Information Assurance Policy Essay For Cerious Cybernetics Corp.

Importance of Information Assurance

Information assurance refers to as the practice to secure against and manage risks that are associated to the utilization, storage and transfer of confidential data. Hence, the existing risks and threats related to information security and privacy are avoided and the respective organizational management gains maximum efficiency, without much complexity (Sosin 2018). Cerious Cybernetics Corporation is a private cybernetics research and development organization that would be requiring a robust and comprehensive policy for information assurance. As a result, the organizational risks would be identified and treated on a priority basis for dealing with the complexities and issues.

The business functions of the organization are HR, information technology, service level agreement, data governance and many more. Since they are involved with several vital and significant contracts; it had been quite distinctive for them to consider new and innovative aspects of information assurance with a combined and managerial, technical as well as organizational perspective. Hence, all the resource implications would be required to be focused and properly supported. This report provides a brief description on a robust and comprehensive information assurance policy and practice with a service improvement plan or SIP for the organization of Cerious Cybernetics Corporation.

Identification of the, Robust and Comprehensive IA and Risk Management Policy, Procedure and Practice

There had been a major growth and development of telecommunications network for the dependency over networks and it makes the communities’ incrementing vulnerable to different cyber threats and attacks, which can intersect, destroy and destroy important services (Sadiku, Alam and Musa 2017). The role and utilization of IA has developed and evolved and as a result, data up gradations and backups would be focused. When the volume of data has incremented, the activity of IA initiated for becoming automated by decreasing the usage of operator intervention as well as enabling for the subsequent creation of an immediate backup. The most distinct development of IA is the deployment of dispersed systems for proper processing as well as storage of information via various techniques with cloud computing (Utomo, Wills and Walters 2020). Cerious Cybernetics require three generations of information technologies, which include prevention of intrusions, detection of intrusions and for survivability.

A fit for purpose, robust as well as comprehensive IA and risk management policy and procedure would be required for the business of Cerious Cybernetics and it involves five pillars that involve availability, integrity, authentication, non repudiation and confidentiality. Authenticity refers to as the authentication of the rationality of a transmission and procedure in an IS. It would also provide the recipient confidence in the validity of data senders (Porsev and Bulatov 2019). There exists different methods for bolstering authentication, majorly breaking down into three distinct methodologies for the personally identifiable information. Such kind of policy is termed as the most vital element for a highly successful information assurance management program and also ensures that it would be easier for Cerious to manage their risks and threats.

Since the organization has employed a total of 60 full time staff and 20 agency staff; it would be vital for them to ensure that a highly advanced information assurance and risk management program for the business processes and operations. The risk management policy would be required for ensuring that risk assessment is extremely significant and any kind of damage would be avoided, without any kind of complexity or issue (Sun, Hahn and Liu 2018). Moreover, the aspects for bolstering authentication would be removed and better integrity management would be emphasized on top level priority. Users’ authentication is the most critical enabler for better informational integrity and one of the major methodologies for information exchange would be focused. They would consider the usage of redundant chip and software designing for ensuring that the failure of authentication can be avoided for maintaining information integrity since it would enable an unauthenticated party for altering content.

Five Pillars of IA and Risk Management Policy and Procedure

The comprehensive policy and practice of Cerious Cybernetics would also consider the aspect of availability. Hence, the organizational management is able to preserve the data that has the chance of modification and theft by unauthenticated individuals (Edgar and Manz 2017). A higher accessibility of data is preserved via an increment within the storage system or even within channel reliability. The breaches within data accessibility could result from a major outage in power, failure in hardware and even distributed denial of service attacks. The main objective of high availability is preserving access to the information and such availability of data could be boosted by the usage of the backup power, continuous signal, offsite abilities and even spare data channels. Confidentiality is the main essence or security measure that is responsible for securing against who is capable of accessing the data that is being done by protecting the unauthenticated individual, who has the capability of changing the information (Schatz, Bashroush and Wall 2017).

