Abstract
The COVID-19 pandemic has brought to the fore a number of issues regarding digital technologies, including a heightened focus on cybersecurity and data privacy. This chapter examines two aspects of this phenomenon. First, as businesses explore creative approaches to operate in the “new normal,” the security implications of the deployment of new technologies are often not considered, especially in small businesses, which often possess limited IT knowledge and resources. Second, issues relating to security and data privacy in monitoring the pandemic are examined, and different privacy-preserving data-sharing techniques, including federated learning, secure multiparty computation, and blockchain-based techniques, are assessed. A new privacy-preserving data-sharing framework, which addresses current limitations of these techniques, is then put forward and discussed. The chapter concludes that although the worst of the pandemic may soon be over, issues regarding cybersecurity will be with us for far longer and require vigilant management and the development of creative solutions.
TopIntroduction
Cybersecurity is not normally viewed as one of the digital technologies per se, but rather as a key issue within the overall digital transformation landscape. As the deployment of digital technologies becomes more prevalent, so the associated cybersecurity risks increase and must be managed. In 2020-21, as a result of the COVID-19 pandemic, many small businesses, which had hitherto operated primarily via physical locations, had to change to ensure they could operate remotely and have an online presence, in response to social distancing and the lockdown measures implemented in many countries. At the same time, the pandemic highlighted the importance of healthcare organisations around the world in collaborating to contain it. To tackle this global challenge, healthcare organisations have obtained large amounts of both unstructured and structured patient healthcare data, in the search for critical insights into its spread and ultimately as a means of preventing it. However, increasing public concerns over data security, as well as associated government regulations, have made it a significant challenge for the organisations to share data, as part of their collaborative research into the pandemic.
These two scenarios provide a useful frame of reference within which to consider the significance of cybersecurity in the digital era. The research in both these contexts was qualitative and inductive, based on an integrative literature review and development of new concepts. In the case of the research into small businesses, semi-structured interviews with company personnel were also used to develop and validate findings. In inductive research, the researcher aims to explore a topic and develop a theoretical explanation of the phenomenon studied using collected and analysed data (Gill & Johnson, 2002). The inductive approach to research is concerned with developing theory from findings obtained (Flick, 2014) and the researcher should be observant, with a mind attuned to interpret that data. According to Collins (2018), the inductive approach to research is more suited for research where there is little existing study, so that collected data will help generate theoretical themes.
Following this introduction, the chapter consists of two main sections. First, cybersecurity in small businesses is examined to identify current responses to the threat of cybersecurity, and to identify areas where threats could be more readily recognised and managed. Second, the issues involved in data exchange for pandemic monitoring are explored, with a particular focus on data privacy and security concerns. Finally, a short concluding section summarises some of the emergent themes from both case examples.
Key Terms in this Chapter
Small Business Enterprise (SBE): Normally viewed as enterprises with less than 50 employees. There are also turnover limits, but these evolve with time and inflation.
Federation Learning: A distributed data analytics framework, which involves a collection of distributed nodes that use their local data to create a local model, with an aggregator node creating a global model, which is shared across the nodes.
Smart Contract: A program which is deployed in a blockchain network and can be used to determine how records are maintained on the blockchain based on specific program conditions.
Blockchain: An immutable online ledger the entries of which are generated through a collection of distributed nodes performing a Proof of Work (PoW).