Relationship between Cyber Security and Civil Protection in the Greek Reality

Abstract

The links between cybersecurity and civil protection in the last decades became strong due to the rapid increase in the use of Informatics Technologies (IT) worldwide and the need to increase citizens’ protection from various disasters and uncertainties. The objective of the present study is to explore the role of cyber security in enhancing civil protection in Greek reality. Methodologically, the study has been based on a survey with a sample of 345 executives of IT companies in Greece by using a structured questionnaire. The basic results of the research study showed that cyber security technologies positively affect civil protection, cybercrime reduction practices have a positive influence on civil protection, and there is a significant relationship between the government’s role in cyber security and civil protection. Cybersecurity also may have a significant influence on the principles of emergency operations: prevention, mitigation, preparation, response, or emergency evacuation and recovery. The main conclusion from the study is that it is very important for public and private agencies in Greece, as well as in the rest of Europe, to embrace new emerging cybersecurity technologies to help enhance cyber security and civil protection. Potential vulnerabilities in cybersecurity pose substantial risks to the effectiveness and efficiency of such critical infrastructure and directly impact the functioning of states, economies, and societies.

1. Introduction

1.1. Background to the Study

According to Boyens et al. [1], cybercrime damages the global economy by EUR 6.5 trillion by the end of 2022, up from EUR 2.7 trillion in 2015. This increase is attributed in part to cybercriminals taking advantage of the COVID-19 epidemic [2,3,4,5]. More profitable than the worldwide trade in all major illicit narcotics taken together, this statistic reflects the biggest transfer of economic wealth in history and affects incentives for investment and innovation [6,7,8]. Additionally, cyber risks have transcended cybercrime to affect national security [9,10]. The foundation of all the key infrastructures today is digital technology, which also has a significant impact on the degree of civil protection. As a result, protecting their vital infrastructure will become increasingly dependent on maintaining its cybersecurity [11]. The number of people, organizations, and enterprises that can be affected by a single cyberattack at the same time can be very large [12,13]. It is important to note that cybersecurity issues or threats can be associated with malware propagation that can affect Internet of Things devices and mobile devices (IoT) [14,15,16]. The same factor makes it far more challenging to stop an attack [17,18].

Fekete et al. [19] demonstrate that poor cybersecurity may have a potentially huge influence on society, including weakening users’ faith in digital services. Because these services are so entwined with our everyday lives, any effective cybersecurity plan must incorporate the human and, more broadly, social components. Given that information flows and the safeguarding of personal data are the heart of today’s digital society, cyber-security is essential for ensuring that digital services run safely and securely while also protecting the privacy of residents [20]. Thus, cybersecurity is evolving from a technological ‘option’ to a societal must and hence is an important prerequisite for civil protection. However, given the size and consequences of today’s cyberattacks, the digital society has to be ready for them before they happen. It is important to improve, create, and promote cybersecurity resilience, coupled with attack prevention strategies and novel approaches to avoid software vulnerabilities. Cybersecurity implementation will always be industry-specific due to particular sectoral restrictions, regardless of advances in big data, hyper connectivity, edge computing, the Internet of Things (IoT), quantum computing, and blockchain technologies [21,22]. This entails the hazards that come with living in a society where security is varied and unevenly applied [23].

Greece has extensive expertise in building and implementing cyber-resilience for vital infrastructure. Over the previous three decades, Greece has created comprehensive cybersecurity rules and regulations, as well as institutional resilience and essential skills to prevent and safeguard the country’s vital infrastructure from cyberattacks [24,25]. This research will concentrate on existing practices and problems in boosting cyber defense capabilities and endurance of vital cybersecurity infrastructure, as well as developing confidence in the digital society and thereby improving civil protection. The following study intends to offer a better understanding of the current state of European cybersecurity and its influence on civil protection from a business perspective, and of the degree and engagement of the government in tackling the issues at hand [26,27].

1.2. Objectives of the Study

This study majorly investigated the role played by cyber security in enhancing civil protection, with a major basis on Greek reality. The basic objective was analyzed on different special objectives and research questions as have been expressed in

Table 1. Research questions and specific objectives of the study.