This particular aspect is even ensured with the usage of encryption and cryptography for the confidential data. Security policy information labelling and regulations are easily identified for ensuring that there would be a non-disclosure of information. The next distinct aspect of information assurance and risk assessment policy is non-repudiation. It is the basic integrity of information to be accurate to the origin that averts probable denial, for which an activity has taken place (Gupta 2018). An incrementing non-repudiation also makes it highly difficult for denying that the confidential comes from a specific source. It ensures that the respective organizational member could not clash with the source or legitimacy of information. This particular non-repudiation includes a decrease to the integrity of data while the data is within transit, usually via the utilization of a phishing attack or MITM attack. Risk management in the organization breaks down in three vital processes, which include risks’ assessment, risks’ mitigation as well as evaluation. IA is one of the most distinct methodologies that the companies utilize to deploy business risk management (Lallie et al. 2021). Different security executives are present that are moving to a dependency on IA for the purpose of protecting intellectual properties and even protecting against potential information leakage or protecting the users against themselves.

The robust and fit for purpose policy of information assurance or risk management policy is required for the core purpose of developing a shared vision of the expected features of informational assurance and risk management for determining the most appropriate resources, which are required to accomplish the respective state. The information assurance procedure initiates with the enumeration as well as categorization of the informational assets to be secured. Moreover, the practitioner of information assurance would be performing a risks’ assessment for the assets (Srinivas, Das and Kumar 2019). Different vulnerabilities within the information assets are being determined for the core purpose of enumerating the threats that have the ability to exploit various assets. An assessment also considers both the impact and probability of a threat, exploiting the distinct vulnerability within an asset with the effect usually checked in respect to expense of the stakeholders of the assets. The total cost of the information assets would be identified and considered for better and effective results, so that the errors are eradicated and the policy would be free from any kind of discrepancy.

Risk Management for Cerious Cybernetics Corporation

As soon as the risk assessment is completed, the practitioner of information assurance helps in developing a risk management plan and the plan can propose counter measures, which include mitigation, elimination, acceptance and transferring the risks as well as consideration of prevention, detection as well as response to the risks. A framework that is being published by the standardized organization like NIST model, Risks’ IT, COBIT, ISO/ IEC 27002 and PCI DSS (El Mrabet et al. 2018). The counter measures might involve different technical tools like antivirus software and firewalls, procedures and policies requiring these controls as constant backups as well as configurations’ hardening, employees’ training within security awareness and organizing team members to the dedicated computerized emergency responses’ team or computerized security incident responses’ team. The advantage and cost of every counter measure would be considered for the betterment of the organizational security and informational privacy. When the risk management plan would be deployed, it would be tested and evaluated through formal audits (Apruzzese et al. 2018).

The entire procedure of IA is an iterative one in such an aspect that the risks’ management plan and risk assessment aspects would be periodically revised as well as improved, on the basis of data gathered regarding the effectiveness and completeness. There are two vital Meta techniques for information assurance and these include audit and risk assessment (Gunduz and Das 2020). The organizational management of Cerious Cybernetics would be capable to gain some of the major as well as the most distinctive advantages through the risk management policy aspects and these include framing regulatory issues, considering risks, which are not apparent and even providing major insights or support to the respective board of directors with a chance of building a better and effective defence to class actions or activities.

Hence, business liability would be reduced and a highly advanced process would be considered, without any kind of complexity or issue. The importance of information technology risk management by identifying and analysis of the potential vulnerabilities with the enterprise IT network. The companies could better prepare for cyber threats and attacks and work for reducing the effects of the cyber security incident. The benefits of information assurance and risk management policy ensures the involvement of a regulatory requirement in a few industries for gaining features like reduced uncertainty for the future  and maintaining better awareness and improvement without much complexity (Thames and Schaefer 2017). The most advanced tool for making an appropriate decisions for Cerious Cybernetics would also be needed to enhance performance and improved culture.

A regular review of policy and procedure would be needed to be considered in the organization for a successful establishment of the organizational rules for handling data. Policies provide a wider outline of the organizational principles, in which the procedures can provide details of the aspects to be done accordingly. Hence, remote access and password protection policy would be emphasized and new rules would be focused for acceptable usage. The businesses could ensure that the employees can understand the security obligations and focus on various aspects that are taught in the staff awareness training. A highly technical minded policy even provide the most vital assistance for the security solutions that are offered by information technology (Taylor et al. 2020). It would also be required to consider better assessment and improvement for cyber security. An updated framework is needed to be created for enabling the business to make new changes in an efficient manner and without having to modify the method to be operated. The entire team of information technology requires to deploy a completely new technology for tackling an emerging threat. Hence, poor data security management would be focused and third party vendor management would be easier.

