ABSTRACT
Events that attract worldwide attention, such as the Olympic and Paralympic Games and international exhibitions, have become easy targets for cyber attacks, and it is no longer rare to hear of reports of damage from such attacks. The Olympic and Paralympic Games Tokyo 2020 was held in 2021 after a oneyear delay due to the novel coronavirus (COVID-19), and NTT, as a Gold Partner (Telecommunications Services), had the responsibility of managing the network infrastructure supporting the Tokyo 2020 Games, thus dealing with the threat of cyber attacks. This article describes how NTT-CERT (NTT Computer Security Incident Response and Readiness Coordination Team) of NTT Social Informatics Laboratories faced cyber attacks as the representative computer security incident response team of the NTT Group. © 2022 Nippon Telegraph and Telephone Corp.. All rights reserved.
ABSTRACT
Purpose: This paper aims to discuss the experiences designing and conducting an experiential learning virtual incident response tabletop exercise (VIRTTX) to review a business's security posture as it adapts to remote working because of the Coronavirus 2019 (COVID-19). The pandemic forced businesses to move operations from offices to remote working. Given that this happened quickly for many, some firms had little time to factor in appropriate cyber-hygiene and incident prevention measures, thereby exposing themselves to vulnerabilities such as phishing and other scams. Design/methodology/approach: The exercise was designed and facilitated through Microsoft Teams. The approach used included a literature review and an experiential learning method that used scenario-based, active pedagogical strategies such as case studies, simulations, role-playing and discussion-focused techniques to develop and evaluate processes and procedures used in preventing, detecting, mitigating, responding and recovering from cyber incidents. Findings: The exercise highlighted the value of using scenario-based exercises in cyber security training. It elaborated that scenario-based incident response (IR) exercises are beneficial because well-crafted and well-executed exercises raise cyber security awareness among managers and IT professionals. Such activities with integrated operational and decision-making components enable businesses to evaluate IR and disaster recovery (DR) procedures, including communication flows, to improve decision-making at strategic levels and enhance the technical skills of cyber security personnel. Practical implications: It maintained that the primary implication for practice is that they enhance security awareness through practical experiential, hands-on exercises such as this VIRTTX. These exercises bring together staff from across a business to evaluate existing IR/DR processes to determine if they are fit for purpose, establish existing gaps and identify strategies to prevent future threats, including during challenging circumstances such as the COVID-19 outbreak. Furthermore, the use of TTXs or TTEs for scenario-based incident response exercises was extremely useful for cyber security practice because well-crafted and well-executed exercises have been found to serve as valuable and effective tools for raising cyber security awareness among senior leadership, managers and IT professionals (Ulmanová, 2020). Originality/value: This paper underlines the importance of practical, scenario-based cyber-IR training and reports on the experience of conducting a virtual IR/DR tabletop exercise within a large organisation. © 2023, Emerald Publishing Limited.
ABSTRACT
The writing of this article aims to describe how the coordination efforts of Ministries / Institutions and the Private Sector in handling cyber threats through the formation of a Computer Securtiy Incident Response Team (CSIRT). The research method used is a qualitative method through the study of literature from various reference sources and other documents. The writing of this article is descriptive and explanatory to obtain facts and describe a comparative analysis of cyber threat handling policies through CSIRT in various countries with Indonesia. The secondary data used are obtained not from direct observation but rather obtained from several previous studies such as research reports and other important documents. The result of this research is how collaboration is carried out by Ministries/Institutions and the Private Sector in handling cyber threats through the formation of a Cyber Incident Response Team organization. [ FROM AUTHOR]
ABSTRACT
A series of vaccine incidents have stimulated vaccine hesitance in China over the last decade. Many scholars have studied the institutional management of these incidents, but a qualitative study of stakeholders' perspectives on vaccine hesitancy in China is missing. To address this lacuna, we conducted in-depth interviews and collected online data to explore diverse stakeholders' narratives on vaccine hesitance. Our analysis shows the different perspectives of medical experts, journalists, parents, and self-defined vaccination victims on vaccination and vaccination hesitance. Medical experts generally consider vaccines, despite some flaws, as safe, and they consider most vaccine safety incidents to be related to coupling symptoms, not to vaccinations. Some parents agree with medical experts, but most do not trust vaccine safety and do not want to put their children at risk. Media professionals, online medical experts, and doctors who do not need to align with the political goal of maintaining a high vaccination rate are less positive about vaccination and consider vaccine hesitance a failure of expert-lay communication in China. Our analysis exhibits the tensions of medical expert and lay perspectives on vaccine hesitance, and suggests that vaccination experts 'see like a state', which is a finding consistent with other studies that have identified the over-politicization of expert-lay communication in Chinese public discourse. Chinese parents need space to express their concerns so that vaccination programs can attune to them.