1887
Volume 2024, Issue 2
  • EISSN: 2616-4930

Abstract

This paper presents a review of ISO standards and real-world case studies to provide a robust framework for enhancing big data security and privacy in libraries. The study synthesises relevant ISO standards such as ISO/IEC 27001, ISO/IEC 27014, and ISO/IEC TS 19608 and analyses library cyberattacks to identify vulnerabilities and security gaps. The paper provides practical recommendations and mitigation strategies particularly beneficial for librarians in resource-limited regions and developing countries. By integrating these standards with case study insights and addressing security requirements across the big data lifecycle, the paper offers an actionable guide to help libraries strengthen their cybersecurity frameworks, improve risk management, and maintain public trust.

Loading

Article metrics loading...

/content/journals/10.5339/jist.2024.11
2024-09-30
2024-10-03
Loading full text...

Full text loading...

/deliver/fulltext/jist/2024/2/JIST.2024.issue2.11.html?itemId=/content/journals/10.5339/jist.2024.11&mimeType=html&fmt=ahah

References

  1. Alberga, H. (2024). Toronto public library book returns stored in 12 trailers since cyberattack. CTV News Toronto. Retrieved May 06, 2024 from https://toronto.ctvnews.ca/toronto-public-library-book-returns-stored-in-12-trailers-since-cyberattack-1.6720160
  2. Corrado, E. M. (2024). Cybersecurity and libraries. Technical Services Quarterly, 41:(1), 82-95.https://doi.org/10.1080/07317131.2023.2300530
    [Google Scholar]
  3. Demchenko, Y., Ngo, C., de Laat, C., Membrey, P., & Gordijenko, D. (2014). Big security for big data: Addressing security challenges for the big data infrastructure. In Jonker, W. & Petkovic, M. (Eds.), Secure Data Management: 10th VLDB Workshop, SDM 2013, Trento, Italy, August 30, 2013, Proceedings 10, (pp. 76–94). Springer. http://www.uazone.org/demch/papers/sdm2013-bigdata-security-v08.pdf
  4. Farid, G., Warraich, N. F., & Iftikhar, S. (2023). Digital information security management policy in academic libraries: A systematic review (2010–2022). Journal of Information Science, https://doi.org/10.1177/01655515231160026
    [Google Scholar]
  5. Garoufallou, E., & Gaitanou, P. (2021). Big data: Opportunities and challenges in libraries, a systematic literature review [Article]. College & Research Libraries, 82:(3), 410-435. https://doi.org/10.5860/crl.82.3.410
    [Google Scholar]
  6. CTV News Toronto. (2024, January 11). How has the toronto library cyberattack impacted you?. Retrieved May 06, 2024 from https://toronto.ctvnews.ca/mobile/how-has-the-toronto-library-cyberattack-impacted-you-1.6721537?cache=kmdeuabt?clipId=375756
  7. International Federation of Library Associations and Institutions (IFLA). (2020, May 06, 2024). Awareness, planning, resilience: Thoughts on libraries’ cyber defense in 2020. Library Policy and Advocacy Blog>. https://blogs.ifla.org/lpa/2020/03/27/awareness-planning-resilience-thoughts-on-libraries-cyber-defense-in-2020/
    [Google Scholar]
  8. ISO (International Organization for Standardization). (2018). Guidance for developing security and privacy functional requirements based on iso/iec 15408. In (Vol. ISO/IEC TS 19608:2018). Geneva: ISO.
  9. ISO (International Organization for Standardization). (2020a). Information security, cybersecurity and privacy protection — governance of information security. In (Vol. ISO/IEC 27014:2020). Geneva: ISO.
    [Google Scholar]
  10. ISO (International Organization for Standardization). (2020b). Information technology — online privacy notices and consent. In (Vol. ISO/IEC 29184:2020). Geneva: ISO.
