Countermeasure Strategies to Address Cybersecurity Challenges Amidst Major Crises in the Higher Education and Research Sector: An Organisational Learning Perspective
Abstract
:1. Introduction
2. Literature Review
2.1. Cybersecurity
2.2. Organisational Learning
2.3. Cybersecurity and Organisational Learning
3. Methodology
3.1. Research Design
3.2. Context
3.3. Data Collection
4. Data Analysis
5. Results and Findings
5.1. Single-Loop Learning
5.1.1. Improved Employee Learning
5.1.2. Improved Security
5.1.3. Monitoring and Evaluating Security
5.2. Double-Loop Learning
5.2.1. Strategic—Integrating Other Software
5.2.2. Strategic Thinking—Partnering with Other Companies
5.2.3. Strategic Learning—Changing the Existing Systems
5.3. Deutero or Triple-Loop Learning
Strategic Information—Introducing New Policies and Procedures
6. Discussion
7. Theoretical and Practical Contributions
8. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
Abbreviations
Abbreviation | Full Form |
ACSC | Australian Cybersecurity Centre |
HERS | Higher Education and Research Sector |
HEIs | Higher Education Institutions |
MFA | Multi-Factor Authentication |
OL | Organisational Learning |
ISO | International Standards Organization |
DoS | Denial of Service |
DDoS | Distributed Denial of Service |
CSO | Chief Security Officer |
ISM | Information Security Manager |
References
- Pranggono, B.; Arabo, A. COVID-19 pandemic cybersecurity issues. Internet Technol. Lett. 2021, 4, e247. [Google Scholar] [CrossRef]
- Eian, I.C.; Yong, L.K.; Li, M.Y.X.; Qi, Y.H.; Fatima, Z. Cyber attacks in the era of COVID-19 and possible solution domains. Preprints 2020, 2020090630. [Google Scholar] [CrossRef]
- Aljohani, H. Cyber security threats during the pandemic. J. Contemp. Sci. Res. 2020, 5. Available online: http://www.jcsronline.com/wp-content/uploads/2021/05/Volume5Issue1Paper1.pdf (accessed on 24 July 2023).
- Khan, N.A.; Brohi, S.N.; Zaman, N. Ten deadly cyber security threats amid COVID-19 pandemic. TechRxiv 2020. [Google Scholar] [CrossRef]
- Bongiovanni, I. The least secure places in the universe? A systematic literature review on information security management in higher education. Comput. Secur. 2019, 86, 350–357. [Google Scholar] [CrossRef]
- ACSC. ACSC Annual Cyber Threat Report July 2019 to June 2020; ACSC: Canberra, Australia, 2020. [Google Scholar]
- UNESCO. Higher Education Sector (for R&D Data). Available online: https://uis.unesco.org/en/glossary-term/higher-education-sector-rd-data (accessed on 24 July 2023).
- Ahmad, A.; Desouza, K.C.; Maynard, S.B.; Naseer, H.; Baskerville, R.L. How integration of cyber security management and incident response enables organizational learning. J. Assoc. Inf. Sci. Technol. 2020, 71, 939–953. [Google Scholar] [CrossRef]
- Himdi, T.; Ishaque, M.; Ahmed, J. Cybersecurity challenges during pandemic in smart cities. In Proceedings of the 2021 8th International Conference on Computing for Sustainable Global Development (INDIACom), New Delhi, India, 17–19 March 2021; pp. 445–449. [Google Scholar]
- Okereafor, K.; Manny, P. Understanding cybersecurity challenges of telecommuting and video conferencing applications in the COVID-19 pandemic. Int. J. IT Eng. 2020, 8. [Google Scholar] [CrossRef]
- Williams, C.M.; Chaturvedi, R.; Chakravarthy, K. Cybersecurity risks in a pandemic. J. Med. Internet Res. 2020, 22, e23692. [Google Scholar] [CrossRef] [PubMed]
- Ramadan, R.A.; Aboshosha, B.W.; Alshudukhi, J.S.; Alzahrani, A.J.; El-Sayed, A.; Dessouky, M.M. Cybersecurity and Countermeasures at the Time of Pandemic. J. Adv. Transp. 2021, 2021, 6627264. [Google Scholar] [CrossRef]
- Saleous, H.; Ismail, M.; AlDaajeh, S.H.; Madathil, N.; Alrabaee, S.; Choo, K.-K.R.; Al-Qirim, N. COVID-19 pandemic and the cyberthreat landscape: Research challenges and opportunities. Digit. Commun. Netw. 2023, 9, 211–222. [Google Scholar] [CrossRef] [PubMed]
- Raju, R.; Abd Rahman, N.H.; Ahmad, A. Cyber Security Awareness in Using Digital Platforms among Students in a Higher Learning Institution. Asian J. Univ. Educ. 2022, 18, 756–766. [Google Scholar]
