1. bookVolume 26 (2021): Issue 3 (September 2021)
Journal Details
License
Format
Journal
eISSN
2247-840X
First Published
15 Mar 2017
Publication timeframe
4 times per year
Languages
English
access type Open Access

Further Strategy Analysis of Cybersecurity Incidents

Published Online: 27 Sep 2021
Page range: 251 - 260
Journal Details
License
Format
Journal
eISSN
2247-840X
First Published
15 Mar 2017
Publication timeframe
4 times per year
Languages
English
Abstract

In current socio-economic processes, info-communication services play a determining role, modifying the activities of certain actors. The growing dependence that has developed over the past two decades has imposed the need to give political will to security, which has led to an iterative evolution of the regulatory environment. Therefore, the regulatory framework requires certain entities to develop safeguards including controls that enhance both prevention and response in a manner commensurate with the business value of the information to be protected. However, due to the nature of cybersecurity, developing such countermeasures is not the task of a standalone organization but all entities in cyberspace in a wide range, from individuals to the public sector. Therefore, each entity involved must design protection capabilities in a manner commensurate with the risk, which requires strategic tools and methods and drives organizations to learn from their security incidents. Following our previous paper “Business strategy analysis of cybersecurity incidents” (Bederna et al.) on the topic, this paper reviews the essential formal security strategy formulation tools applied in the cases of Yahoo! and Estonia. Both are based on publicly available information. The analysis confirms the importance of managements’ or the government’s attitude and support for solving cybersecurity challenges.

Keywords

Bányász, P., Krasznay, Cs., & Tóth, A. (2021). A NATO kibervédelmi szakpolitikája [NATO’s cybersecurity politics] In: Szenes, Z. (ed.) A mai NATO : A szövetség helyzete és feladatai [Today’s NATO: Status and roles of the alliance]. Budapest, Magyarország: HM Zrínyi, pp. 130-149. Search in Google Scholar

Bederna, Z. (2019). Critical Information and Communications Technology protection. In Z. Rajnai (Ed.), KIBERBIZTONSÁG-CYBERSECURITY 2. Biztonságtudományi Doktori Iskola. Available on: https://bdi.uni-obuda.hu/sites/default/files/oldal/csatolmany/kiadvany-2019.pdf Search in Google Scholar

Bederna, Z., Rajnai, Z., & Szádeczky, T. (2021). Business strategy analysis of cybersecurity incidents. Land Forces Academy Review, Vol. 26, Issue 2, 139-148. Search in Google Scholar

CNBC. (2020, February 6). If you got an email about the $117.5 million Yahoo data breach settlement, here are your options. Available on: https://www.cnbc.com/2020/02/06/what-to-do-if-you-got-email-from-yahoo-about-a-data-breach-settlement.html Search in Google Scholar

CNET. (2016, December 14). Yahoo sets hack record at 1 billion accounts. Available on: https://www.cnet.com/news/yahoo-hack-1-billion-users-affected-2013-record/ Search in Google Scholar

Forbes. (2016, July 25). Yahoo Sells to Verizon in Saddest $5 Billion Deal in Tech History. Available on: https://www.forbes.com/sites/briansolomon/2016/07/25/yahoo-sells-toverizon-for-5-billion-marissa-mayer/ Search in Google Scholar

Herzog, S. (2011). Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses. Journal of Strategic Security. https://doi.org/10.5038/1944-0472.4.2.310.5038/1944-0472.4.2.3 Search in Google Scholar

Information Commissioner’s Office. (2018). Yahoo! fined £250,000 after systemic failures put customer data at risk. Available on: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2018/06/yahoo-fined-250-000-after-systemic-failures-put-customer-data-at-risk/, accessed at 12 August 2020. Search in Google Scholar

Kalvet, T. (2012). Innovation: A factor explaining e-government success in Estonia. Electronic Government. Available on: https://doi.org/10.1504/EG.2012.046266.10.1504/EG.2012.046266 Search in Google Scholar

Microsoft Corporation. (2008). Form 8-K. Available on: http://edgar.secdatabase.com/2814/95012308001038/filing-main.htm Search in Google Scholar

Ministry of Defence – Estonia. (2008). Cyber Security Strategy. Available on: https://www.enisa.europa.eu/topics/national-cyber-security-strategies/ncss-map/national-cyber-security-strategies-interactive-map/strategies/cyber-security-strategy/@@download_version/993354831bfc4d689c20492459f8a086/file_en Search in Google Scholar

Republic of Estonia. (2007). Estonian National Strategic Reference Framework 2007-2013. Available on: https://www.struktuurifondid.ee/sites/default/files/estonian_national_strategic_reference_framework_2007-2013.pdf, accessed at 16 October 2020. Search in Google Scholar

Schmidt, A. (2013). The Estonian Cyberattacks. In J. Healey (Ed.), A Fierce Domain: Conflict in Cyberspace, 1986 to 2012. https://doi.org/10.1080/10803920.2014.97611110.1080/10803920.2014.976111 Search in Google Scholar

StatCounter. (2020). GlobalStats. Available on: https://gs.statcounter.com/, accessed at 27 October 2020. Search in Google Scholar

Techcrunch. (2012, July 12). Yahoo Confirms, Apologizes For The Email Hack, Says Still Fixing. Plus, Check If You Were Impacted (Non-Yahoo Accounts Apply). Available on: https://techcrunch.com/2012/07/12/yahoo-confirms-apologizes-for-the-email-hack-says-still-fixing-plus-check-if-you-were-impacted-non-yahoo-accounts-apply/ Search in Google Scholar

Techcrunch. (2016, July 25). Verizon buys Yahoo for $4.83 billion. Available on: https://techcrunch.com/2016/07/25/verizon-buys-yahoo-for-4-83-billion/ Search in Google Scholar

TechRepublic. (2016, September 22). Yahoo confirms 500M accounts leaked in massive data breach. Available on: https://www.techrepublic.com/article/yahoo-confirms-500m-accounts-leaked-in-massive-data-breach/ Search in Google Scholar

U.S. Securities and Exchange Commission. (2018). Altaba, Formerly Known as Yahoo!, Charged With Failing to Disclose Massive Cybersecurity Breach; Agrees To Pay $35 Million. Available on: https://www.sec.gov/news/press-release/2018-71, accessed at 12 August 2020. Search in Google Scholar

Yahoo! (2016). Form 10-K 2015. Available on: http://www.sec.gov/edgar.shtml, accessed at 07 January 2021. Search in Google Scholar

Yahoo! (2017). Form 10-K 2016. Available on: http://www.sec.gov/edgar.shtml, accessed at 07 January 2021. Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo