Cybersecurity

As a result of the introduction of digital technologies in all spheres of society, various latest technologically conditioned risks and threats have become various. It requires the formation and implementation of a legal mechanism for further development and operation of the system ensuring information security, taking into account the effects of digitalization and transformation of society. The purpose of this study is development of scientifically substantiated proposals and recommendations for implementation legal mechanisms for information security in the context of digitalization. The relevance of this study is due to the needlegal regulation of relations in the information sphere, formation of a system of protection and counteraction to cybercrime. To achieve the goal of the study, methodological principles and approaches of legal science were used. The results of the analysis showed that the most significant mutual influence is demonstrated by a group of indicators of the state's institutional capacity and a group of indicators of the digital capacity of the national economy and cybersecurity. This study substantiates the main directions of accelerating the optimization of the institutional system of cybersecurity in Ukraine, which provides for two key areas: legal and organizational. The legal mechanisms include further improvement and harmonization of the regulatory framework, the formation of relevant legal norms, state policy in the field of information security. The organizational measures are aimed at improving the efficiency of responsible institutional structures - the subjects of cybersecurity - by increasing their capabilities, eliminating duplication in the exercise of their powers, taking into account the best practices of international and European experience. The core of the integrated information security system is the National Cyber Security Coordination Center.

This article reviews the legal framework governing the protection of critical infrastructure in Africa with an emphasis on threats like cyberwar and cyberterrorism. As African governments and businesses increasingly depend on the internet and information systems, there is a need to enact appropriate laws to protect critical infrastructure from cyberattacks that could jeopardize the economic and national security postures of African countries. The article outlines the need for appropriate legal instruments to protect critical infrastructure as African businesses increasingly rely on the internet and information systems. The lack of adequate laws regulating critical infrastructure does not translate to the absence of critical infrastructure in African countries. Ghana, for instance, has a legal framework governing critical infrastructure. These infrastructures are common in most African countries but lack the required legal framework to protect them. It is important to note that despite the Budapest Convention and African Convention on Cybersecurity and Personal Data Protection, there is no international legal framework regulating cyberwar and cyberterrorism. Considering these factors, this article reviews Ghana's Cybersecurity Act and the Directive on Critical Information Infrastructure and uses the United States framework for comparative analysis. In addition to reviewing the types of attacks critical infrastructure could face, the article looks at the legal framework for managing incidents that could arise from cyberattacks targeting critical infrastructure.

Southeast Asia is a region undergoing economic development and technological advancement. This region's economic growth is supported by the digital world, which contributes in the form of a digital economy. However, as the digital economy grows, cyberspace lacks stable cyber security governance. As a result, this area is extremely vulnerable to all types of cyber threats. The author intends to interpret the role of state actors, non-state actors, and international organizations in developing cybersecurity governance in Southeast Asia through this article. In a conceptual framework, the preparation of regional governance must involve collaboration across actors due to their distinct functions. Such governance can maintain cyber security while also accommodating stakeholders in the Southeast Asian region through multi-sectoral collaboration. Therefor, the authors argued that the collaboration between state, non-state, and regional organization are needed to overcome cyber threats. In addition, regional cybersecurity governance should be a turning point to make more secure cyber space in Southeast Asia.

This paper provides a comprehensive overview of the evolving Artificial Intelligence (AI) threat to cybersecurity, emphasizing the urgent need for finance leaders and cybersecurity professionals to adapt their strategies and controls to effectively combat AI-powered scams and cyber-attacks. The study delves into the specific ways in which AI is being used maliciously in cybercrime, such as enhanced phishing and Business Email Compromise (BEC) attacks, the creation of synthetic media including deepfakes, targeted attacks, automated attack strategies, and the availability of black-market AI tools on the dark web. Furthermore, it highlights the critical need for enhanced cybersecurity strategies and international cooperation to combat cyber threats effectively. The findings of this study provide valuable insights for finance leaders, cybersecurity professionals, policymakers, and researchers in understanding and addressing the challenges posed by generative AI in the cyber threat landscape.

Background : Security has been a major issue of discussion due to increase in the number and sophistication of Cyber threats in the modern era. Conventional approaches to threat identification might face difficulties in a number of things, namely the relevancy and the ability to process new and constantly evolving threats. Machine learning (ML) and deep learning (DL) based Approaches present AI as a potential solution to the problem of efficient threat detection.   Objective : The article aims to compare the RF, SVM, CNNs, and RNNs models’ performance, computational time, and resilience in identifying potential cyber threats, such as malware, phishing, and DoS attacks.   Methods : The proposed models were trained as well as evaluated on the NSL-KDD and CICIDS 2017 datasets. This was done based on common scheme indicators including accuracy, precision, recollection, F1 measure, detection rate of efficiency, AUC-ROC, False Alarm Rate (FAR), and the stability to adversaries. Rating of computational efficiency was defined by training time and memory consumption.   Results : The findings indicate that the CNNs gave the best accuracy (96%) and resisted perturbation better, and the RF showed good performance with little computational load. RNNs have been proved effective in sequential data analysis and SVM also performed fairly well on binary data classification although there is a problem of scalability.   Conclusion : CNNs used in AI models are the best solutions to protection from the threats in the cybersecurity space. Nevertheless, some of them still require computational optimization in order to make those beneficial in scenarios with a limited usage of computational resources. It is suggested that these findings can be used in the context of subsequent research and practical applications.