- Lourenço, J.; Morais, J.C.; Sá, S.; Neves, N.; Figueiredo, F.; Santos, M.C. Cybersecurity Concerns Under COVID-19: Representations on Increasing Digital Literacy in Higher Education. In Perspectives and Trends in Education and Technology: Selected Papers from ICITED 2022; Springer: Cham, Switzerland, 2023; pp. 739–748. [Google Scholar]
- Karjalainen, M.; Kokkonen, T.; Taari, N. Key elements of on-line cyber security exercise and survey of learning during the on-line cyber security exercise. In Cyber Security: Critical Infrastructure Protection; Springer: Cham, Switzerland, 2022; pp. 43–57. [Google Scholar]
- Patterson, C.M.; Nurse, J.R.; Franqueira, V.N. Learning from cyber security incidents: A systematic review and future research agenda. Comput. Secur. 2023, 132, 103309. [Google Scholar] [CrossRef]
- Salimath, M.S.; Philip, J. Cyber management and value creation: An organisational learning-based approach. Knowl. Manag. Res. Pract. 2020, 18, 474–487. [Google Scholar] [CrossRef]
- Shedden, P.; Ahmad, A.; Ruighaver, A. Organisational learning and incident response: Promoting effective learning through the incident response process. In Proceedings of the 8th Australian Information Security Mangement Conference, Perth, Australia, 30 November 2010. [Google Scholar]
- Argyris, C.; Schön, D.A. Organizational Learning: A Theory of Action Perspective; 77/78; Centro de Investigaciones Sociológicas: Madrid, Spain, 1997; pp. 345–348. [Google Scholar]
- Schön, D.; Argyris, C. Organizational Learning II: Theory, Method and Practice; Addison Wesley: Reading, MA, USA, 1996; 305p. [Google Scholar]
- Craigen, D.; Diakun-Thibault, N.; Purse, R. Defining cybersecurity. Technol. Innov. Manag. Rev. 2014, 4, 13–21. [Google Scholar] [CrossRef]
- Oxford University Press. Oxford Online Dictionary. Available online: http://www.oxforddictionaries.com/definition/english/Cybersecurity (accessed on 24 July 2023).
- Abrahamsson, P.; Salo, O.; Ronkainen, J.; Warsta, J. Agile software development methods: Review and analysis. arXiv 2017, arXiv:1709.08439. [Google Scholar]
- He, Y.; Aliyu, A.; Evans, M.; Luo, C. Health care cybersecurity challenges and solutions under the climate of COVID-19: Scoping review. J. Med. Internet Res. 2021, 23, e21747. [Google Scholar]
- Chadhar, M.A.; Daneshgar, F. Organizational Learning and ERP Post-implementation Phase: A Situated Learning Perspective. J. Inf. Technol. Theory Appl. 2018, 19, 7. [Google Scholar]
- Edmondson, A.C.; Kramer, R.M.; Cook, K.S. Psychological safety, trust, and learning in organizations: A group-level lens. In Trust and Distrust in Organizations: Dilemmas and Approaches; Russell Sage Foundation: Manhattan, NY, USA, 2004; Volume 12, pp. 239–272. [Google Scholar]
- Friedman, V.J.; Antal, A.B. Negotiating reality: A theory of action approach to intercultural competence. Manag. Learn. 2005, 36, 69–86. [Google Scholar] [CrossRef]
- Pentland, B.T.; Feldman, M.S. Organizational routines as a unit of analysis. Ind. Corp. Chang. 2005, 14, 793–815. [Google Scholar] [CrossRef]
- Shrivastava, P. A typology of organizational learning systems. J. Manag. Stud. 1983, 20, 7–28. [Google Scholar] [CrossRef]
- Snell, R.; Chak, A.M.-K. The learning organization: Learning and empowerment for whom? Manag. Learn. 1998, 29, 337–364. [Google Scholar] [CrossRef]
- Cecez-Kecmanovic, D.; Janson, M.; Zupancic, J. Relationship between Information Systems and Organisational Learning-Lessons from the Field. ACIS 2006 Proc. 2006, 58. [Google Scholar]
- He, Y.; Zamani, E.D.; Lloyd, S.; Luo, C. Agile incident response (AIR): Improving the incident response process in healthcare. Int. J. Inf. Manag. 2022, 62, 102435. [Google Scholar] [CrossRef]
- Evans, M.; He, Y.; Maglaras, L.; Janicke, H. HEART-IS: A novel technique for evaluating human error-related information security incidents. Comput. Secur. 2019, 80, 74–89. [Google Scholar] [CrossRef]
- He, Y.; Johnson, C. Challenges of information security incident learning: An industrial case study in a Chinese healthcare organization. Inform. Health Soc. Care 2017, 42, 393–408. [Google Scholar] [CrossRef] [PubMed]
- Ahmad, A.; Hadgkiss, J.; Ruighaver, A.B. Incident response teams–Challenges in supporting the organisational security function. Comput. Secur. 2012, 31, 643–652. [Google Scholar] [CrossRef]