Non-repudiation and Risk Assessment Policy

Relevant Risks’ Assessment, Treatment and Management in Present and Future Provision

A risks’ assessment would be needed in Cerious Cybernetics Corporation for ensuring that different potential hazards would be identified as well as analysed for the factors to occur when the hazard take place (Al-Mhiqani et al. 2018). A BIA or business impact analysis refers to as the process for identifying the potential effects, which can result from the subsequent interruption of time sensitive or critical business related aspects. Five distinctive principles for risks’ assessment mainly include recognition of hazards, deciding of the individuals to be harmed, evaluation of various risks and taking effective actions, making a proper record of the findings and even checking for the risks’ assessment. A proper process of risks’ assessment determines the most possible issues, likelihood as well as consequences and even tolerances for these events. The outcomes of the procedure might be expressed in a qualitative or quantitative attribute (Maglaras et al. 2018). Risks’ assessment is the most intrinsic part of a wider strategy for risks’ management for helping to decrease any specific risks’ related aspects.

Risks’ assessment is required in individual cases for the organizational members. There is a high tendency for different individuals to be lesser rational, as soon as risks and threats would concern themselves as being opposed to other aspects. Moreover, there is even a tendency for underestimation of risks, which are voluntary or in which the individual considers themselves as being in major control. As they are dealing with different research projects or governmental activities; it would be vital and significant for them to ensure that the policy of risk assessment and management is appropriate and the existing risks and threats would be avoided (Nguyen and Reddi 2019). A major commitment is required to be made to implement an overall management of the risks, so that maximum efficiency and effectiveness would be obtained and Cerious Cybernetics would be benefitted. Risks’ assessment comprises of a goal of assessment of risk, in which the uncertainties and assumptions would be effectively considered and presented.

Cerious Cybernetics would be considering risk assessments in their business for reducing the societal risks and also becoming extremely critical for eradicating incidents, improvising safety as well as improving results. Risks’ assessment in the business would be involving identification of risks with its potential consequences and even the core probability of occurrence and even focusing on the acceptability of the risks (Teoh and Mahmood 2017). New methods would be focused for mitigating and reducing the probability of risks by an involvement of the documentation of the risk assessment as well as the findings, deployment of the mitigation methodologies and reviewing of the assessment that are coupled with up gradations, whenever required. One of the major and the most vital aspects that would be needed to be considered in the business for focusing on risk assessment and treatment is by identifying the major risks and threats. The major information security risks that are prevalent for Cerious Cybernetics are provided belwo:

1. i) Malware: One of the major and the most significant cyber security risks is malware. It takes place when an unwanted piece of software or programming installs itself over a specific targeted system that can cause unusual activity (Li 2018). It ranges from denying accessibility to the programs, deletion of files and stealing of data as well as spreading itself to other systems. Anti malware programs are needed to be installed on a top level priority for recognizing suspicious links, websites and files that are referred to as effective for implementing malware.
2. ii) Password Theft: Another common cyber security threat is password theft. The main aspect is the unwanted 3^rdparty managed for stealing or guessing the password and considers that the hacker would be hacking the passwords and using them for personal usage. This type of attack is one of the most common formats for corporate and personal data breach and the attack takes place when the hacker tries to steal the respective password (Khisamova, Begishev and Sidorenko 2019).

Role of IA in Business Risk Management

iii) Traffic Interception: The next distinctive risk for cyber security is traffic interception. It is also termed as eavesdropping for the cyber security experts. Traffic interception takes place as soon as a third party considers the information, being sent within a host and a user. The type of information stolen can vary, on the basis of the traffic; however is often utilized for taking logins or valuable data.

1. iv) Phishing Attacks: Phishing attacks are referred to as the oldest attacking methodology and they depend over social engineering for accomplishing the objective or goal.an end user receives a message or email that eventually requests for confidential information like password (Berman et al. 2019). The subsequent phishing message also appears official with the help of legitimate appearing addresses and even media. It helps to compel an individual for clicking on links and gives away the most sensitive information in such circumstance.
2. v) Distributed Denial of Service: This particular attack is a popular attacking methodology, in which the malicious parties eventually target various servers by overloading them with users’ traffic. As soon as a server could not handle the respective requests, this specific website that is being hosted, completely shuts down or even slows to the unusable performances.
3. vi) Cross Site Attack: Cerious Cybernetics Corporation might even be a victim for cross site attack, in which the third party would be targeting a vulnerable website and one would be lacking encryption accordingly (Manulis et al. 2021). As soon as the target would be considered on top level priority, there would be dangerous code loading to the site. As soon as a legitimate user accesses the distinct website, the payload would be eventually delivered either to the system or to the browser and hence causing unwanted behaviour. The major objective is either disrupting the standardized services or stealing users’ data. Encryption technique can be used for this purpose to ensure that the issues and complexities are avoided and maximum security is enhanced to a high level.