Cyber threats are changing constantly and these days more than 560,000 new malware varieties are launched daily, which means that rudimentary measures of protecting networks from attacks cannot be of much help in handling real time threats. Single-static security control and manual intervention are insufficient to address APTs, Zero Day, and high-volume DDoS attacks. This is where the application of AI in network security lays its foundation, where real time threat response programs become possible where they are trained to automatically identify, categorize, and mitigate highly complex attacks without requiring massive amount of time and effort. The changing role of AI in network security is examined in this work since it can contribute to the improvement of threat detection, decrease response time, and minimize reliance on human factors. This research reviews more than 150 AI-based security frameworks, and 25 case studies of different industries including finance, healthcare, telecommunications, to assess the efficiency of machine learning and deep learning algorithms for autonomous threat response. The insights show that in challenging contexts, AI-based solutions provide anomaly detection scores of up to 97%, which are far higher than those obtained by conventional systems with average scores of 80%. The response time increased up to 75% as the AI systems responded under 3 seconds during the large scale cyberattack simulation operations. Significant achievement of scalability was across networks with number of nodes more than ten thousand nodes at 90% reliability in different threat scenarios. These findings underscore the importance of AI as the cornerstone of today’s cybersecurity: delivering accurate and timely threat coverage and demonstrating high resilience to threat evolution. However, issues like, algorithm bias, ethical concerns, and resistance to adversarial perturbation calls the need for research to develop effective measures towards the longevity of banking security systems integrated with AI. This study emphasizes the importance of search for new strategies to strengthen current digital environments against the increasing number of threats.

Background : As digital transformation accelerates globally, effective IT governance has become critical for organizational success. With global spending on IT governance and risk management projected to reach $16 billion by 2025, emerging technologies such as artificial intelligence (AI), blockchain, and cloud computing are introducing new governance complexities that demand adaptive strategies. Objective : The article explores the key factors and anticipated trends in IT governance that are expected to shape organizational management by 2025. The aim is to understand how evolving technological landscapes influence governance models and risk management practices. Method : A qualitative methodology was adopted, involving a systematic review of 100 scholarly and industry articles focused on recent trends and future directions in IT governance. The analysis highlights issues related to risk management, regulatory compliance, cybersecurity, and technology integration. Results : The review revealed that 83% of organizations reported significant governance challenges due to technological disruption, while 68% indicated a transition toward decentralized governance models, particularly within blockchain-based systems. Additionally, AI-powered decision-making tools are projected to be adopted by over 70% of large enterprises for IT governance functions by 2025. Conclusion : The findings underscore the growing need for flexible and adaptive IT governance frameworks that align with both agile and traditional business objectives. By anticipating and addressing future risks and compliance demands, organizations can enhance their current governance strategies to remain resilient and competitive in the digital era.

Background: Mobile networks today specifically 5G require appreciable secure networks because of the emerging risks due to the growth in the deployment of network structures. Discovered weaknesses of cryptographic conventional methods to quantum computing breakthroughs make it necessary to develop quantum-resistant solutions. Objective: The article analysing Quantum Key Distribution (QKD) protocols in improving cryptographic performance in 5G networking environment, with emphasis on incorporating QKD into 5G network designs. Methods: The study performed both a systematic literature review and an evaluation of current QKD deployments, as well as a qualitative assessment of data derived from 20 key informant interviews on QKD in telecommunications and 15 technical reports. Latency and key generation rate experiments were both conducted with relay mechanisms including both trusted and untrusted optical fiber and wireless relay links, in addition to integration issues were explored using simulations over fiber and wireless emulated networks. Results: The outcomes emphasise that QKD brings radically enhanced key security in conjunction with low delay and high rate within integrated 5G architectures. Hybrid relay-based QKD augmented key generation rates by 23 % in comparison with previous techniques. There are also concerns associated with the implementation of internationally agreed on standards which include issues pertaining to non-compliance of the standards used in different countries and high costs involved when trying to implement these standards. Conclusion: QKD implementation also increases cryptographic protection of the 5G networks and makes infrastructures quantum-immune to threats originating from the quantum-age. To make it more widespread, additional standardization and a reduction in cost are required.