- Ahmad, A.; Maynard, S.B.; Shanks, G. A case analysis of information systems and security incident responses. Int. J. Inf. Manag. 2015, 35, 717–723. [Google Scholar] [CrossRef]
- Jaatun, M.G.; Albrechtsen, E.; Line, M.B.; Tøndel, I.A.; Longva, O.H. A framework for incident response management in the petroleum industry. Int. J. Crit. Infrastruct. Prot. 2009, 2, 26–37. [Google Scholar] [CrossRef]
- Tick, A.; Cranfield, D.J.; Venter, I.M.; Renaud, K.V.; Blignaut, R.J. Comparing three countries’ higher education students’ cyber related perceptions and behaviours during COVID-19. Electronics 2021, 10, 2865. [Google Scholar] [CrossRef]
- Alexei, L.A.; Alexei, A. Cyber security threat analysis in higher education institutions as a result of distance learning. Int. J. Sci. Technol. Res. 2021, 10, 128–133. [Google Scholar]
- Anderson, J.; Poole, M. Assignment and Thesis Writing; Juta and Company Ltd.: Claremont, CA, USA, 2009. [Google Scholar]
- Maleh, Y. Security and Privacy Management, Techniques, and Protocols; IGI Global: Hershey, PA, USA, 2018. [Google Scholar]
- De Bruijn, H.; Janssen, M. Building cybersecurity awareness: The need for evidence-based framing strategies. Gov. Inf. Q. 2017, 34, 1–7. [Google Scholar] [CrossRef]
- Tagarev, T.; Sharkov, G.; Stoianov, N. Cyber security and resilience of modern societies: A research management architecture. Inf. Secur. 2017, 38, 93–108. [Google Scholar] [CrossRef]
- Alvesson, M. Beyond neopositivists, romantics, and localists: A reflexive approach to interviews in organizational research. Acad. Manag. Rev. 2003, 28, 13–33. [Google Scholar] [CrossRef]
- Denzin, N.K. Collecting and Interpreting Qualitative Materials; Sage: Thousand Oaks, CA, USA, 2008; Volume 3. [Google Scholar]
- Strauss, A.; Corbin, J. Basics of Qualitative Research; Sage Publication: Thousand Oaks, CA, USA, 1990. [Google Scholar]
- Ahmad, T. Corona virus (COVID-19) pandemic and work from home: Challenges of cybercrimes and cybersecurity. SSRN Electron. J. 2020. [Google Scholar] [CrossRef]
- Hoepfl, M.C. Choosing qualitative research: A primer for technology education researchers. J. Techonl. Educ. 1997, 9, 47–63. [Google Scholar] [CrossRef]
- Patton, M. Qualitative Research and Evaluation Methods, 3rd ed.; Sage: Thousand Oaks, CA, USA, 2002. [Google Scholar]
- Bogdan, R.; Biklen, S.K. Qualitative Research for Education; Allyn & Bacon: Boston, MA, USA, 1997. [Google Scholar]
- Aitzhan, N.Z.; Svetinovic, D. Security and privacy in decentralized energy trading through multi-signatures, blockchain and anonymous messaging streams. IEEE Trans. Dependable Secur. Comput. 2016, 15, 840–852. [Google Scholar] [CrossRef]
- Noy, C. Sampling knowledge: The hermeneutics of snowball sampling in qualitative research. Int. J. Soc. Res. Methodol. 2008, 11, 327–344. [Google Scholar] [CrossRef]
- Stumpf, T.; Califf, C. On the use of meta-theory in grounded investigations: In principle and practice in hospitality and tourism research. In Handbook of Research Methods in Tourism and Hospitality Management; Edward Elgar: Northhampton, UK, 2018; pp. 123–135. [Google Scholar]
- Ezzy, D. Qualitative Analysis; Routledge: London, UK, 2013. [Google Scholar]
- Walsham, G. Interpretive case studies in IS research: Nature and method. Eur. J. Inf. Syst. 1995, 4, 74–81. [Google Scholar] [CrossRef]
- Hijji, M.; Alam, G. Cybersecurity Awareness and Training (CAT) Framework for Remote Working Employees. Sensors 2022, 22, 8663. [Google Scholar] [CrossRef] [PubMed]
- Abroshan, H.; Devos, J.; Poels, G.; Laermans, E. COVID-19 and phishing: Effects of human emotions, behavior, and demographics on the success of phishing attempts during the pandemic. IEEE Access 2021, 9, 121916–121929. [Google Scholar] [CrossRef]
- Adil, M.; Khan, M.K. Emerging iot applications in sustainable smart cities for COVID-19: Network security and data preservation challenges with future directions. Sustain. Cities Soc. 2021, 75, 103311. [Google Scholar] [CrossRef] [PubMed]
- Cheng, E.C.; Wang, T. Institutional strategies for cybersecurity in higher education institutions. Information 2022, 13, 192. [Google Scholar] [CrossRef]