vii) Zero Day Exploitation: It is a type of exploitation that is a targeted attack against a specific system, software and network. Such attack considers the benefit of an overlooked security problem and looking to cause unusual behaviour, damaging data and stealing information. Such vulnerability can take place for the extended period, even before it is being discovered and the risk management in Cerious Cybernetics becomes easier (Yavanoglu and Aydos 2017). Hence, a proper management of the exploitation becomes vital and significant for the business processes and operations.

viii) SQL Injection: Another vital and significant attack that is prevalent in the organization is SQL injection. Such attack is essentially data manipulation that is being deployed for accessing information that is not meant to be available.

1. ix) Man in the Middle Attack: It takes place when a 3^rdparty hacks a specific session within a customer and host. The hacker usually hides itself with a specific spoofed IP address, separates the customer and even requests confidential data from the customer (Furnell, Fischer and Finch 2017).
2. x) Ransomware Attack: This particular attack installs itself over a users’ system or network and as soon as it is being installed, it prevents accessibility to the functions, until and unless a ransom is being paid to the third parties.

A risk assessment and management for the cyber security risks is provided below:

Serial Number	Cyber Security Risks	Likelihood	Impact	Mitigation Actions
1.	Malware	High	Medium	The involvement of antimalware and antivirus software can be extremely effective for reducing the negative impacts of malware.
2.	Password Theft	Medium	Low	The implementation of firewall technology can be effective for mitigating the risk of password theft (Galinec, Možnik and Guberina 2017).
3.	Traffic Interception	Low	Medium	The organizational management of Cerious Cybernetics can involve encryption for reducing the negative impact of traffic interception.
4.	Phishing attack	High	Medium	Proper training to the employees related to awareness of phishing can be an effective mitigation action.
5.	Distributed denial of service attack	High	High	It is needed to identify the malicious traffic as well as halting of accessibility to focus on the malicious IPs. Hence, the vulnerable servers would be managed (Do et al. 2017).
6.	Cross site attack	High	Medium	The mitigation action for cross site attack would be cryptography and encryption technology.
7.	Zero Day Exploitation	Low	Low	The organizational management of Cerious Cybernetics would require to maintain effective safety habits for dealing with the zero day exploits (Gratian et al. 2018).
8.	SQL Injection	Medium	High	A deployment of smart firewalls would be effective for preventing SQL injection attack and proper codes would be developed for identifying the illegal user inputs.
9.	Man in the middle attack	High	High	The usage of HTMLS5 and encryption would be appropriate for preventing this particular attack.
10.	Ransomware attack	High	High	It is needed to keep antivirus programs updated and malicious links to be avoided for preventing the ransomware attacks.

Table 1: Risk Assessment and Management of Cerious Cybernetics Corporation

(Source: Created by the Author in MS Word)

A service improvement plan would be effective for Cerious Cybernetics Corporation for better results and efficiency in the business processes and operations. It is a formal plan for deploying the improvements to services as well as information procedures. It is the most distinctive systematic approach, which utilizes specified techniques for delivering and measuring sustained improvements within higher quality. It is the tool for managing improvement initiatives (Wallden and Kashefi 2019). The service improvement plan for Cerious Cybernetics Corporation comprises of every relevant information for a specific improvement initiative.

