1. A real-world information security performance assessment using a multidimensional socio-technical approachKaja Prislan Mihelič, Anže Mihelič, Igor Bernik, 2020, izvirni znanstveni članek Opis: Measuring the performance of information security is an essential part of the information security management system within organisations. Studies in the past mainly focused on establishing qualitative measurement approaches. Since these can lead to ambiguous conclusions, quantitative metrics are being increasingly proposed as a useful alternative. Nevertheless, the literature on quantitative approaches remains scarce. Thus, studies on the evaluation of information security performance are challenging, especially since many approaches are not tested in organisational settings. The paper aims to validate the model used for evaluating the performance of information security management system through a multidimensional socio-technical approach, in a real-world settings among medium-sized enterprises in Slovenia. The results indicate that information security is strategically defined and compliant, however, measures are primarily implemented at technical and operational levels, while its strategic management remains underdeveloped. We found that the biggest issues are related to information resources and risk management, where information security measurement-related activities proved to be particularly problematic. Even though enterprises do possess certain information security capabilities and are aware of the importance of information security, their current practices make it difficult for them to keep up with the fast-paced technological and security trends. Ključne besede: information security, information security management, organisations, qualitative measurement Objavljeno v DKUM: 07.02.2025; Ogledov: 0; Prenosov: 0
Celotno besedilo (1,17 MB) Gradivo ima več datotek! Več... |
2. International energy security risk index - analysis of the methodological settingsIztok Podbregar, Goran Šimić, Mirjana Radovanović, Sanja Filipović, Polona Šprajc, 2020, izvirni znanstveni članek Opis: The main objective of this paper is to analyze model settings of the International Energy Security Risk Index developed by the U.S. Chamber of Commerce. The study was performed using stepwise regression, principal component analysis, and Promax oblique rotation. The conclusion of the regression analysis shows that Crude Oil Price and Global Coal Reserves are sufficient to explain 90% of the variance of the Index. However, if a model that explains 100% of the variance of the Index is chosen and other variables are added, Global Coal Reserves loses importance due to the presence of other parameters in which it is contained. Regardless of the chosen model of analysis, it is evident that there is room for revising the Index and removing variables that do not contribute to its precision. The research showed that the main disadvantage of the variables that make up the Index rests with the fact that the variables are of different degrees of generality, that is, one parameter is contained in other parameters (unclear which other). The research covers data for 25 countries over a 26-year period, with the first year of the research being 1980 and the last 2016 (the latest available report). Ključne besede: international energy security risk index, analysis, stepwise regression, principal component analysis, Promax oblique rotation Objavljeno v DKUM: 04.02.2025; Ogledov: 0; Prenosov: 3
Celotno besedilo (1,04 MB) Gradivo ima več datotek! Več... |
3. The international energy security risk index in sustainable energy and economy transition decision making - a reliability analysisIztok Podbregar, Goran Šimić, Mirjana Radovanović, Sanja Filipović, Damjan Maletič, Polona Šprajc, 2020, izvirni znanstveni članek Opis: The world economy and society are in a complex process of transition characterized by a high degree of uncertainty. Therefore, further development and management of the transition will largely depend on the quality of the decisions made and, accordingly, on the decision-making process itself. The main goal of this study is to analyze the reliability of International Energy Security Risk Index as a tool to support the process of energy and economy transition decision making, as closely related and highly interdependent phenomena. The index is composed of 29 aggregated variables (grouped into eight categories), and the research is conducted on a research sample of 25 countries over a period of 36 years. The reliability assessment is performed by using Multiple Regression Analysis. Multicollinearity test, plus Multicollinearity test with Variance Inflation Factors, is used for methodological verification. The test results indicate a high degree of unreliability of the Index, as is concluded based on the observed errors in its methodological settings. These errors primarily relate to a high degree of multicollinearity in all 29 variables, whereby independent variables lose their independence and thus jeopardize reliability of the total Index. Out of the eight groups of variables, the fuel imports group is the only one that does not show big methodological errors. The paper presents a recommendation for the improvement of the observed Index (review of the role of individual variables found to be particularly methodologically indicative), as well as a recommendation for different distribution of weighting coefficients. Ključne besede: energy and economy transition, decision making, international energy security risk index, multiple regression analysis, multicollinearity test, multicollinearity test with variance inflation factors Objavljeno v DKUM: 04.02.2025; Ogledov: 0; Prenosov: 2
