Develop Comprehensive Cyber Security Recommendations for Future Development at Haaga-Helia UAS
Kumar, Pankaj; Kapatral, Shwetha (2024)
2024
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2024112730693
https://urn.fi/URN:NBN:fi:amk-2024112730693
Tiivistelmä
Higher Education Institutions (HEIs) have become highly vulnerable to recent cybersecurity attacks owing to the sensitive nature of personal, financial, and academic data they deal with. While the operation and organization of HIEs, digital platforms have taken center stage since the beginning of 2020, remote learning has evolved equally and changed the face of the cyber security landscape in higher education. The sophistication of modern cyber-attacks also continues to create adverse changes in this landscape. HEIs face a unique challenge in cybersecurity due to their open environments, wide networks, and valuable research data.
Therefore, it calls for efficient cybersecurity guidelines, policies, and mitigation factors recommended in the form of a framework, allowing HEIs to respond to incidents of security in an effective and timely way. The objective of this thesis is to provide a comprehensive recommendations to help Institutions like Haaga Helia UAS by exploring and identifying recent cybersecurity attacks, current ongoing academic discussion happening regarding these attacks and recommend mitigation steps to encounter these attacks so that they can create/update development plan and implement in their existing policies, guidelines, onboarding, ongoing trainings and day-to-day work. It employs a constructive research approach in achieving the scope and utilizing a collaborative development method to engage stakeholders within the HEIs. The data was gathered through literature reviews, case studies, incident reports and industry experts journals. The Thesis draws on existing standards and literature on Information and published report through Microsoft Security Intelligence, Federal bureau of Investigation Cyber Division, National Institute of Standards and Technology (NIST), SANS Institute, European Commission regulation, to form the theoratical framework of the Thesis.
The Process of this research work is to address and evaluate, compare the guidelines, recurring themes and mitigation policies and to assess their viability in current cybersecurity threat landscape by analyzing the publicly available cybersecurity guidance from HEIs sector. In order to established the facts data collection was conducted with US universities (.edu domain) and Finnish Universities of Applied Sciences using document analysis approach. The developed recommendations establishes guidelines and practices for creating a mindset and approach for handling cyber security attacks and data breaches in academics. The implementation of this process enables the HEIs to be sufficiently prepared to respond to handle security incidents and make sure that provided recommendations are applicable and efficient in the quickly changing threat landscape of today.
Therefore, it calls for efficient cybersecurity guidelines, policies, and mitigation factors recommended in the form of a framework, allowing HEIs to respond to incidents of security in an effective and timely way. The objective of this thesis is to provide a comprehensive recommendations to help Institutions like Haaga Helia UAS by exploring and identifying recent cybersecurity attacks, current ongoing academic discussion happening regarding these attacks and recommend mitigation steps to encounter these attacks so that they can create/update development plan and implement in their existing policies, guidelines, onboarding, ongoing trainings and day-to-day work. It employs a constructive research approach in achieving the scope and utilizing a collaborative development method to engage stakeholders within the HEIs. The data was gathered through literature reviews, case studies, incident reports and industry experts journals. The Thesis draws on existing standards and literature on Information and published report through Microsoft Security Intelligence, Federal bureau of Investigation Cyber Division, National Institute of Standards and Technology (NIST), SANS Institute, European Commission regulation, to form the theoratical framework of the Thesis.
The Process of this research work is to address and evaluate, compare the guidelines, recurring themes and mitigation policies and to assess their viability in current cybersecurity threat landscape by analyzing the publicly available cybersecurity guidance from HEIs sector. In order to established the facts data collection was conducted with US universities (.edu domain) and Finnish Universities of Applied Sciences using document analysis approach. The developed recommendations establishes guidelines and practices for creating a mindset and approach for handling cyber security attacks and data breaches in academics. The implementation of this process enables the HEIs to be sufficiently prepared to respond to handle security incidents and make sure that provided recommendations are applicable and efficient in the quickly changing threat landscape of today.