The main format of the plan is updated and when it is referred to as suitable for the business; there would be a high chance of cyber security management and better improvement initiatives. It would be providing a complete roadmap to the structure and processes to be followed in the business and also improving the level of services, provided by the specific organization in their business (Petrenko 2018). The consideration of ITIL framework would be required in such circumstance and every IT procedure would be followed accordingly. The service improvement plan for Cerious Cybernetics is provided in the following paragraphs:

1. i) Purpose: The most distinct purpose of the service improvement plan for Cerious would be improvising the entire result of the information technology servicing support as well as ensuring that every existing service of the business would be updated and even checked to focus on better improvements and constant effort (Alhayani et al. 2021).
2. ii) Overview: The organization would require to focus on new procedures, so that an effective consideration is possible and the probable risks and threats are avoided, under every circumstance. A highly advanced technology would be considered for the research projects and new and effective processes and operations would be focused for the research projects.

iii) Scope: The main scope of the service improvement plan would be that there would be a continuous servicing improvement and the customers would be able to gain maximum advantages and efficiency accordingly. Moreover, Cerious Cybernetics would also focus on web accessibility and service improvement to focus on better results (Husák et al. 2018). Corporate governance issues like privacy, standards, compliance, business continuity and disaster recovery aspects would be focused on top level priority and hence, user experiences would be enhanced accordingly.

Conclusion and Recommendations

Therefore, it can be concluded that information assurance and risk management in needed in Cerious Cybernetics for ensuring that better efficiency and effectiveness would be gained and the organizational processes and operations would be benefitted accordingly. It is needed for protecting integrity, authenticity, availability, confidentiality and non-repudiation of users’ data. Information assurance even encompasses the digital protections with new physical techniques. Such protections even are applicable to data in transit with electronic and physical format and even data at rest.

Information risks’ management was the business outcome for the organization to focus on the new and effective business processes and operations. This report has provided a detailed discussion on a robust policy of information assurance and risk management for the future provision as well as a highly improved service improvement plan for the organization of Cerious Cybernetics Corporation.

A few suitable recommendations to Cerious Cybernetics for their information assurance are listed below:

1. i) One of the major and the most distinct recommendations for information assurance and risk management is supporting cyber security staff. The security teams would be requiring to consider a highly advanced and effective process for dealing with the complex programs related to information security and hence gaining better results and efficiency. The security measures should be present for all the organizational members and also ensure that a better result would be obtained.
2. ii) The next distinct recommendation for information assurance in Cerious Cybernetics is conducting annual staff awareness training. The most distinctive threats of information security are phishing and ransomware and these are mainly conducted through human involvement. Hence, the organizational management requires to ensure that all the members are well trained, so that they are able to reduce the negative impacts successfully and prevent data breaches.

iii) It is also recommended to prioritize risk assessments for their cyber security program. It is the only method for ensuring that the controls, selected are accurate to the risks, faced by the organization. The business can be referred to as liable for ignoring risks, which can have devastating impacts on the business and hence new and effective strategies would be needed to be focused in Cerious.

References

Alhayani, B., Mohammed, H.J., Chaloob, I.Z. and Ahmed, J.S., 2021. Effectiveness of artificial intelligence techniques against cyber security risks apply of IT industry. Materials Today: Proceedings.

Al-Mhiqani, M.N., Ahmad, R., Yassin, W., Hassan, A., Abidin, Z.Z., Ali, N.S. and Abdulkareem, K.H., 2018. Cyber-security incidents: a review cases in cyber-physical systems. Int. J. Adv. Comput. Sci. Appl, (1), pp.499-508.

Apruzzese, G., Colajanni, M., Ferretti, L., Guido, A. and Marchetti, M., 2018, May. On the effectiveness of machine and deep learning for cyber security. In 2018 10th international conference on cyber Conflict (CyCon) (pp. 371-390). IEEE.

Berman, D.S., Buczak, A.L., Chavis, J.S. and Corbett, C.L., 2019. A survey of deep learning methods for cyber security. Information, 10(4), p.122.

Do, C.T., Tran, N.H., Hong, C., Kamhoua, C.A., Kwiat, K.A., Blasch, E., Ren, S., Pissinou, N. and Iyengar, S.S., 2017. Game theory for cyber security and privacy. ACM Computing Surveys (CSUR), 50(2), pp.1-37.

Edgar, T. and Manz, D., 2017. Research methods for cyber security. Syngress.

El Mrabet, Z., Kaabouch, N., El Ghazi, H. and El Ghazi, H., 2018. Cyber-security in smart grid: Survey and challenges. Computers & Electrical Engineering, 67, pp.469-482.

Furnell, S., Fischer, P. and Finch, A., 2017. Can't get the staff? The growing need for cyber-security skills. Computer Fraud & Security, 2017(2), pp.5-10.

