenarios, including a survey of the users' experience, to highlight IRIS contribution in the area of IR.

The paper introduces the IRIS, a system that provides detailed security information during the entire lifecycle of a security incident, facilitates decision support through the provision of possible attack and response paths, while deciding on the significance and magnitude of an attack with a standardized method.

The purpose of this paper is to identify the importance of the factors that influence the success rate of remote arbitrary code execution attacks. In other words, attacks which use software vulnerabilities to execute the attacker's own code on targeted machines. Both attacks against servers and attacks against clients are studied.

The success rates of attacks are assessed for 24 scenarios: 16 scenarios for server‐side attacks and eight for client‐side attacks. The assessment is made through domain experts and is synthesized using Cooke's classical method, an established method for weighting experts' judgments. The variables included in the study were selected based on the literature, a pilot study, and interviews with domain experts.

Depending on the scenario in question, the expected success rate varies between 15 and 67 percent for server‐side attacks and between 43 and 67 percent for client‐side attacks. Based on these scenarios, the influence of different protective measures is identified.

The results of this study offer guidance to decision makers on how to best secure their assets against remote code execution attacks. These results also indicate the overall risk posed by this type of attack.

Attacks that use software vulnerabilities to execute code on targeted machines are common and pose a serious risk to most enterprises. However, there are no quantitative data on how difficult such attacks are to execute or on how effective security measures are against them. The paper provides such data using a structured technique to combine expert judgments.

This study aims to assess the predictive performance of various factors on Bitcoin returns, used for the development of a robust forecasting support decision model using machine learning techniques, before and during the COVID-19 pandemic. More specifically, the authors investigate the impact of the investor's sentiment on forecasting the Bitcoin returns.

This method uses feature selection techniques to assess the predictive performance of the different factors on the Bitcoin returns. Subsequently, the authors developed a forecasting model for the Bitcoin returns by evaluating the accuracy of three machine learning models, namely the one-dimensional convolutional neural network (1D-CNN), the bidirectional deep learning long short-term memory (BLSTM) neural networks and the support vector machine model.

The findings shed light on the importance of the investor's sentiment in enhancing the accuracy of the return forecasts. Furthermore, the investor's sentiment, the economic policy uncertainty (EPU), gold and the financial stress index (FSI) are the top best determinants before the COVID-19 outbreak. However, there was a significant decrease in the importance of financial uncertainty (FSI and EPU) during the COVID-19 pandemic, proving that investors attach much more importance to the sentimental side than to the traditional uncertainty factors. Regarding the forecasting model accuracy, the authors found that the 1D-CNN model showed the lowest prediction error before and during the COVID-19 and outperformed the other models. Therefore, it represents the best-performing algorithm among its tested counterparts, while the BLSTM is the least accurate model.

Moreover, this study contributes to a better understanding relevant for investors and policymakers to better forecast the returns based on a forecasting model, which can be used as a decision-making support tool. Therefore, the obtained results can drive the investors to uncover potential determinants, which forecast the Bitcoin returns. It actually gives more weight to the sentiment rather than financial uncertainties factors during the pandemic crisis.

To the authors’ knowledge, this is the first study to have attempted to construct a novel crypto sentiment measure and use it to develop a Bitcoin forecasting model. In fact, the development of a robust forecasting model, using machine learning techniques, offers a practical value as a decision-making support tool for investment strategies and policy formulation.

The purpose of this paper is to evaluate if automated vulnerability scanning accurately identifies vulnerabilities in computer networks and if this accuracy is contingent on the platforms used.

Both qualitative comparisons of functionality and quantitative comparisons of false positives and false negatives are made for seven different scanners. The quantitative assessment includes data from both authenticated and unauthenticated scans. Experiments were conducted on a computer network of 28 hosts with various operating systems, services and vulnerabilities. This network was set up by a team of security researchers and professionals.

The data collected in this study show that authenticated vulnerability scanning is usable. However, automated scanning is not able to accurately identify all vulnerabilities present in computer networks. Also, scans of hosts running Windows are more accurate than scans of hosts running Linux.