Celotno besedilo (447,82 KB) Gradivo ima več datotek! Več... |
4. Predicting the probability of cargo theft for individual cases in railway transportLorenc Augustyn, Małgorzata Kuźnar, Tone Lerher, Maciej Szkoda, 2020, izvirni znanstveni članek Opis: In the heavy industry, the value of cargo transported by rail is very high. Due to high value, poor security and volume of rail transport, the theft cases are often. The main problem of securing rail transport is predicting the location of a high probability of risk. Because of this,the aim of the presented research was to predict the highest probability of rail cargo theft for areas. It is important to prevent theft cases by better securing the railway lines. To solve that problem the authors' model was developed. The model uses information about past transport cases for the learning process of Artificial Neural Networks (ANN) and Machine Learning (ML).The ANN predicted the probability for 94.7% of the cases of theft and the Machine Learning identified 100% of the cases. This method can be used to develop a support system for securing the rail infrastructure. Ključne besede: rail transport security, supply chain disruption, drones, security support systems, cargo theft, predicting, logistics, artificial neural network, drone monitoring, machine learning Objavljeno v DKUM: 28.01.2025; Ogledov: 0; Prenosov: 2
Celotno besedilo (1,93 MB) Gradivo ima več datotek! Več... |
5. Balancing software and training requirements for information securityDamjan Fujs, Simon Vrhovec, Damjan Vavpotič, 2023, izvirni znanstveni članek Opis: Information security is one of the key areas of consideration to assure reliable and dependable information systems (IS). Achieving an appropriate level of IS security requires concurrent consideration of the technical aspects of IS and the human aspects related to the end users of IS. These aspects can be described in the form of information security requirements. We propose an approach that helps select and balance information security software requirements (iSSR) and information security training requirements (iSTR) according to the information security performance of end users. The approach was tested in an experiment involving 128 IS professionals. The results showed that using the proposed approach helps IS professionals with limited experience in information security make significantly better decisions regarding iSSR and iSTR. Ključne besede: kibernetska varnost, eksperiment, informacijsko varnostni standardi, inženirstvo zahtev, usposabljanje končnih uporabnikov, informacijska varnost, cyber security, experiment, information security standard, requirements engineering, end user training, information security Objavljeno v DKUM: 13.11.2024; Ogledov: 0; Prenosov: 3
Povezava na celotno besedilo |
6. Barriers to knowledge sharing in the field of information securityJustyna Żywiołek, Joanna Rosak-Szyrocka, Borut Jereb, 2021, izvirni znanstveni članek Opis: Today, sharing knowledge requires taking into account many aspects. Variable environmental conditions, the people factor, and the security of resources are just a few that should be considered for a noticeable improvement in the functioning of the company. Supporting this course of action requires the identification of all barriers that may exist in the enterprise. Only the owner and senior management by establishing system and organizational changes can influence this element of the business. The aim of the article is to indicate the problems in this respect that block the proper functioning of the company in the field of information and knowledge exchange. The survey was conducted with the help of a questionnaire among 189 respondents. The industry has significantly decreased in the last few decades, currently there are 307 companies operating in Poland. Conclusions from the conducted research were collected on the basis of a questionnaire survey. The further stage of the research will be to compare the collected results with the results from Western European countries. Ključne besede: knowledge sharing, knowledge management, information security, knowledge exchange, business organization, Poland Objavljeno v DKUM: 22.10.2024; Ogledov: 0; Prenosov: 7
Celotno besedilo (484,62 KB) Gradivo ima več datotek! Več... |
7. |