Research Question	Rationale (Specific Objectives)
What is the effect of cyber security technologies on civil protection?	To establish the effect of cyber security technologies on civil protection.
What is the influence of cyber risk reduction practices on civil protection?	To explore the influence of cyber risk reduction practices on civil protection.
What is the relationship between the government’ role in cyber security and civil protection?	To determine the relationship between the government’s role in cyber security and civil protection.
What are the cyber risks or disasters that are associated with poor civil protection in different sectors (electricity, communications, etc.)?	To find out the cyber risks or disasters associated with poor civil protection in different sectors (electricity, communications, etc.)?
What are the different operational models and current strategies for managing cyber risks in critical infrastructure?	To establish the operational models and current strategies for managing cyber risks in critical infrastructure?

Source: Authors’ own work (2022).

.

1.3. Research Hypotheses

Hypothesis 1 (H1).

Cybersecurity technologies have a positive effect on civil protection.

Hypothesis 2 (H2).

Cyber risk reduction practices have a positive influence on civil protection.

Hypothesis 3 (H3).

There is a significant relationship between government role in cyber security and civil protection.

1.4. Significance of the Study

The contribution of the present research is focused on and trying fundamentally to provide comprehensive insights into the expansion of cybersecurity, revealing flaws in the present digital evolution and their implications for civil protection. Additionally, the research is trying to outline the aspects that, if implemented, have the potential to build a better and more secure future for digital society as well as civil protection, while taking into consideration the emerging cybersecurity problems.

The novelty and the originality of this study are related mainly to the absolute absence of similar studies that try to link cybersecurity to civil protection and to point out the impact of one on another, in any European country. The research tries to cover this gap using data from Greece, a country in the EU in which the use of IT before a few years was at a low level but has shown rapid development over the last few years. Moreover, in Greece, the interest in civil protection is high due to the often-presenting uncertainties and dangers (natural disasters, earthquakes, forest fires, etc.).

2. Literature Review

2.1. Overview of Cybercrime and Cybersecurity

Numerous studies have shown that one essential step in tackling the rising number of intrusions and assaults on private or institutional information is obtaining the necessary expertise in cyber-security [28]. Inadequate information management and a lack of understanding of cyber security provide hackers a chance to access and misuse the information of other persons or organizations [29].

According to Abie [30], cybersecurity enables governmental institutions to respond to numerous technological breakthroughs and the dynamics of globalization. These often provide several difficulties for a nation’s cyberspace, which may be overcome through enhancing cybersecurity. It may be difficult to secure IT and IT systems, and it can be difficult to construct efficient economic, political, and capacity-building processes to handle cybercrime, to name a few of the prevalent technical and globalization-based difficulties [31].

Cybersecurity is a critical global concern, according to Moonen (2021) [32], because of the rise in internet users and resulting increase in internet traffic worldwide. The many facets of cyber security and cybercrime prevention have received significant attention in most nations owing to the fact that technological progress and capacity building are among the Millennium Development Goals that must be met in order to achieve Sustainable Development by 2030 [33]. Governments feel that one of the best ways to achieve sustainable economic development is to lower the high frequency of cybercrime [32,34]. It is crucial to remember that preventing cybercrime allows for strategic expansion in business and industry, which eventually supports stronger economic development [35,36,37].

The vast quantity of cyberattacks, perpetrated by various hackers, have a considerable effect on the majority of economies. In this case, these assaults result in a loss of about $400 billion globally, which has a significant effect on the global economy.

Such detrimental impacts of cyberattacks may only be addressed internationally by implementing efficient cybercrime prevention techniques [38,39].

The bulk of government institutions, according to Alabdulatif (2018) [40], are extremely vulnerable to various cyber-attacks and hence require the most attention in terms of increasing public knowledge about cyber security. Statistics show that every year, more than 70% of Greek businesses publish papers describing the harm done to them by various hackers or other cyberattacks. This significantly affects their ability to carry out different legal obligations [41].

Zaballos & Herranz [42] revealed that the majority of government organizations have also consistently said that there are only a few individuals equipped to deal with cybercrime concerns, which has significantly hampered attempts to improve cyber security. Data theft and other forms of cybercrime cause governments to lose a lot of money, which has a significant impact on the efficient delivery of key services and, as a result, slows down the nation’s economic progress. This proves that a top government issue that must be given significant attention by the accountable government organizations or agencies is cyber-security [43].

