The Use of Digital Technology Platforms in the Context of Cybersecurity in the Industrial Sector
Data publikacji: 28 lip 2021
Zakres stron: 117 - 130
DOI: https://doi.org/10.2478/fman-2021-0009
Słowa kluczowe
© 2021 Krzysztof Bartczak, published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Figure 1
The security domain during the use of digital technology platforms vs the duration of their use (Source: Own study)
| Question 8. Has your company experienced any of the below-specified negative events or cybersecurity risks which were directly associated with the use of DTPs? | Question 2. Please specify how long your current company has been using digital technology platforms | |||
|---|---|---|---|---|
| Up to 3 years | More than 3 years | |||
| n | % | n | % | |
| Hardware failure | 30 | 51.7 | 35 | 56.5 |
| Internet outage attributable to, for example, network congestion due to the use of digital technology platforms | 19 | 32.8 | 24 | 38.7 |
| Leak of information relating to company, employees, or business partners | 4 | 6.9 | 1 | 1.6 |
| Customer data leak | 4 | 6.9 | 1 | 1.6 |
| Phishing – a fraudulent attempt to obtain sensitive information or data by disguising a website as a trustworthy entity in an electronic communication | 5 | 8.6 | 7 | 11.3 |
| Pharming – redirection to fake websites | 3 | 5.2 | 7 | 11.3 |
| Loss of financial means | 4 | 6.9 | 1 | 1.6 |
| Internet spying | 2 | 3.4 | 1 | 1.6 |
| No negative events | 13 | 22.4 | 15 | 24.2 |
| Intergroup comparisons using the Mann-Whitney U-test |
Hardware failure vs duration of use – not statistically significant Internet outage vs duration of use – not statistically significant Company data leak vs duration of use – not statistically significant Customer data leak vs duration of use – not statistically significant Phishing vs duration of use – not statistically significant Pharming vs duration of use – not statistically significant Loss of financial means vs duration of use – not statistically significant Internet spying vs duration of use – not statistically significant No negative events vs duration of use – not statistically significant |
|||
| Test for significance of relationships between Pearson's chi-square and Cramer's V contingency coefficient |
Hardware failure vs duration of use – not statistically significant Internet outage vs duration of use – not statistically significant Company data leak vs duration of use – not statistically significant Customer data leak vs duration of use – not statistically significant Phishing vs duration of use – not statistically significant Pharming vs duration of use – not statistically significant Loss of financial means vs duration of use – not statistically significant Internet spying vs duration of use – not statistically significant No negative events vs duration of use – not statistically significant |
|||
Cybersecurity-related consequences of the use of DTPs in companies (Source: Own study)
| Question 8. Please specify if your company experienced any of the below-specified negative events or cybersecurity risks which were directly associated with the use of DTPs | ||||
|---|---|---|---|---|
| Responses | Percentage of observations | |||
| n | Percentage | |||
| Hardware failure | 65 | 36.1 | 53.7 | |
| Internet outage attributable to, for example, network congestion due to the use of digital technology platforms | 43 | 23.9 | 35.5 | |
| Leak of information relating to company, employees, or business partners | 6 | 3.3 | 5.0 | |
| Customer data leak | 6 | 3.3 | 5.0 | |
| Phishing – a fraudulent attempt to obtain sensitive information or data by disguising a website as a trustworthy entity in an electronic communication | 12 | 6.7 | 9.9 | |
| Pharming – redirection to fake websites | 10 | 5.6 | 8.3 | |
| Loss of financial means | 6 | 3.3 | 5.0 | |
| Internet spying | 3 | 1.7 | 2.5 | |
| No negative events | 28 | 15.6 | 23.1 | |
| Total | 180 | 100.0 | 148.8 | |
Manifestations of the negative approach of management staff of the surveyed companies toward the implementation and use of digital technology platforms (Source: Own study)
| Question 7. Please specify how the negative attitude of management staff toward the implementation and use of digital technology platforms manifests itself in your company | ||||
|---|---|---|---|---|
| Responses | Percentage of observations | |||
| n | Percentage | |||
| High-level resistance toward the implementation of digital technology platforms due to potential changes to the organizational and employment structure in the company | 2 | 40.0 | 100.0 | |
| A number of concerns attributable to economic factors (high costs of implementation and possible cost reductions in other operational areas of the company) | 1 | 20.0 | 50.0 | |
| Numerous cybersecurity concerns | 2 | 40.0 | 100.0 | |
| Total | 5 | 100.0 | 250.0 | |
The essential features of the STOE (Source: Borysiewicz and Michalik, 2007)
| Feature | Description |
|---|---|
| Audit | Recording – in an audit register – information about users’ operations that were unsuccessful |
| Authorization |
Use of configuration modifications that cover control algorithms or border points Authorization of users who have access to control systems or actuation mechanisms |
