panel | Anastasija Nikiforova, PhD

As I wrote earlier, this year I was invited to organize my own panel session within the Research and Innovation Forum (Rii Forum). This invitation was a follow-up on several articles that I have recently published (article#1, article#2, article#3) and a Chapter to be published in “Big data & decision-making: how big data is relevant across fields and domains” (Emerald Studies in Politics and Technology) I was developing at that time. I was glad to accept this invitation, but I did not even think about how many roles I will act in Rii Forum and how many emotions I will experience. So, how was it?

First, what was my panel about? It was dedicated to data security entitled “Security of data storage facilities: is your database sufficiently protected?” being a part of the track called “ICT, safety, and security in the digital age: bringing the human factor back into the analysis“.

My own talk was titled “Data security as a top priority in the digital world: preserve data value by being proactive and thinking security first“, which makes it to be a part of the panel described above. In this talk I elaborated on the main idea of the panel, referring to an a study I recently conducted. In short, today, in the age of information and Industry 4.0, billions of data sources, including but not limited to interconnected devices (sensors, monitoring devices) forming Cyber-Physical Systems (CPS) and the Internet of Things (IoT) ecosystem, continuously generate, collect, process, and exchange data. With the rapid increase in the number of devices and information systems in use, the amount of data is increasing. Moreover, due to the digitization and variety of data being continuously produced and processed with a reference to Big Data, their value, is also growing. As a result, the risk of security breaches and data leaks. The value of data, however, is dependent on several factors, where data quality and data security that can affect the data quality if the data are accessed and corrupted, are the most vital. Data serve as the basis for decision-making, input for models, forecasts, simulations etc., which can be of high strategical and commercial / business value. This has become even more relevant in terms of COVID-19 pandemic, when in addition to affecting the health, lives, and lifestyle of billions of citizens globally, making it even more digitized, it has had a significant impact on business. This is especially the case because of challenges companies have faced in maintaining business continuity in this so-called “new normal”. However, in addition to those cybersecurity threats that are caused by changes directly related to the pandemic and its consequences, many previously known threats have become even more desirable targets for intruders, hackers. Every year millions of personal records become available online. Moreover, the popularity of IoTSE decreased a level of complexity of searching for connected devices on the internet and easy access even for novices due to the widespread popularity of step-by-step guides on how to use IoT search engine to find and gain access if insufficiently protected to webcams, routers, databases and other artifacts. A recent research demonstrated that weak data and database protection in particular is one of the key security threats. Various measures can be taken to address the issue. The aim of the study to which this presentation refers is to examine whether “traditional” vulnerability registries provide a sufficiently comprehensive view of DBMS security, or whether they should be intensively and dynamically inspected by DBMS holders by referring to Internet of Things Search Engines moving towards a sustainable and resilient digitized environment. The study brings attention to this problem and make you think about data security before looking for and introducing more advanced security and protection mechanisms, which, in the absence of the above, may bring no value.

RiiForum2022_Data_Security_as_a_top_priority Download

Other presentations delivered during this session were “Information Security Risk Awareness Survey of non-governmental Organization in Saudi Arabia”, “Fake news and threats to IoT – the crucial aspects of cyberspace in the times of cyber war” and “Minecraft as a Tool to Enhance Engagement in Higher Education” – both were incredibly interesting, and all three talks were delivered by females, where only the moderator of the session was a male researcher, which he found to be very specific, given the topic and ICT orientation – not a very typical case 🙂 But, nevertheless, we managed to have a great session and a very lively and fruitful discussion, mostly around GDPR-related questions, which seems to be one of the hottest areas of discussion for people representing different ICT “subbranches”. The main question that we discussed was – is the GDPR more a supportive tool and a “great thing” or rather a “headache” that sometimes even interferes with development.

In addition, shortly before the start of the event, I was asked to become a moderator of the panel “Business in the era of pervasive digitalization“. Although, as you may know, this is not exactly in line with my area of expertise, it is in line with what I am interested in. This is not surprising, since both management, business, the economics are very closely connected and dependent on ICT. Moreover, they affect ICT, thereby pointing out the critical areas that we as IT-people need to refer to. All in all, we had a great session with excellent talks and lively discussion at the end of the session, where we discussed different session-related topics, shared our experience, thoughts etc. Although it was a brilliant experience, there is one thing that made it even better… A day later, a ceremony was held where the best contributions of the forum were announced and I was named the best panel moderator as a recognition of “the academic merit, quality of moderation, scheduling, and discussion held during the panel”!!!