8. ROBOTIC PROCESS AUTOMATION (RPA) IN AUDITINGFilip Tashkovski, 2024, diplomsko delo Opis: Auditing, as a form of control (for example over financial management or compliance), has traditionally relied on manual processes that are time-consuming, labor-intensive and prone to human error. With the advent of robotic process automation (RPA), there has been a paradigm shift from manual to automated processes in audit processes as well. Automation dates back to the 1990s, which led to the creation of robotic process automation (RPA) tools. Today we are approaching or we are in the fourth industrial revolution, the era of universal automation. RPA refers to the use of software robots (or "bots") to automate repetitive rule-based activities previously performed by humans. As companies try to keep up with rapid technological improvements, incorporating RPA into audit processes provides a number of benefits that can radically change auditing. RPA has emerged as a transformative technology in auditing, changing established approaches with its ability to improve productivity, accuracy and compliance. One of the most significant benefits of RPA in auditing is its ability to increase efficiency. Traditional audit procedures can sometimes be time-consuming and labor-intensive, as auditors must manually collect and evaluate data from multiple sources. RPA accelerates these activities by automating common tasks such as data entry, coordination and report generation. For example, an RPA robot can be trained to collect financial data from multiple sources (eg from multiple companies) and verify its accuracy using established criteria. This not only reduces the time required to perform audits, but also eliminates the possibility of human error. In addition to efficiency, there is another key advantage: accuracy. RPA enables auditors to take proactive measures to reduce risk, thereby protecting the financial integrity and reputation of the organization. By automating mundane and repetitive activities, RPA allows auditors to focus on more strategic activities that deliver value to the business. Auditors (in the broadest sense) can spend more time evaluating data models, finding areas for improvement, and making strategic suggestions to management. The aim of this bachelor's degree thesis is to explore and demonstrate the application of RPA in audit procedures, highlighting its benefits such as increased productivity, improved quality of rapid processing of large databases, improved risk management, and cost savings. The thesis also discusses the challenges and considerations related to the implementation of RPA in audit practices. The history of RPA is detailed, revealing its use by different industries and their goals. The thesis defines all types of RPA tools and their advantages and weaknesses. It also distinguishes between artificial intelligence (AI) and RPA, as it can confuse the activities of RPA tools with AI. Ključne besede: robotic process automation, RPA, monitoring, analytics, security, productivity, auditing, audit process. Objavljeno v DKUM: 09.09.2024; Ogledov: 25; Prenosov: 17
Celotno besedilo (1,64 MB) |
9. Data breaches in healthcare: security mechanisms for attack mitigationLili Nemec Zlatolas, Tatjana Welzer Družovec, Lenka Lhotska, 2024, izvirni znanstveni članek Opis: The digitalisation of healthcare has increased the risk of cyberattacks in this sector, targeting sensitive personal information. In this paper, we conduct a systematic review of existing solutions for data breach mitigation in healthcare, analysing 99 research papers. There is a growing trend in research emphasising the security of electronic health records, data storage, access control, and personal health records. The analysis identified the adoption of advanced technologies, including Blockchain and Artificial Intelligence, alongside encryption in developing resilient solutions. These technologies lay the foundations for addressing the prevailing cybersecurity threats, with a particular focus on hacking or malicious attacks, followed by unauthorised access. The research highlights the development of strategies to mitigate data breaches and stresses the importance of technological progress in strengthening data security. The paper outlines future directions, highlighting the need for continuous technological progress and identifying the gaps in the attack mitigations. Ključne besede: data security, privacy, sensitive personal information, electronic health records, cybersecurity Objavljeno v DKUM: 23.08.2024; Ogledov: 109; Prenosov: 8
Celotno besedilo (1,51 MB) |
10. The UN Sustainable Development Goals and Provision of Security, Responses to Crime and Security Threats, and Fair Criminal Justice Systems2024, znanstvena monografija Opis: The book comprises 14 peer-reviewed chapters based on research on crime and security threats in relation to the United Nations Sustainable Development Goals. The book represents a multidisciplinary work that combines different views of safety and security provision in local environments, at the national level, as well as in the international environment. The chapters include findings of a literature review, empirical research on crime and victimization of individuals, case studies, specific forms of crime, institutional and civil society responses to security threats, as well as legal and police and policing perspectives in relation to safety and security provision in modern society. Ključne besede: sustainable development goals, United Nations, safety and security, crime, security threats, criminology, criminal justice, fairness Objavljeno v DKUM: 08.07.2024; Ogledov: 164; Prenosov: 45
Celotno besedilo (12,32 MB) Gradivo ima več datotek! Več... |