- Wong, L.-W.; Lee, V.-H.; Tan, G.W.-H.; Ooi, K.-B.; Sohal, A. The role of cybersecurity and policy awareness in shifting employee compliance attitudes: Building supply chain capabilities. Int. J. Inf. Manag. 2022, 66, 102520. [Google Scholar] [CrossRef]
- Hui, S.C.; Kwok, M.Y.; Kong, E.W.; Chiu, D.K. Information security and technical issues of cloud storage services: A qualitative study on university students in Hong Kong. Libr. Hi Tech 2023. ahead of print. [Google Scholar] [CrossRef]
- Khatri, S.; Cherukuri, A.K.; Kamalov, F. Global Pandemics Influence on Cyber Security and Cyber Crimes. arXiv 2023, arXiv:2302.12462. [Google Scholar]
- Zhang, Q.; Zhou, C.; Xiong, N.; Qin, Y.; Li, X.; Huang, S. Multimodel-based incident prediction and risk assessment in dynamic cybersecurity protection for industrial control systems. IEEE Trans. Syst. Man Cybern. Syst. 2015, 46, 1429–1444. [Google Scholar] [CrossRef]
- Ulven, J.B.; Wangen, G. A systematic review of cybersecurity risks in higher education. Future Internet 2021, 13, 39. [Google Scholar] [CrossRef]
- Abukari, A.M.; Bankas, E.K. Some cyber security hygienic protocols for teleworkers in COVID-19 pandemic period and beyond. Int. J. Sci. Eng. Res. 2020, 11, 1401–1407. [Google Scholar]
- Garba, A.A.; Bade, A.M. An investigation on recent cyber security frameworks as guidelines for organizations adoption. Int. J. Innov. Sci. Res. Technol. 2021, 6, 103–110. [Google Scholar]
- Kumar, S.; Biswas, B.; Bhatia, M.S.; Dora, M. Antecedents for enhanced level of cyber-security in organisations. J. Enterp. Inf. Manag. 2021, 34, 1597–1629. [Google Scholar] [CrossRef]
- Najm, Y.; Alsamaraee, S.; Jalal, A.A. Cloud computing security for e-learning during COVID-19 pandemic. Indones. J. Electr. Eng. Comput. Sci. 2022, 27, 1610–1618. [Google Scholar] [CrossRef]
- Beaman, C.; Barkworth, A.; Akande, T.D.; Hakak, S.; Khan, M.K. Ransomware: Recent advances, analysis, challenges and future research directions. Comput. Secur. 2021, 111, 102490. [Google Scholar] [CrossRef]
- Alghamdi, A. Cybersecurity threats to Healthcare Sectors during COVID-19. In Proceedings of the 2022 2nd International Conference on Computing and Information Technology (ICCIT), Tabuk, Saudi Arabia, 25–27 January 2022; pp. 87–92. [Google Scholar]
- Goniewicz, K.; Khorram-Manesh, A.; Hertelendy, A.J.; Goniewicz, M.; Naylor, K.; Burkle, F.M., Jr. Current response and management decisions of the European Union to the COVID-19 outbreak: A review. Sustainability 2020, 12, 3838. [Google Scholar] [CrossRef]
- Mimecast. The State of Email Security Report; CrowdStrike: Austin, TX, USA, 2020. [Google Scholar]
- Aljumah, Y.; Ahmed, S.S. A novel approach to get awareness in Saudi Arabia regarding phishing attacks. In Proceedings of the 2021 International Conference on Electrical, Communication, and Computer Engineering (ICECCE), Kuala Lumpur, Malaysia, 12–13 June 2021; pp. 1–5. [Google Scholar]
- Eltahir, M.; Ahmed, O. Cybersecurity Awareness in African Higher Education Institutions: A Case Study of Sudan. Inf. Sci. Lett. 2023, 12, 13. [Google Scholar]
- Nour, B.; Pourzandi, M.; Debbabi, M. A Survey on Threat Hunting in Enterprise Networks. IEEE Commun. Surv. Tutor. 2023, 25, 2299–2324. [Google Scholar] [CrossRef]
- Pokojski, Z.; Kister, A.; Lipowski, M. Remote work efficiency from the employers’ perspective—What’s next? Sustainability 2022, 14, 4220. [Google Scholar] [CrossRef]
- Einler Larsson, L.; Qollakaj, K. Cybersecurity of Remote Work Migration: A Study on the VPN Security Landscape Post COVID-19 Outbreak. 2023. Available online: https://www.diva-portal.org/smash/record.jsf?pid=diva2%3A1778036&dswid=-6273 (accessed on 15 December 2023).
- Perwej, Y.; Abbas, S.Q.; Dixit, J.P.; Akhtar, N.; Jaiswal, A.K. A systematic literature review on the cyber security. Int. J. Sci. Res. Manag. 2021, 9, 669–710. [Google Scholar] [CrossRef]
- Pavlova, E. Enhancing the organisational culture related to cyber security during the university digital transformation. Inf. Secur. 2020, 46, 239–249. [Google Scholar] [CrossRef]
- Trumbach, C.C.; Payne, D.M.; Walsh, K. Cybersecurity in business education: The ‘how to’in incorporating education into practice. Ind. High. Educ. 2023, 37, 35–45. [Google Scholar] [CrossRef]
- Al Shammari, A.; Maiti, R.R.; Hammer, B. Organizational security policy and management during COVID-19. In Proceedings of the SoutheastCon 2021, Virtual, 10–13 March 2021; pp. 1–4. [Google Scholar]
- Fouad, N.S. Securing higher education against cyberthreats: From an institutional risk to a national policy challenge. J. Cyber Policy 2021, 6, 137–154. [Google Scholar] [CrossRef]
- Ghavifekr, S.; Fung, H.Y. Change management in digital environment amid the COVID-19 pandemic: A scenario from Malaysian higher education institutions. In Pandemic, Lockdown, and Digital Transformation: Challenges and Opportunities for Public Administration, NGOs, and Businesses; Springer: Cham, Switzerland, 2021; pp. 129–158. [Google Scholar]
Reference | Framework/Model/Theory | Elements in Framework | Industry | Methodology | Publication Year | Participants | Type of Paper |
---|---|---|---|---|---|---|---|
[33] | Incident Response Framework | Preparation, Detection and Analysis, Containment, Eradicate and Recover, Post Incident activities | healthcare in the UK | case study | 2022 | not specified | case study |
[8] | Organisational learning theory to integrate information security management and incident responses | Single-loop learning and double-loop learning | not specified | not specified | 2020 | not specified | Conceptual paper |
[34] | Create the novel HEART of Information Security (HEART-IS) technique to assess human-error-related security incidents and Reduction Technique (HEART-IS) | HEART Generic Task Types (GTT) and Error-Producing Conditions (EPC). | service industry | case study (one service industry organisation) | 2019 | all employees | empirical paper using security incidents reports |
[35] | Security Assurance Model to link lesson learned from security incidents | 1. Violated security requirements and objectives 2. Causes and solutions of security lessons learned | healthcare in China | case study | 2017 | IT professionals and healthcare professionals | empirical study using interviews |
[37] | Proposed dynamic security process model based on the 4I model of organisational learning | Intuiting, Interpreting, Integrating, Institutionalizing | the financial organisation in Australia | case study | 2015 | Incident report team, Security, and Senior Managers | Empirical study using interviews |
[36] | The proposed revised incident learning system | Response, identification, investigation, reporting, causal analysis, single-loop learning, double-loop learning, incident response process | global financial organisation | case study | 2012 | Network response, incident response, security and risk, and IS policy managers | Exploratory |
[19] | Future incident response research must incorporate a learning focus and facilitate double-loop learning. | Double-loop learning | not specified | not specified | 2010 | secondary data | conceptual literature review paper |
[38] | Incident Response Management (IRMA) method | proactive learning and sociotechnical actors | petroleum Industry | case study | 2009 | not specified | accident analysis |
Code Assigned | Role | Experience |
---|---|---|
C001 | Chief Security Officer (CSO) | 11 years |
C002 | Information Security Manager (ISM) | 3 years |
C003 | Senior IT Manager | 5 years |
C004 | Cybersecurity Analyst | 9 years |
C005 | CSO | 9 years |
C006 | Strategic Manager | 6 years |
C007 | Cybersecurity Lead | 10 years |
C008 | Data security Analyst | 4 years |
C009 | Security Testing Manager | 5 years |
C010 | Information Security Officer (ISO) | 9 years |
C011 | CSO | 13 years |
C012 | ISM | 7 years |
C013 | Senior IT Manager | 9 years |
C014 | Security Engineer | 4 years |
C015 | ISO | 3 years |
C016 | Senior Executive Officer | 7 years |
C017 | Senior IT Officer | 4 years |
C018 | Senior Security Officer | 6 years |
C019 | Head of Change Management | 6 years |
C020 | Information Security Assistant | 4 years |
C021 | Development Manager | 8 years |
C022 | ISO | 5 years |
C023 | Senior Manager | 4 years |
Participant Quotes | Open Coding | Theoretical Coding | Core Themes |
---|---|---|---|
