Next-Generation Enterprise Security and Governance

The Internet is making our daily lives as digital as possible, and this new era is called the Internet of Everything (IoE). The key force behind the rapid growth of the Internet is the technological advancement of enterprises. The digital world we live in is facilitated by these enterprises’ advances and business intelligence. These enterprises need to deal with gazillions of bytes of data, and in today’s age of General Data Protection Regulation, enterprises are required to ensure privacy and security of large-scale data collections. However, the increased connectivity and devices used to facilitate IoE are continually creating more room for cybercriminals to find vulnerabilities in enterprise systems and flaws in their corporate governance. Ensuring cybersecurity and corporate governance for enterprises should not be an afterthought or present a huge challenge. In recent times, the complex diversity of cyber-attacks has been skyrocketing, and zero-day attacks, such as ransomware, botnet, and telecommunication attacks, are happening more frequently than before. New hacking strategies would easily bypass existing enterprise security and governance platforms using advanced, persistent threats. For example, in 2020, the Toll Group firm was exploited by a new crypto-attack family for violating its data privacy, where an advanced ransomware technique was launched to exploit the corporation and request a huge figure of monetary ransom. Even after applying rational governance hygiene, cybersecurity configuration and software updates are often overlooked when they are most needed to fight cyber-crime and ensure data privacy. Therefore, the threat landscape in the context of enterprises has become wider and far more challenging. There is a clear need for collaborative work throughout the entire value chain of this network. In this context, this book addresses the cybersecurity and cooperate governance challenges associated with enterprises, which will provide a bigger picture of the concepts, intelligent techniques, practices, and open research directions in this area. This book serves as a single source of reference for acquiring the knowledge on the technology, process, and people involved in next-generation privacy and security.

Chapter 1: Enterprise Threat Intelligence Chapter 2: Enabling Corporate and Institutional Governance for Effective IT Governance Chapter 3: The Non-Malicious Risky Behaviour in the Enterprise Information System Security Chapter 4: Cybersecurity Incident Response in the Enterprise Chapter 5: Cyber-enabled crime as an enabler in market manipulation schemes Chapter 6: Data Lakes: A Panacea for Big Data Problems, Cyber Safety Issues, and Enterprise Security  Chapter 7: The Battle for Cloud Supremacy and the Remaking of Enterprise Security Chapter 8: Security, Privacy and Trust of Emerging Intelligent Transportation: Cognitive Internet of Vehicles Chapter 9: IT Governance and Enterprise Security Policy in the 6G Era

Mohiuddin Ahmed, PhD, MACS CP, SMIEEE Mohiuddin Ahmed attained his PhD in Computer Science from the University of New South Wales UNSW Australia). He has made practical and theoretical contributions in big data analytics (summarization) for number of application domains and his research has a high impact on data analytics, critical infrastructure protection (IoT, smart grids), information security against DoS attacks, false data injection attacks, etc., and digital health. He is currently working as a Lecturer in Computing and Security Sciences in the School of Science at Edith Cowan University (ECU), Australia. Prior to joining ECU, he served as a Lecturer in the Centre for Cyber Security and Games at Canberra Institute of Technology (CIT) and was also involved with CIT's Data Strategy Working Group. He is currently exploring blockchain for ensuring security of healthcare devices, securing the prestigious ECU Early Career Researcher Grant. Mohiuddin has led edited books on Data Analytics (CRC Press), Cyber Security (CRC Press) and Blockchain (Cambridge Scholars Publishing). Previously, he has worked in the areas of text mining and predictive analytics in the artificial intelligence division at MIMOS, Malaysia. Currently, Mohiuddin is an editorial advisory board member of Cambridge Scholars Publishing Group in the UK and Associate Editor of the International Journal of Computers and Applications (Taylor & Francis Group). He is a Senior Memebr of IEEE and Australian Computer Society Certified Professional. Nour Moustafa, PhD, SMIEEE Dr. Nour Moustafa is Postgraduate Discipline Coordinator (Cyber) and Lecturer in Cyber Security at the School of Engineering and Information Technology (SEIT), University of New South Wales (UNSW)'s UNSW Canberra Australia. He was a Postdoctoral Fellow in Cybersecurity at UNSW Canberra from June 2017 till February 2019. He received his PhD degree in the field of Cyber Security from UNSW in 2017. He obtained his Bachelor’s and master’s degrees in Information Systems in 2009 and 2014, respectively, from the Faculty of Computer and Information, Helwan University, Egypt. His areas of interest include Cyber Security, in particular, Network Security, host- and network- intrusion detection systems, statistics, deep learning, and machine learning techniques. He is interested in designing and developing threat detection and forensic mechanisms to the Industry 4.0 technology for identifying malicious activities from cloud computing, fog computing, IoT and industrial control systems over virtual machines and physical systems. Dr Moustafa established a new theme, the so-called Intelligent Security, at UNSW Canberra Cyber which focuses on developing novel artificial intelligence models for protecting smart systems against cyber threat attacks in 2019. He has several research grants with totalling over AUD 1 Million. He has been awarded the 2020 prestigious Australian Spitfire Memorial Defence Fellowship award. He is also a Senior IEEE Member, ACM member, and CSCRC Fellowship. He has published more than 40 research outputs between 2014 and 2020 in top-tier computing and security journals and conferences, such as IEEE Transactions on forensics and Security, IEEE IoT, and IEEE Transactions on Industrial Informatics. He has served his academic community, as the guest associate editor of IEEE transactions journals, including IEEE Transactions on Industrial Informatics, IEEE IoT Journal, as well as the journals of IEEE Access, Future Internet, Information Security Journal: A Global Perspective, and Electronics. He has also served over seven conferences in leadership roles, involving vice-chair, session chair, Technical Program Committee (TPC) member and proceedings chair, including the 2020 IEEE TrustCom and 2020 32nd Australasian Joint Conference on Artificial Intelligence. Associate Professor Abu Barkat Dr Abu Barkat ullah is currently working as an Associated professor at the University of Canberra. He attained his PhD in Computer Science from UNSW Australia in 2009. His research expertise encompasses cyber security and safety, data analytics, decision analytics, evolutionary optimization and covers a wide range of applications. He has been working as editor for books, reviewers for conferences and journals. He actively participated and led local and international conferences. He has experience and expertise delivering Higher Education, research in IT and Cyber Security for domestic and international institutes and universities. Before joining to university of Canberra Dr Abu Barkat ullah was the head of the Department of Cyber Security and Games at Canberra Institute of Technology, Canberra, Australia.. He has set up a Security operations centre for cyber training (TSOC) at CIT, jointly with Aust Cyber, Fifth domain. This project for National Cyber Security Education and Training, CIT (in partnership with Fifth Domain and AustCyber) was awarded winners of the ‘2019 ACT Industry Collaboratio