1. Some comments on the legal regulation on misinformation and cyber attacks conducted through online platformsKitti Mezei, Boldizsár Szentgáli-Tóth, 2023, original scientific article Abstract: What are the tools to effectively manage the new threats to the free flow of opinions to protect this essential precondition for a pluralist social and political system? As a basis for action at the community level, how can we protect users who use internet platforms to inform themselves on issues of public interest from disinformation attacks through cyberspace? Effective action against cyber-attacks that adversely affect certain fundamental rights requires a combination of instruments, creating the technological, economic, human and legal conditions for meaningful counter-measures. In legal terms, the guarantees that platform providers must offer each user to prevent cyber attacks and illegal content should be laid down, and legal instruments shou ld be put in place to ensure they are always available. In addition, in the event of misusing any content shared on the platform or of personal data made available to the operator, clear responsibilities should be established, and the extent to which the responsibility for protection lies with the platform operator or the user should be clarified. In our study, we outline regulatory options to address these challenges.
Keywords: cyber attacks, freedom of expression, online platforms, marketplace of ideas, digital services act
Published in DKUM: 02.10.2025; Views: 0; Downloads: 1
 Full text (407,39 KB)
This document has many files! More...
This document is also a collection of 1 document! |
2. |
3. Recent trends in information and cyber security maturity assessment : a systematic literature reviewAlenka Baggia, Alenka Brezavšček, 2025, review article Abstract: This work represents a comprehensive and systematic literature review (SLR)
that follows the PRISMA (Preferred Reporting Items for Systematic Reviews and MetaAnalyses) guidelines for research assessing information and cyber security maturity. The
period from 2012 to 2024 was considered and the final collection of 96 studies was taken
into account. Our findings were summarised in two stages, a quantitative analysis and
a qualitative synthesis. In the first part, various quantitative indicators were used to
analyse the evolution of the information and cyber security maturity assessment domain
over the last twelve years. The qualitative synthesis, which was limited to 36 research
papers, categorises the studies into three key areas: the development of new maturity
models, the implementation of established models and frameworks, and the advancement
of methodologies to support maturity assessments. The findings reveal significant progress
in sector-specific customisation, the growing importance of lightweight models for small
and medium-sized enterprises (SMEs), and the integration of emerging technologies. This
study provides important insights into the evolving landscape of information and cyber
security maturity assessment and provides actionable recommendations for academia and
industry to improve security resilience and support the adoption of tailored, effective
maturity models
Keywords: cyber security, information security, maturity assessment, maturity model, maturity framework, systematic literature review, SLR
Published in DKUM: 26.08.2025; Views: 0; Downloads: 3
Full text (2,49 MB)
This document has many files! More... |
4. Peer victimization and anxiety during COVID-19 pandemic : disentangling between and within person effectsKatja Košir, Tina Pivec, Ana Kozina, 2025, original scientific article Abstract: Peer victimization and anxiety are consistently positively correlated, though the longitudinal relationship remains inconsistent. Previous research often failed to ac count for the reciprocal relationship between traditional and cyber victimization, with limited evidence of the influence of broader societal factors. Thus, the present study aimed to longitudinally examine the relationship between victimization, cyber victimization, and anxiety within the specific context of the COVID-19 pandemic during one school year (2021/22), employing both the cross-lagged panel model and the random-intercept cross-lagged panel model. The study included 1766 stu dents (58.5% females; Mage= 15.33; SD = 1.20) from lower- and upper-secondary schools in Slovenia who participated in three time-points with approximately 8 weeks apart, with T1 occurring before school closures, T2 during school closures (which lasted 17–21 weeks), and T3 after school closures. Findings revealed that the relationship between anxiety and victimization changed across the school year. The results of the cross-lagged panel model indicated that traditional victimization in T1 positively predicted anxiety in T2, and anxiety in T2 positively predicted traditional victimization in T3. Cyber victimization at T2 predicted lower anxiety at T3. The results of the random-intercept cross-lagged panel model showed that t the within-person level, students experiencing more cyber victimization than ex pected reported greater subsequent victimization, especially after school closures. The study provides insights into the dynamics of the relationship between peer victimization and anxiety during a specific period of school closure. The findings do not fully align with any single theoretical model, highlighting the complexity of these interactions in the pandemic context. This study underscores the need to con sider broader socio-environmental factors in understanding the relationship between peer relationships and psychosocial outcomes.
Keywords: victimization, cyber victimization, enxiety, middle adolescents, longitudinal studies, school closure
Published in DKUM: 18.07.2025; Views: 0; Downloads: 6
Full text (1,34 MB)
This document has many files! More... |
5. Development of cyber security platform for experiential learningAbhishek Vaish, Ravindra Kumar, Samo Bobek, Simona Sternad Zabukovšek, 2024, original scientific article Abstract: The cyber security education market has grown-up exponentially, with a CAGR of 13.9 % as reported by Data Intelo. The report published by the World Economic Fo- rum 2023 indicates a shortfall of 2.27 million cyber security experts in 2021 across different roles and hence manifest that Skill-based cyber security education is the need of the hour. Cybersecurity as a field has evolved as a multi-discipline, multistakeholder and multi-role discipline. Therefore, the need to address formal education with an outcomebased philosophy is imperative to address for a wider audience with varied past training in their formal education. With the Internet becoming an essential part of human life, providing security of data passed over the Internet is becoming increasingly crucial. Therefore, the role in the organization which is quite demanding is to have expertise in handling and configuring network security, a subdomain of cyber security as a priority area. The rapid increase in the network attack landscape is constantly demanding monitoring of network attacks as well as a need to promote collaborative R&D and education in the sphere of cyber security due to a shortage of skilled resources. Platform-based education is a potential direction to achieve the objective and address the skill gap required in cyber security. The present research proposes a comprehensive web-based platform that can be used to communicate, collaborate and practice various use cases in the domain of network intrusion detection tools using machine learning algorithms and to evaluate user experience. The proposed platform CySecLearn is a collection of various functionalities and features that ensures experiential learning, will help the learner to develop critical thinking and expertise in network security and promote digital literacy in the domain of cyber security.