The trainings were helpful. Our cloud partners not only verbally discussed but they showed us all by demonstrating each feature in front of us through video meetings in teams. | Cloud service trainings | Improved employee learning | Single-loop learning |
We’ve got cyber security awareness training portal as well. On this portal, our employees can access range of training cybersecurity courses and workshops anytime. | Awareness training portals | ||
a cybersecurity training awareness program in which every week we were arranging a meeting and discussing various cybersecurity issues which could occur due to remote working. However, that was more like a discussion rather than formal training. | Cybersecurity programs | ||
one to one online sessions for employees to help them secure office desktops and work in a safe environment | Online sessions | ||
Non-technical employees were taught to reset and gain temporary password in case of password breaches | Learning password resets | ||
Every month phishing email campaigns and trainings were sent to all staff members. Simulated phishing emails training were given every week | Phishing email campaigns | ||
Short videos and quizzes are sent to employee regarding their cybersecurity trainings to keep up to date | Video content | ||
learning material and exams in a way that it can be conducted online without any issue. So, yes multiple virtual handling skills were developed. | Virtual handling skills | ||
All employees’ mobile devices have a secure check app installed, which is based on the multi-factor authentication technique. As a second authentication, the login is confirmed via our mobile phone app. | Secure check application | Improved security | |
There is a security posture document that I personally have been a part of. The document maps what we’re going to go with the products that we already had and having to utilize those going forward. | Security posture document | ||
To stay safe, we then introduced and bounded our staff and employees to use emails, teams associated with their Microsoft institution accounts. | Official email and OneDrive | ||
We have implemented stronger ‘Sensitivity Labels’ in Microsoft (Office 365) using the sensitivity option in Microsoft O365 to help you protect your emails and documents. With data constantly being created, edited, stored, and shared within and outside organisation, it is essential to embrace security features like this | Using sensitivity labels | ||
To avoid such situation to repeat in future, we started using VPN, firewalls | Utilising firewalls | ||
Even though sharing passwords is strongly discouraged, use LastPass when you need to do so with your team. | Utilising LastPass | ||
We are doing a Cyber Security Risk Factor analysis across all of the departments and sending information to all departments to save them from the cybersecurity challenges which we have faced or can face during the hybrid work | Incident and risk analysis | Monitoring and evaluating security | |
we also employed penetration security testing on schedule to see if they can find any gaps | Security testing | ||
to deal with these issues, we already have a aim to review through different cybersecurity frameworks and initiate a quarterly report based on that review. The review involves doing security check based on cybersecurity famous frameworks. | Review security | ||
we relocated several of our services to the cloud, we do have agreements where the client supplier is in charge of maintaining the security of the infrastructure. | Adopting cloud computing | Strategic—Integrating other software | Double-loop learning |
Windows Defender was made mandatory in order to prevent such malware attacks | Adopting Windows Defender | ||
We implemented MFA to prevent hackers from accessing our official portals | Implementing multifactor authentication | ||
our next move is to search for a managed service provider for the system you have been using as an example, which is undoubtedly one of the best management systems. We employ various software that has been outsourced from third parties to provide the 24/7 monitoring systems that we need. | Introducing 24/7 monitoring systems | Strategic thinking—Partnering with other companies | |