| Operational preparedness | Protection against loss of operational readiness of control servers or communication lines |
| Access control | Inspections of system and platform interfaces, their functions, modifiable configurations, and critical processes |
| Monitoring | Detection of unauthorized operations on an ongoing basis |
| Recovery | Existence of tools for critical elements and processes aimed at data recovery at the time of failure |
| Confidentiality | Data protection against unauthorized disclosure (relevant data are determined based on a risk assessment and they mostly include operational, control, and financial information) |
| Security procedures | Existence of plans and policies relating to security management, business continuity, or assignment of roles and responsibilities |
| Self-check | Performance of self-tests used for validation of the integrity of security functions |
| Coherence | Protection against unauthorized changes to the information flow or configuration of systems and platforms |
| Border protection | Protection against attempts aimed at slipping across physical and digital logic borders of a system or platform |
Security domain during the use of digital technology platforms vs company size (Source: Own study)
| Question 8. Has your company experienced any of the below-specified negative events or cybersecurity risks which were directly associated with the use of DTPs? | Company size | |||||||
|---|---|---|---|---|---|---|---|---|
| Micro-sized companies | Small-sized companies | Medium-sized companies | Large-sized companies | |||||
| n | % | n | % | n | % | n | % | |
| Hardware failure | 3 | 25.0 | 11 | 39.3 | 23 | 56.1 | 28 | 71.8 |
| Internet outage attributable to, for example, network congestion due to the use of digital technology platforms | 4 | 33.3 | 9 | 32.1 | 20 | 48.8 | 10 | 25.6 |
| Leak of information relating to company, employees, or business partners | 0 | 0.0 | 2 | 7.1 | 1 | 2.4 | 2 | 5.1 |
| Customer data leak | 0 | 0.0 | 0 | 0.0 | 4 | 9.8 | 1 | 2.6 |
| Phishing – a fraudulent attempt to obtain sensitive information or data by disguising a website as a trustworthy entity in an electronic communication | 3 | 25.0 | 1 | 3.6 | 3 | 7.3 | 5 | 12.8 |
| Pharming – redirection to fake websites | 2 | 16.7 | 2 | 7.1 | 3 | 7.3 | 3 | 7.7 |
| Loss of financial means | 0 | 0.0 | 2 | 7.1 | 1 | 2.4 | 2 | 5.1 |
| Internet spying | 0 | 0.0 | 1 | 3.6 | 1 | 2.4 | 1 | 2.6 |
| No negative events | 7 | 58.3 | 9 | 32.1 | 6 | 14.6 | 6 | 15.4 |
| Intergroup comparisons using the Kruskal–Wallis H-test and Mann-Whitney U-test |
Hardware failure vs company size H (χ2)(3, n = 120) = 11.46, p ≤ 0.05 Micro-sized vs small-sized companies – not statistically significant Micro-sized vs medium-sized companies U(n = 54) = 178.5, p ≤ 0.05 Micro-sized vs large-sized companies U(n = 52) = 130.0, p ≤ 0.05 Small-sized vs medium-sized companies – not statistically significant Small-sized vs large-size dcompanies U(n = 67) = 368.5, p ≤ 0.05 Medium-sized vs large-sized companies – not statistically significant Internet outage vs company size – not statistically significant Company data leak vs company size – not statistically significant Customer data leak vs company size – not statistically significant Phishing vs company size – not statistically significant Pharming vs company size – not statistically significant Loss of financial means vs company size – not statistically significant Internet spying vs company size – not statistically significant No negative events vs company size – not statistically significant |
|||||||
| Test for significance of relationships between Pearson's chi-square and Cramer's V contingency coefficient |
Hardware failure vs company size H (χ2) (3, n = 121) = 12.46, p ≤ 0.05, V = 321 Internet outage vs company size – not statistically significant Company data leak vs company size – not statistically significant Customer data leak vs company size – not statistically significant Phishing vs company size – not statistically significant Pharming vs company size – not statistically significant Loss of financial means vs company size – not statistically significant Internet spying vs company size – not statistically significant No negative events vs company size – not statistically significant |
|||||||
Factors relevant to attitudes toward digital technology platforms (Source: Own study)
| Model component (predictor) | Beta coefficient | Number of degrees of freedom (df) | F | Significance | Zero-order correlation |
|---|---|---|---|---|---|
| Structural (sociodemographic) factor | 0.261 | 0.201 | 1 | 10.682 | 0.197 |
| Structural factor | 0.147 | 0.163 | 3 | 0.816 | 0.488 |
| Human factor | 0.141 | 0.163 | 2 | 0.749 | 0.475 |
| Economic factor | 0.070 | 0.207 | 3 | 0.114 | 0.952 |
| Cybersecurity factor | –0.138 | 0.159 | 1 | 0.756 | 0.386 |
| Structural (sociodemographic) factor | 0.274 | 0.262 | 0.254 | 0.547 | 0.944 |
| Structural factor | 0.140 | 0.154 | 0.145 | 0.157 | 0.975 |
| Human factor | 0.145 | 0.148 | 0.139 | 0.157 | 0.972 |
| Economic factor | 0.105 | 0.072 | 0.067 | 0.056 | 0.932 |
| Cybersecurity factor | −0.078 | −0.141 | −0.133 | 0.083 | 0.928 |