  11. ISO (International Organization for Standardization). (2022a). Information security, cybersecurity and privacy protection — information security controls. In (Vol. ISO/IEC 27002:2022). Geneva: ISO.
  12. ISO (International Organization for Standardization). (2022b). Information security, cybersecurity and privacy protection — information security management systems — requirements. In (Vol. ISO/IEC 27001:2022). Geneva: ISO.
    [Google Scholar]
  13. ISO (International Organization for Standardization). (2023). Cybersecurity — guidelines for internet security. In (Vol. ISO/IEC 27032:2023). Geneva: ISO.
    [Google Scholar]
  14. Khan, A., & Sonkar, S. (2024). A comprehensive review of literature and exploration on library security system. Library Philosophy and Practice (e-journal). 8058. https://digitalcommons.unl.edu/cgi/viewcontent.cgi?article=15442&context=libphilprac
  15. Khan, S. A., & Shahzad, K. (2024). Key features of digital library management system (dlms) for developing digital libraries: An investigation from lis practitioners in pakistan. Journal of Librarianship and Information Science, 56:(1), 29-42. https://doi.org/10.1177/09610006221127033
    [Google Scholar]
  16. Kitsios, F., Chatzidimitriou, E., & Kamariotou, M. (2023). The iso/iec 27001 information security management standard: How to extract value from data in the it sector. Sustainability, 15:(7), 5828.
    [Google Scholar]
  17. Lambert, T. (2017). Protecting your library from ransomware. Public Libraries Online. Retrieved May 06, 2024 from https://publiclibrariesonline.org/2017/03/protecting-your-library-from-ransomware/
  18. Lupton, A. (2023). 2 experts explain why libraries can become cybercrime targets. CBC. Retrieved May 06, 2024 from https://www.cbc.ca/news/canada/london/2-experts-explain-why-libraries-can-become-cybercrime-targets-1.7059002
  19. Mishra, A., Alzoubi, Y. I., Anwar, M. J., & Gill, A. Q. (2022). Attributes impacting cybersecurity policy development: An evidence from seven nations. Computers & Security, 120:, 102820. https://doi.org/10.1016/j.cose.2022.102820
    [Google Scholar]
  20. Moreno, E. (2024). 4 lessons industrial companies can draw from the british library cyberattack. IT Security Guru. Retrieved May 06, 2024 from https://www.itsecurityguru.org/2024/04/08/4-lessons-industrial-companies-can-draw-from-the-british-library-cyberattack/
  21. Rafe Uddin, D., Thomas . (2024). British library to burn through reserves to recover from cyber attack. The Financial Times. Retrieved May 06, 2024 from https://www.ft.com/content/4be5d468-0cc3-4881-a5fb-b5d0163de93e
  22. Roberts, D. M. (2021). Boston public library suffers a cyberattack. ID Strong. Retrieved May 06, 2024 from https://www.idstrong.com/sentinel/boston-public-library-suffers-a-cyberattack/
  23. Shilling, E. (2016). The library of congress is in the midst of a cyberattack. Atlas Obscura. Retrieved May 06, 2024 from https://www.atlasobscura.com/articles/the-library-of-congress-is-in-the-midst-of-a-cyberattack
  24. Smith, A. (2023). Toronto public library systems to remain down until 2024 following cyberattack. Global News. Retrieved May 06 from https://globalnews.ca/news/10113083/toronto-public-library-cyberattack-update/
  25. Stokes, A. M. (2022). Disruption of library services due to hospital cyberattack: A case study. Medical Reference Services Quarterly, 41:(2), 204-212.
    [Google Scholar]
  26. Tella, A. (2021). Librarians' perception of opportunities and challenges associated with big data in public libraries. Internet Reference Services Quarterly, 24:(3/4), 89-113.https://doi.org/10.1080/10875301.2021.1900978
    [Google Scholar]
/content/journals/10.5339/jist.2024.11
Loading
/content/journals/10.5339/jist.2024.11
Loading

Data & Media loading...

This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error