our crowdstrike falcon endpoint security solution rapidly identified the threat, protecting our data. | partnerships with CrowdStrike Falcon | ||
we approach that with a better Technology we use mimecast to filter those emails to got a rejection | Partnerships with Mimecast | ||
Activtrak collaboration was introduced. Activtrak company help us secure and aids in monitoring and analysis | Partnerships with Activtrak | ||
we have got Cybereason Defense Platform which is our endpiont | Partnerships with Cybereason Defence Platform | ||
just one final thing to finish, the major change was rearrangement of the whole management and reporting structure in the organisation. Now, the employees were directly reporting to the chief security officers in the cybersecurtiy department unlike before when they were reporting their immediate supervisors only. Remote working and increased cyber issues has proven to be a significant push towards changing of organisational management structures in terms of performing daily tasks and reporting to the heads | Changes in management structures | Strategic learning—Changing the existing systems | |
Now its mandatory to include cyber awareness, zero trust in the core values of the organisation to avoid these cyber incident situation in future, now the values of better communication, helping and supporting eachother, listening and acquiring new skills are encouraged to deal with the cyber risks during the hybrid mode of work and make hybrid work a success. | Changes in core organisational values | ||
Cybersecurity policy was introduced. Cybersecurity policy outlines the uses of systems in a protected way and how to safe yourselves from outer world attacks while working from home. | Cybersecurity policy | Strategic information—Introducing new policies and procedures | Triple-loop learning |
So the first one device usage, obviously now the staff is said to use only officially provided laptops, desktops and mobile phones for work no personal devices usage | Device usage policy | ||
using chatbot app for official conversations | Introducing chatbot app | ||
Other one I talked about is data access. In this policy, staff is now restricted to reach all data. Security managers has designed the software in this way that only eligible people are able to reach the data they need and no one can change it except the privileged accounts. Privileged accounts are the top people who have authority to manipulate, delete, and add new data. | Introducing access management policy | ||
The policy key points include presence of all employees, actively participating and sharing their issues and challenges with top management in the mandatory onliny weekly meeting. | Meet-and-greet policy | ||
Zero trust policy, which we have now implemented, has greatly aided us in preventing and reducing cybersecurity assaults. | Introducing zero trust policy |
Summary of Key Findings | |
---|---|
Recommended Counterstrategies | Key Points |
Cybersecurity awareness and training support | One-to-one personalised training programs, introducing cybersecurity awareness training through portals, exclusive cloud service training by cloud providers |
Phishing campaign | Training to deal with phishing attacks, introducing simulated phishing emails training sessions, showing phishing content in training to recognise phishing emails |
Video learning materials and virtual handling skills | Introducing short videos and quiz activities to test training outcomes, improving virtual handling skills to ensure a smooth transition of activities online |
Installing secure check applications in mobile devices, and MFA implementation | Installation of a secure check application in all employees’ mobile phones to improve security and avoid password breaches: The secure check app uses the MFA technique. |
Developing security posture documents | The document outlines the security status of networks, information, and systems based on information security resources and capabilities in place to manage the defence. It highlights how we would be reacting to external environment changes like in pandemics, disasters. |
