Presenting a Conceptual Model of Leveling Types of Threats in Security and Cyber Defense of Knowledge-Based Organizations in the Country

Document Type : Original Article

Authors

1 Department of Information Technology Management, Islamic Azad University, South Tehran Branch, Tehran, Iran

2 Research Assistant Professor, Security Research Institute, Communication and Information Technology Research Center, Tehran, Iran

Abstract

In recent years, the rapid development of knowledge-based organizations and companies and the need to pay attention to all kinds of threats, attacks are considered as the most important factor in their development. Therefore, the survival of these organizations depends on the principle of leveling all types of threats and presenting a comprehensive conceptual model in these organizations. The main purpose of the research is to present a conceptual model of the leveling of various threats in the security and cyber defense of knowledge-based organizations in the country. The methodology of the above research is based on the type of research to provide a conceptual model, it has a practical aspect, according to the purpose, it is of a developmental-applicative type, considering the dimensions of the research that It deals with theoretical, functional and operational areas. This research is divided in terms of purpose (type of research in the    category of applied-developmental research and in terms of research approach in the category of mixed quantitative and qualitative research). In the qualitative section, by referring to articles, books and  research reports, upstream documents using the metacomposition method, dimensions, components and indicators of the conceptual model of leveling various types of cyber threats in cyber security and defense in knowledge-based organizations, the extraction and qualitative control of findings was carried out, based on the findings of the model An initial concept was formed and after evaluation with scientific methods and based on structural equation modeling, the proposed validation framework and the final conceptual model were presented. To identify the dimensions and components of the model by studying previous researches, theoretical literature as well as interviews with specialists and experts in this field, the dimensions and  components were extracted, then to validate the dimensions and components from the survey method (a field from the statistical population of experts, experts) with tools The questionnaire was asked. After      performing valid tests (factor analysis test), the dimensions and components of the model were confirmed. The results of the research findings showed that all the considered factors for each of the components have a factor load greater than 0.4; Therefore, they load well on the relevant dimensions, or in other words, the components of the subset of dimensions are related and form part of the model structures; Therefore, the components are interdependent with the dimensions and have a meaningful relationship. The presented conceptual model explained well the relationship between dimensions, components, and variables in order to stratify the types of threats in security and cyber defense of knowledge-based organizations. The  calculation and analysis of the fit indices with the software Smart-PLS(4) also confirmed the conformity of the conceptual framework and the experimental background with the reality.
 

Keywords


Smiley face

[1] A. Taati, “Presenting a native model for the implementation of information security management in a service organization,” Master's thesis (Islamic Azad University, Science and Research Unit, Faculty of Management and Economics, Department of Information Technology Management, Information Technology Management, Advanced Information Systems), 2019. (In Persian)
[2] United Nations performance research working group, Offices attached to the United Nations, annual report on the performance of various working groups of the United Nations. United Nations International Unit Publications, 2020. https://www.un.org/annualreport/2020/files/2020/09/Annual-report
[3] B. E. Sarfarazi and M. Mohammadi, “Presenting the model of effective factors on talent management in knowledge-based companies with an emphasis on the longevity of knowledge workers,” Journal: Productivity Management » Spring - No. 60 Scientific-Research Rank, ISC (‎30, page - from 78 to 107, 2023. (In Persian)
[4] M. Khalafkhani, “Information and communication opportunities for democratization in cyber space,” Guided by Abdul Ali Qawam; Consulting Ahmed Sae, Mohammad Amjad. Ph.D. (Islamic Azad University. Science and Research Unit, Faculty of Law and Political Science, Department of Political Science), 2013. (In Persian)
[5] IBM Cyber Security Annual Report, IBM Cyber Security and Defense Industry Research and Development Center, IBM Cyber Security Center of Excellence (CCoE) 2023. https://research.ibm.com/haifa/ccoe/motivation.shtml
[6] M. R. Zandi, “Preliminary investigations in cyber crimes,” Tehran, Jungle: Javadane, pp. 42-10, 2011. (In Persian)
[7] A. R. Kaldi, “Recognizing the threats and social harms of Tehran and the future perspective with emphasis on Shahran neighborhood (District one of Panj region municipality),” Lutfi Hassan Ali consulting Mehrdad Navabakhsh. Master's Thesis (Islamic Azad University, Department of Science and Research, Faculty of Humanities and Social Sciences, Research Field of Social Sciences), 2013. (In Persian)
[8] Z. Zaheri, “Investigating security threats in cloud computing and providing a secure method for data storage,” Guided by Mahmoud Al Borzi; Consulting Alireza Pourebrahimi. Master's degree (Islamic Azad University, Department of Science and Research, Faculty of Management and Economics, Department of Information Technology Management), 2019. (In Persian)
[9] R. Taghipour and A. Esmaili, “Designing a Conceptual Model of the Cyber Defense Model of the Islamic Republic of Iran,” Magazine: National Security » Winter, Year 8 - Scientific-Research Number 30/ISC (22 pages - from 181 to 202, 2018. (In Persian)
[10] Mousavi et al., “Strategies to improve the capabilities of electronic and cyber warfare (cyberelectronics) of the armed forces against unequal threats,” pp. 22-34, 2020. (In Persian)
[11] E. Mirzai Dizaji, “Strategies for improving information security management using interpretive structural modeling method (case study: Tehran Municipal Organization),” Guided by Ahmed Reza Ghasemi; Advising Ehsan Sadeh. Master's degree (Islamic Azad University, Science and Research Unit, Faculty of Management and Economics, Department of Information Resource Management), 2021. (In Persian)
[12] R. Sadeh, “The issue of evaluating the model of various information security indicators in organizations,” master's thesis, pp. 12-56, 2022. (In Persian)
[13] E. D. Rousseau, “Protecting national infrastructures against cyber attacks,”  Translated by Ahmad Salahi; Communication and Information Technology Research Center (Iran Telecommunication Research Center). Tehran: Arad Kitab, 2016.
[14] Khin Than Win, D. Elena Vlahu-Gjorgievska, “Information Security Governance Challenges and Critical Success Factors: Systematic Review,” Computers & Security In press, journal pre-proofAvailable online September 3. 2020.
[15] U. Ulrik Franke, A. Andreasson, and Niklas Vilhelm, “Cyber situational awareness issues and challenges,” Cybersecurity and Cognitive Science17, Chapter 10, June 2022.
[16] D. Damjan Fujs, S. Simon Vrhovec, and D. Damjan Vavpotič, “Balancing software and training requirements for information security,” Computers & Security2 September 2023.
[17] Cyber Security and Defense Task Force, Cyber Security and Defense Center Report, EU Cybercrime Centre, 2022.
[18] V. R. Zeraat pisheh, “Security pathology of mobile phone use among middle school male students of Sepidan city,” Guided by Ahmed Yazdi Yazdanabadi; Consulting Saeed Zarghami. Master's degree (Islamic Azad University, Science and Research Unit, Educational Management), 2018. (In Persian)
[19] Z. Nasirirad, “Comparison of the amount and manner of using Facebook social networks with Viber and WhatsApp mobile phone programs (case study: university students of Research Sciences Unit and students of Stockholm KTH University),” Guided by Shahnaz Hashemi; Advising Afsana Mozafari, Master's degree (Islamic Azad University, Department of Science and Research, Department of Social Communication Sciences), 2015. (In Persian)
[20] The process of modeling various types of threats in the field of cyber security and defense, Cisco, 2023.
[21] A. R. Purebrahimi, “The best in information security,” Azad Islamic University, Electronic Department. Publications of Azad Islamic University, 2018. (In Persian)
[22] M. R. Behbodhi, “Evaluation of Information Security Management (ISMS) in Hormozgan University and providing strategies for its improvement,” Master's Thesis, Hormozgan University, Faculty of Literature and Humanities, 2018. (In Persian)
[23] A. M. Mahdavi, “Evaluation of information security indicators in Tehran Stock Exchange and Securities Organization,” Biglarbagian Parisa. Consultant professor: Mohammad Soltani Delgosha. Zahra Razmi Master's thesis. Al-Zahra University (S). Faculty of Economics and Accounting, 2013. (In Persian)
[24] M. Mari Karjalainen, M. Mikko Siponen, and S. Suprateek Sarker,Toward a stage theory of the development of employees' information security behavior. Computers & Security. June, 2020.
[25] E. Edyta Karolina Szczepaniuk, H. Hubert Szczepaniuk, Tomasz Rokicki, Bogdan Klepacki. , Information security assessment in public administration. Computers & SecurityMarch, 2020.
 [26]. A. R. Alizadeh Soodmand, Azimi. Zahra, Explanation of the strategies of empowering commanders and managers in organizations, the first national conference of Islamic command and management, Bahman. Imam Hussain (AS) University, 2020. (In Persian)
[27] V. Sajjadi and D. Azar, “Improving the ability of the Islamic Republic of Iran Army to deal with the cyber operations of the US Army,” Magazine: Military Sciences and Techniques » Spring. ISC scientific-research number 51. 22 pages - from 5 to 26, 2019. (In Persian)
[28] S. H. Kazemi, “Investigation and identification of effective factors in information security management in electronic universities of Iran (case study: electronic unit of universities located in Tehran),” Fathnejad cross-border guide; Amir Massoud Rahmani's advice. Master's degree (Islamic Azad University, Science and Research Unit, Faculty of Management and Economics, Department of Information Technology Management), 2017. (In Persian)
[29] A. Ali Kavak and H. Hüseyin Odabaş, “The impact of information security management guide utilization on technological and institutional information security measures in university libraries in Türkiye,” The Journal of Academic Librarianship 16 October 2023.
[30] S. Sebastian Hengstler, S. Stephan Kuehnel, and S. Simon Trang, “Should I really do that? Using quantile regression to examine the impact of sanctions on information security policy,” compliance behavior, 2023.