In May 2018, the new Dutch Intelligence and Security Services Act 2017 (Wet op de Inlichtingen- en veiligheidsdiensten, Wiv) will enter into force. It replaces the previous 2002 Act and incorporates many reforms to the information gathering powers of the two intelligence and security services as well as to the accountability and oversight mechanisms. Due to the technologyneutral approach, both the civil and the military intelligence services are now authorized to, for example, intercept communications in bulk, hack third parties, decrypt files, store DNA or use any other future innovative technology. Also, the national security legislation extends the possibilities for the indiscriminate collection of data, and for the processing, storage and analysis thereof. The process leading to the law includes substantial criticism from the various stakeholders involved. Upon publication of this report, an official consultative referendum is being organized on the new act. The aim of this policy brief is to provide an international audience with a comprehensive overview of the most relevant aspects of the act and its context. In addition, there is considerable focus on the checks and balances as well as the bottlenecks of the Dutch intelligence gathering reform. The selection of topics is based on the core issues addressed during the parliamentary debate and on the authors’ insights.
In today’s world, information security is a trending as well as a crucial topic for both individuals and organizations. Cyber attacks cause financial loss for businesses with data breaches and production loss. Data breaches can result in loss of reputation, reduced customer loyalty, and fines. Also due to cyber attacks, business continuity is affected so that organizations cannot provide continuous production. Therefore, organizations should reduce cyber risks by managing their information security. For this purpose, they may use ISO/IEC 27001 Information Security Management Standard. ISO/IEC 27001:2013 includes 114 controls that are in both technical and organizational level. However, in the practice of security management, individuals’ information security behavior could be underestimated. Herein, technology alone cannot guarantee the safety of information assets in organizations, thereby a range of human aspects should be taken into consideration. In this study, the importance of security behavior with respect to ISO/IEC 27001 information security management implementation is presented. The present study extensively analyses the data collected from a survey of 630 people. The results of reliability measures and confirmatory factor analysis support the scale of the study.
MULTIFILE
In today’s world, information security is a trending as well as a crucial topic for both individuals and organizations. Experts believe that nothing can guarantee any system’s security unless humans’ information security behavior is taken under consideration. Opening an e-mail attachment without checking its source, sharing account information with other people and browsing websites without checking its reliability can be considered as common mistakes in information security behavior. This study examines the factors affecting information security behavior by scrutinising its relationship with different variables which are information knowledge sharing, information security organization policy, the intention of attending information security training and self-efficacy. The present study extensively analyses the data collected from a survey of 630 people ranging from students to managers aged between 15 to 79 in order to generalize the Turkish context. The results of reliability measures and confirmatory factor analysis support the scale of the study. The present study’s findings show that there is a positive relationship between the factors mentioned above and information security behavior.
Today, embedded devices such as banking/transportation cards, car keys, and mobile phones use cryptographic techniques to protect personal information and communication. Such devices are increasingly becoming the targets of attacks trying to capture the underlying secret information, e.g., cryptographic keys. Attacks not targeting the cryptographic algorithm but its implementation are especially devastating and the best-known examples are so-called side-channel and fault injection attacks. Such attacks, often jointly coined as physical (implementation) attacks, are difficult to preclude and if the key (or other data) is recovered the device is useless. To mitigate such attacks, security evaluators use the same techniques as attackers and look for possible weaknesses in order to “fix” them before deployment. Unfortunately, the attackers’ resourcefulness on the one hand and usually a short amount of time the security evaluators have (and human errors factor) on the other hand, makes this not a fair race. Consequently, researchers are looking into possible ways of making security evaluations more reliable and faster. To that end, machine learning techniques showed to be a viable candidate although the challenge is far from solved. Our project aims at the development of automatic frameworks able to assess various potential side-channel and fault injection threats coming from diverse sources. Such systems will enable security evaluators, and above all companies producing chips for security applications, an option to find the potential weaknesses early and to assess the trade-off between making the product more secure versus making the product more implementation-friendly. To this end, we plan to use machine learning techniques coupled with novel techniques not explored before for side-channel and fault analysis. In addition, we will design new techniques specially tailored to improve the performance of this evaluation process. Our research fills the gap between what is known in academia on physical attacks and what is needed in the industry to prevent such attacks. In the end, once our frameworks become operational, they could be also a useful tool for mitigating other types of threats like ransomware or rootkits.