Using official email and OneDrive for storage purposes | Official documents will only be accessed, sent, and stored in official emails and OneDrive only, saving and access to data through personal emails is prohibited. |
Utilising sensitivity labels in Microsoft, and installing firewalls | Stronger “Sensitivity Labels” in Microsoft (Office 365) using the sensitivity option in Microsoft O365 have been implemented to help protect emails and documents. Installation of firewalls in all workstations is ensured. |
Using lastpass for password sharing. | Password sharing is discouraged except for in urgent cases. LastPass must be adopted to share passwords. |
Adopting cloud computing | Relocation of services to the cloud, agreements where the client–supplier cloud partner oversees ensuring the security |
Windows Defender | Adoption of using Windows Defender to avoid certain malware attacks |
Activtrak, Cybereason Defence Platform, Mimecast, Falcon CrowdStrike, and other 24/7 security services | Partnerships with certain external entities including ActivTrak, Cybereason Defence Platform, Mimecast, Falcon CrowdStrike, and other 24/7 security services providers to ensure and enhance security and avoid cybersecurity attacks |
Incident and risk analysis | Monitoring and evaluation through Cyber Security Risk Factor analysis across all the departments to improve security features |
Security testing | Schedule penetration security testing is carried out across the department. |
Review security | A security review is carried out quarterly using different cybersecurity frameworks, and the report is shared and discussed to improve security across the organisation. |
Changes in management structures | Rearrangement of the whole management and reporting structure, employees directly report to the CSOs in the cybersecurity department |
Changes in organisational values | Changes in organisational culture, values of better communication, introducing better support systems, and acquiring new skills are all new values. |
Cybersecurity policy | Outlines the uses of systems in a protected way and how to save yourself from outer-world attacks while working from home. |
Device usage policy | Use only officially provided laptops, desktops, and mobile phones for work, no personal device usage |
Chatbot application | Developed a chatbot app for communication with colleagues and other employees within the department during remote working |
Access management policy | Introducing new data restriction rules according to the job titles, guidelines to request any inaccessible data, and instructions for the access and use of data securely |
Meet-and-greet policy | The mandatory presence of all employees, actively participating and sharing their issues and challenges with top management, and exchanging ideas with colleagues, and management |
Zero-trust policy | No one is trusted, verification is required for everyone who wants to gain access to the system |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Mahmood, S.; Chadhar, M.; Firmin, S. Countermeasure Strategies to Address Cybersecurity Challenges Amidst Major Crises in the Higher Education and Research Sector: An Organisational Learning Perspective. Information 2024, 15, 106. https://doi.org/10.3390/info15020106
Mahmood S, Chadhar M, Firmin S. Countermeasure Strategies to Address Cybersecurity Challenges Amidst Major Crises in the Higher Education and Research Sector: An Organisational Learning Perspective. Information. 2024; 15(2):106. https://doi.org/10.3390/info15020106
Chicago/Turabian StyleMahmood, Samreen, Mehmood Chadhar, and Selena Firmin. 2024. "Countermeasure Strategies to Address Cybersecurity Challenges Amidst Major Crises in the Higher Education and Research Sector: An Organisational Learning Perspective" Information 15, no. 2: 106. https://doi.org/10.3390/info15020106
APA StyleMahmood, S., Chadhar, M., & Firmin, S. (2024). Countermeasure Strategies to Address Cybersecurity Challenges Amidst Major Crises in the Higher Education and Research Sector: An Organisational Learning Perspective. Information, 15(2), 106. https://doi.org/10.3390/info15020106