Keywords: digital education, cyber security, platformization, online simulation, user feedback, experiential learning
Published in DKUM: 30.06.2025; Views: 0; Downloads: 23
Full text (1,66 MB)
This document has many files! More... |
6. Balancing software and training requirements for information securityDamjan Fujs, Simon Vrhovec, Damjan Vavpotič, 2023, original scientific article Abstract: Information security is one of the key areas of consideration to assure reliable and dependable information systems (IS). Achieving an appropriate level of IS security requires concurrent consideration of the technical aspects of IS and the human aspects related to the end users of IS. These aspects can be described in the form of information security requirements. We propose an approach that helps select and balance information security software requirements (iSSR) and information security training requirements (iSTR) according to the information security performance of end users. The approach was tested in an experiment involving 128 IS professionals. The results showed that using the proposed approach helps IS professionals with limited experience in information security make significantly better decisions regarding iSSR and iSTR.
Keywords: kibernetska varnost, eksperiment, informacijsko varnostni standardi, inženirstvo zahtev, usposabljanje končnih uporabnikov, informacijska varnost, cyber security, experiment, information security standard, requirements engineering, end user training, information security
Published in DKUM: 13.11.2024; Views: 0; Downloads: 7
 Link to full text |
7. |
8. Cyber (in)security of personal data and information in times of digitizationMiha Dvojmoč, Mojca Tancer Verboten, 2022, original scientific article Abstract: In an employment relationship, work and pay are no longer the only important aspects, as importance is increasingly shifting toward obligations concerning the protection of personal data and privacy arising from the prohibition of causing harm to the employer and the duty of loyalty to the employer. The article deals with the constitutionally protected right to privacy and the protection of personal data from the point of view of ensuring cyber security at the employer. The employer is obligated to protect the right to privacy by legal provisions, whereas from the point of view of ensuring the protection of privacy and information, the employer must protect, first and foremost, the personal data of employees. The main purpose of the legal protection of personal data is the lawful and fair processing of the personal data of individuals. Employers are thus facing an increasing number of risks related to the safety of employees and the security of business processes, and it is therefore important to establish comprehensive corporate security to ensure adequate security across all levels.
Keywords: cyber security, protection of personal data, protection of privacy, cyber threats, protection of business secrets
Published in DKUM: 11.06.2024; Views: 150; Downloads: 34
Full text (375,13 KB)
This document has many files! More... |
9. Identifying key activities, artifacts and roles in agile engineering of secure software with hierarchical clusteringAnže Mihelič, Tomaž Hovelja, Simon Vrhovec, 2023, original scientific article Abstract: Different activities, artifacts, and roles can be found in the literature on the agile engineering of secure software (AESS). The purpose of this paper is to consolidate them and thus identify key activities, artifacts, and roles that can be employed in AESS. To gain initial sets of activities, artifacts, and roles, the literature was first extensively reviewed. Activities, artifacts, and roles were then cross-evaluated with similarity matrices. Finally, similarity matrices were converted into distance matrices, enabling the use of Ward’s hierarchical clustering method for consolidating activities, artifacts, and roles into clusters. Clusters of activities, artifacts, and roles were then named as key activities, artifacts, and roles. We identified seven key activities (i.e., security auditing, security analysis and testing, security training, security prioritization and monitoring, risk management, security planning and threat modeling; and security requirements engineering), five key artifacts (i.e., security requirement artifacts, security repositories, security reports, security tags, and security policies), and four key roles (i.e., security guru, security developer, penetration tester, and security team) in AESS. The identified key activities, artifacts, and roles can be used by software development teams to improve their software engineering processes in terms of software security.
Keywords: secure software development, security engineering, agile methods, agile development, software development, software engineering, software security, application security, cybersecurity, cyber resilience
Published in DKUM: 29.11.2023; Views: 417; Downloads: 14
Full text (557,17 KB)
This document has many files! More... |
10. Country life in the digital era : comparison of technology use and cybercrime victimization between residents of rural and urban environments in SloveniaIgor Bernik, Kaja Prislan Mihelič, Anže Mihelič, 2022, original scientific article Abstract: Cybercrime is one of the most significant security challenges of the 21st century. However, official statistics do not provide insights into its prevalence and nature. Representative cross-sectional field studies may help fill this gap, focusing on differences between urban and rural technology users. We (a) investigated the association between the purpose of computers and other electronic device usage and perceived vulnerability, (b) compared the differences in the purpose of computers or other electronic device use and perceived vulnerability, and (c) compared the perceived cyber victimization between residents of rural and urban areas. We conducted a field study that resulted in a representative sample of the Republic of Slovenia in Europe. We found several significant differences in the purpose of technology use and perceived cyber victimization. Furthermore, the results indicate that the purpose of technology use is somehow associated with perceived vulnerability in cyberspace; however, such associations are different in cyberspace than in the material world.
Keywords: cyber victimization, cybercrime, rural environment, technology use, perceived vulnerability
Published in DKUM: 31.07.2023; Views: 413; Downloads: 67
Full text (840,72 KB)
This document has many files! More... |