RiiForum2022 Best panel moderator Award Download

These were wonderful three days of the forum with very positive emotions and so many roles – panel organizer, speaker / presenter, program committee member and panel moderator with the cherry on the cake and such a great end of the event. Thank you Research and Innovation Forum!!! Even being at home and participating online, you managed to give us an absolute amazing experience and even the feeling that we were all together in Athens!

*_{Research and Innovation Forum 2022, Soruce: https://rii-forum.org/}*

Another question to be asked is “why?” The answer is as follows – today, billions of interconnected devices form an Internet of Things (IoT) ecosystem. With an increasing number of devices and systems in use, the risk of security breaches increases. This even more the case in times of COVID-19 pandemics, when pandemics affected not only human beings’ health and lives but also lifestyle of the society, i.e. digital environment substituted the physical one. This led to an increase of cyber-security threats of different nature. At the same time, while security breaches and security protection mechanisms have been widely addressed in the literature, the notion of “primitive” artifact, such as database seems to have not been paid same attention of researchers and practitioners. But are databases always secure and protected by default, i.e. do databases follow the “security by design” principle? Previous research and regular updates on data leakages suggest that the number and nature of vulnerabilities of databases is very high. Several factors contribute to that and a variety of different measures can be employed to address the issue. Their complexity varies significantly. The aim of the panel is to examine both, the current research on data security, threats posed by weak security of databases, especially NoSQL databases, as well as the approaches to inspect and identify this issue with regards to the question of who owns data storage facilities, security by data storage facility type and country – whether this is country-specific or rather data storage facility-specific question?

In addition, this event and track to which my panel belongs to expects to cover broader security- and safety- related issue. To get a brief overview, let me provide an abstract of this track, which is as follows:

“The inroads of ICT in the fields of safety and security are overwhelming. While several opportunities have thus been created to foster the capacity of our security and defense systems, ICT is also the source of new risks and threats, e.g. cybersecurity issues and cyberwarfare. Amidst the debate on the added value that ICT may bring to the fields of public order (safety issues) and defending society from (mostly) external threats (security issues), ICT, and especially artificial intelligence (AI), has been hailed as the golden means to increased military capacity. The objective of this track is to map and explore recent advances in the field and to dwell on the question of the role of the human factor in contemporary defense systems, including the notions of leadership, administration, human-to-human interaction, and human-computer interaction. This track will be of particular interest to researchers and practitioners engaged with topics and issues relating to the military, policing, security, safety, and others” (source: Rii Forum)

In case you are interested in either my panel, or the track or the event in general, book the date – the event is scheduled to run on April 20-22, 2022 and will take place in hybrid mode, i.e. both online and offline modes will be acceptable. For those who prefer on-site events, it would be beneficial to know that it will be in Athens, Greece.

*** just in case you are interested in those articles I have referred to at the beginning of this post:

Daskevics, A., Nikiforova, A. (2021) ShoBeVODSDT: Shodan and Binary Edge based vulnerable open data sources detection tool or what Internet of Things Search Engines know about you, 2021 Second International Conference on Intelligent Data Science Technologies and Applications (IDSTA), November 15-16, 2021. Tartu, Estonia
Daskevics, A., Nikiforova, A. (2021) IoTSE-based open database vulnerability inspection in three Baltic countries: ShoBEVODSDT sees you, The 8th IEEE International Conference on Internet of Things: Systems, Management and Security (IOTSMS 2021), December 6-9, 2021, Gandia, Spain.
Azeroual, O.; Nikiforova, A. Apache Spark and MLlib-Based Intrusion Detection System or How the Big Data Technologies Can Secure the Data. Information 2022, 13, 58. https://doi.org/10.3390/info13020058, SNIP: 1.012, CiteScore: 3.0 (Q2 (Information Systems))

Anastasija Nikiforova, PhD

Open data and data quality management researcher, European Open Science Cloud (EOSC) Task Force

Tag panel

Research and Innovation Forum 2022: panel organizer, speaker, PC member, moderator and Best panel moderator award

Research and Innovation Forum 2022 and my own panel on data security