Galinec, D., Možnik, D. and Guberina, B., 2017. Cybersecurity and cyber defence: national level strategic approach. Automatika: ?asopis za automatiku, mjerenje, elektroniku, ra?unarstvo i komunikacije, 58(3), pp.273-286.

Gratian, M., Bandi, S., Cukier, M., Dykstra, J. and Ginther, A., 2018. Correlating human traits and cyber security behavior intentions. computers & security, 73, pp.345-358.

Gunduz, M.Z. and Das, R., 2020. Cyber-security on smart grid: Threats and potential solutions. Computer networks, 169, p.107094.

Gupta, B.B. ed., 2018. Computer and cyber security: principles, algorithm, applications, and perspectives. CRC Press.

Husák, M., Komárková, J., Bou-Harb, E. and ?eleda, P., 2018. Survey of attack projection, prediction, and forecasting in cyber security. IEEE Communications Surveys & Tutorials, 21(1), pp.640-660.

Khisamova, Z.I., Begishev, I.R. and Sidorenko, E.L., 2019. Artificial Intelligence and Problems of Ensuring Cyber Security. International Journal of Cyber Criminology, 13(2), pp.564-577.

Lallie, H.S., Shepherd, L.A., Nurse, J.R., Erola, A., Epiphaniou, G., Maple, C. and Bellekens, X., 2021. Cyber security in the age of covid-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, p.102248.

Li, J.H., 2018. Cyber security meets artificial intelligence: a survey. Frontiers of Information Technology & Electronic Engineering, 19(12), pp.1462-1474.

Maglaras, L.A., Kim, K.H., Janicke, H., Ferrag, M.A., Rallis, S., Fragkou, P., Maglaras, A. and Cruz, T.J., 2018. Cyber security of critical infrastructures. Ict Express, 4(1), pp.42-45.

Manulis, M., Bridges, C.P., Harrison, R., Sekar, V. and Davis, A., 2021. Cyber security in new space. International Journal of Information Security, 20(3), pp.287-311.

Nguyen, T.T. and Reddi, V.J., 2019. Deep reinforcement learning for cyber security. arXiv preprint arXiv:1906.05799.

Petrenko, S., 2018. Cyber security innovation for the digital economy. River Publishers.

Porsev, K.I. and Bulatov, M.F., 2019. Method to improve Information Assurance Quality for Research and Development at Knowledge-based Enterprises. Quality-Access to Success, 20(168).

Sadiku, M.N., Alam, S. and Musa, S.M., 2017. Information assurance benefits and challenges: An introduction. Information & Security, 36(1), pp.1-5.

Schatz, D., Bashroush, R. and Wall, J., 2017. Towards a more representative definition of cyber security. Journal of Digital Forensics, Security and Law, 12(2), p.8.

Sosin, A., 2018. How to increase the information assurance in the information age. Journal of Defense Resources Management (JoDRM), 9(1), pp.45-57.

Srinivas, J., Das, A.K. and Kumar, N., 2019. Government regulations in cyber security: Framework, standards and recommendations. Future Generation Computer Systems, 92, pp.178-188.

Sun, C.C., Hahn, A. and Liu, C.C., 2018. Cyber security of a power grid: State-of-the-art. International Journal of Electrical Power & Energy Systems, 99, pp.45-56.

Taylor, P.J., Dargahi, T., Dehghantanha, A., Parizi, R.M. and Choo, K.K.R., 2020. A systematic literature review of blockchain cyber security. Digital Communications and Networks, 6(2), pp.147-156.

Teoh, C.S. and Mahmood, A.K., 2017, July. National cyber security strategies for digital economy. In 2017 International Conference on Research and Innovation in Information Systems (ICRIIS) (pp. 1-6). IEEE.

Thames, L. and Schaefer, D., 2017. Cybersecurity for industry 4.0. Heidelberg: Springer.

Utomo, R.G., Wills, G. and Walters, R., 2020. A framework for factors influencing the implementation of information assurance for e-Government in Indonesia. International Journal on Advanced Science, Engineering and Information Technology, 10(3), pp.1025-1034.

Wallden, P. and Kashefi, E., 2019. Cyber security in the quantum era. Communications of the ACM, 62(4), pp.120-120.

Yavanoglu, O. and Aydos, M., 2017, December. A review on cyber security datasets for machine learning algorithms. In 2017 IEEE international conference on big data (big data) (pp. 2186-2193). IEEE.