This paper focuses on the direct output of automated scans with respect to the vulnerabilities they identify. Areas such as how to interpret the results assessed by each scanner (e.g. regarding remediation guidelines) or aggregating information about individual vulnerabilities into risk measures are out of scope.

This paper describes how well automated vulnerability scanners perform when it comes to identifying security issues in a network. The findings suggest that a vulnerability scanner is a useable tool to have in your security toolbox given that user credentials are available for the hosts in your network. Manual effort is however needed to complement automated scanning in order to get satisfactory accuracy regarding network security problems.

Previous studies have focused on the qualitative aspects on vulnerability assessment. This study presents a quantitative evaluation of seven of the most popular vulnerability scanners available on the market.

The purpose of this paper is to examine security incident response practices of information technology (IT) security practitioners as a diagnostic work process, including the preparation phase, detection, and analysis of anomalies.

The data set consisted of 16 semi‐structured interviews with IT security practitioners from seven organizational types (e.g. academic, government, and private). The interviews were analyzed using qualitative description with constant comparison and inductive analysis of the data to analyze diagnostic work during security incident response.

The analysis shows that security incident response is a highly collaborative activity, which may involve practitioners developing their own tools to perform specific tasks. The results also show that diagnosis during incident response is complicated by practitioners' need to rely on tacit knowledge, as well as usability issues with security tools.

Owing to the nature of semi‐structured interviews, not all participants discussed security incident response at the same level of detail. More data are required to generalize and refine the findings.

The contribution of the work is twofold. First, using empirical data, the paper analyzes and describes the tasks, skills, strategies, and tools that security practitioners use to diagnose security incidents. The findings enhance the research community's understanding of the diagnostic work during security incident response. Second, the paper identifies opportunities for future research directions related to improving security tools.

Despite many technically sophisticated solutions, managing information security has remained a persistent challenge for organizations. Emerging IT/ICT media have posed new security challenges to business information and information assets. It is felt that technical solutions alone are not sufficient to address the information security challenge. It has been argued that organizations also need to consider the management aspects of information security. Consequently, literature, especially in the last decade, has witnessed various scholarly works in this direction. Therefore, a synthesis exercise is required to bring clarity on categorizing the issues of organizational information security management (ISM) to take the research forward. The purpose of this paper is to identify management factors that address organizational information security challenges.

Using a mix method approach, the paper adopts the qualitative (keyword analysis and experts’ opinion) and quantitative (questionnaire survey) research routes. Exploratory factor analysis is conducted to find out the key factors of organizational ISM.

The paper categorizes various organizational ISM functions into ten factors. Spanning across three levels (strategic, tactical and operational), these factors cover various management issues of organizational ISM.

The paper takes the ISM literature forward by statistically validating the key management factors of organizational ISM. The study outcome should help to draw the attention of organizations toward the managerial challenges of organizational ISM.

Cyber security incidents pose a major threat to organisations. Reporting cyber security incidents and providing organisations with information about their true nature, type and volume, is crucial to inform risk-based decisions. Despite the importance of reporting cyber security incidents, little research has addressed employees’ motivations to do so. Therefore, the purpose of this study is to investigate the factors that influence employees to report cyber security incidents using the theory of planned behaviour as a theoretical framework.

Survey data were collected from a sample of 549 working Australian adults. Demographics were gathered, in addition to data using the Cyber Security Incident Reporting Inventory (CSIRI; pronounced, “Siri”).

Attitude towards reporting, subjective norms and perceived behavioural control each significantly predicted intention-to-report cyber security incidents. Perceived behavioural control also significantly predicted actual reporting behaviour.

The results of this study validate the application of the theory of planned behaviour to the cyber security incident reporting context, also indicating that the relationship between intention to report a cyber security incident and actual reporting behaviour may be facilitated by perceived behavioural control.

These findings can be applied to inform the development of strategies that increase employees’ cyber security incident reporting behaviour.

This study outlines the development of a new tool to measure attitudes, subjective norms and perceived behavioural control in relation to the reporting of cyber security incidents. To the best of the authors’ knowledge, this is the first study of its kind to identify the relationship between these factors and intentions to report cyber security incidents.