Despite their various appealing features, drones also have some undesirable side-effects. One of them is the psychoacoustic effect that originates from their buzzing noise that causes significant noise pollutions. This has an effect on nature (animals run away) and on humans (noise nuisance and thus stress and health problems). In addition, these buzzing noises contribute to alerting criminals when low-flying drones are deployed for safety and security applications. Therefore, there is an urgent demand from SMEs for practical knowledge and technologies that make existing drones silent, which is the main focus of this project. This project contributes directly to the KET Digital Innovations\Robotics and multiple themes of the top sectors: Agriculture, Water and Food, Health & Care and Safety. The main objective of this project is: Investigate the desirability and possibilities of extremely silent drone technologies for agriculture, public space and safety This is an innovative project and there exist no such drone technology that attempts to reduce the noises coming from drones. The knowledge within this project will be converted into the first proof-of-concepts that makes the technology the first Minimum Viable Product suitable for market evaluations. The partners of this project include WhisperUAV, which has designed the first concept of a silent drone. As a fiber-reinforced 3D composite component printer, Fiberneering plays a crucial role in the (further) development of silent drone technologies into testable prototypes. Sorama is involved as an expert company in the context of mapping the sound fields in and around drones. The University of Twente is involved as a consultant and co-developer, and Research group of mechatronics at Saxion is involved as concept developer, system and user requirement verifier and validator. As an unmanned systems innovation cluster, Space53 will be involved as innovation and networking consultant.
In our increasingly global society, organizations face many opportunities in innovation, improved productivity and easy access to talent. At the same time, one of the greatest challenges, businesses experience nowadays, is the importance of social and/or human capital for their effectiveness and success (Backhaus and Tikoo, 2004; Mosley, 2007; Theurer et al., 2018; Tumasjan et al., 2020). High-quality employees are crucial to the competitive strength of an organization in the global economy, as these employees have a major influence on organizational reputation (Dowling at al., 2012). An important question is how, under these global circumstances, organizations and companies in the Netherlands can best be stimulated to attract and preserve social capital.Several studies have suggested the scarcity of talent and the crucial importance of gaining competitive advantage with recruitment communication to find the fit between personal and fundamental organizational characteristics and values for employees (Cable and Edwards, 2004; Bhatnagar and Srivastava, 2008; ManPower Group, 2014; European Communication Monitor (ECM), 2018). In order to become an employer of choice, organizations have to not only stand out from the crowd during the recruitment process but work on developing loyalty and a culture of trust in their relationship with employees (ECM, 2018). Employer Branding focuses on the process of promoting an organization, as the “employer of choice” to a desired target group, which an organization aims to attract and retain. This process encompasses building an identifiable and unique employer identity or, more specifically, “the promotion of a unique and attractive image” as an employer (Backhaus 2004, p. 117; Backhaus and Tikoo 2004, p. 502).One of the biggest challenges in the North of the Netherlands at the moment is the urgent need for qualified labor in the IT, energy and healthcare sectors and the excess supply of international graduates who are able to find a job in the North of the Netherlands (AWVN, 2019). Talent development, as part of the regional labor market and education policy, has been an important part of government programs and strategies in the region (VNO-NCW Noord, 2018). For instance, North Netherlands Alliance (SNN) signed a Northern Innovation Agenda for the 2014-2020 period. SNN encourages, facilitates and connects ambitions focused on the development of the Northern Netherlands. Also, the Social Economic council North Netherlands issued an advice on the labour market in the North Netherlands (SER Noord Nederland, 2017). Knowledge institutions also contribute through employability programs. Another example is the Regional Talent Agreement (Talent Akkoord) framework issued by the Groningen educational institutions, employers and employees’ organizations and regional authorities in which they jointly commit to recruiting, training, retaining and developing talent for the Northern labor market. Most of the hires with a maximum of five year of experience at companies are represented by millennials. To learn what values make an attractive brand for employees in the of the North of the Netherlands, we conducted a first study. When ranking the most important values of corporate culture which matter to young employees, they mention creative freedom, purposeful work, flexibility, work-life balance as well as personal development. Whereas attractive workplace and job security do not matter to such a degree. A positive work environment and a good relationship with colleagues are valued highly (Hein, 2019).To date, as far as we know, no other employer branding studies have been carried out for the North of the Netherlands. Further insight is needed into the role of employer branding as a powerful tool to retain talent in Northern industry in particular.The goal of this study is to provide a detailed analysis of the regional industry in the Northern Netherlands and contribute to: 1) the scientific body of knowledge about whether and how employer branding can strengthen the attractiveness of a regional industry in the labor market; 2) the application of this knowledge and insights by companies and governments in local policy development in the North of the Netherlands.