In his research, Maahs [44] discovered that it is urgently necessary to uncover the numerous technological gaps connected to the security of commercial network systems. Business owners and other institutional leaders can find the greatest solutions to the issues brought on by cybercrimes by recognizing gaps. Smaller networks, such those used in institutions or schools, are more vulnerable, and as a result, hackers constantly target them. However, it is crucial to remember that if a network or information system’s security is unstable, hackers may simply control them. The bulk of data or information systems, as well as other critical networks, must be built on a protection and prevention-oriented viewpoint [45].

According to Minović [46], the bulk of cybersecurity assaults are caused by a variety of human blunders performed by less skilled or trained IT employees, giving hackers access to network infrastructure. It is vital to remember that most hackers concentrate on taking advantage of human flaws, which is why cybercrime occurs often in businesses with inexperienced personnel. Additionally, understanding human processes is crucial for improving cyber security. Most human functions are used by incorporating history, behaviors, and design to enhance the efficacy of security tools and regulations. Companies must choose an inter policy framework that integrates threat assessment with the prioritization of remedies via the use of consumer technologies in the vast majority of challenging circumstances [47].

2.2. Forms of Cybersecurity Technology

De Bruijn & Janssen [48] suggest that contemporary cyber technologies use behavioral analytics to thwart criminals and prevent sensitive information and intellectual property from being attacked. It is important to note that end-to-end analytics help to detect and thwart threats to network traffic, files, and gadgets throughout data environments by using user behavior analytics that get smarter over time. Complete user behavior visibility is now possible thanks to artificial intelligence (AI) and machine learning (ML), enabling preemptive threat detection, real-time threat assessment, and risk management [49,50].

Fekete et al. [19] demonstrated solutions for detecting and blocking intrusions. These so-called IDS and IPS solutions might assist IT personnel in spotting and guarding their wireless and wired networks against a variety of security risks. These solutions, including other network security measures, have gained popularity as government networks have become more complicated. IPS solutions continually monitor traffic in real-time and may stop assaults from both known and unidentified sources, while IDS technologies look for suspicious behavior. Both tool types can classify and recognize different forms of assaults, which enhances computer security as a whole.

Abie [30] disclosed that admins may now identify, halt, and remove malware by using anti-malware solutions in their systems. A malware’s primary purpose is to locate and exploit vulnerabilities in computer networks, notably those that exist in security protocols, computer operating systems, web browsers, application software, and well-known targets such as Adobe Flash, Acrobat, and Reader [51]. Best practices include adding IP blacklisting, data loss prevention tools, anti-virus and anti-spyware software, internet surfing controls, egress filtering, and outbound traffic proxies to a full defense.

Boyens et al. [1] demonstrated that mobile device administration systems are currently used in cyber-security. These technologies, which are also referred to as MDM, give administrators the ability to remotely monitor and control mobile device security settings. Employees are permitted to work remotely on company-approved devices, but management can guarantee the security of these devices because they are constantly in control of them.

According to Minović [46], restricting network access and granting access to network resources only to devices that adhere to the security policy can assist security policy be enforced. They handle the authentication and authorization procedures and have the authority to control which users have access to which data, ensuring that users must first satisfy several security standards before being given access to any data.

Additionally, Fekete et al. [19] suggested that beyond the conventional barriers, technology has advanced, and companies now use future-proof firewalls. Next-generation firewalls provide enhanced network security services, such as application visibility and control, in addition to meeting the needs for online security. Moreover, authorization and identification have become very critical in most public and private companies [52]. User authentication and permissions rules are used by conventional directory-based systems to control access. Public key infrastructure and digital certificates are two examples of the techniques used by contemporary identity-based security technologies to put an extra layer of security on top.

2.3. Strategies to Manage Cyber Risks

Cybercrime tactics are essentially the many tools or initiatives designed to lessen the incidence of cybercrime in various nations throughout the globe [53]. One typical technique used to counteract the high degree of cybercrime is to strengthen national and international collaboration between governments, corporations, institutions, and the general public, in addition to adopting numerous laws and standards [29].

The majority of governments and academics agree that better understanding the various factors that contribute to cybercrime is one of the best strategies to improve cyber security. Since these are the most often impacted regions by the destructive actions of hackers, Zaballos & Herranz [42] contend that institutional leaders and the entire workforce in various business and governmental bodies need to increase their level of cybersecurity knowledge because these are the regions that are most frequently affected by the destructive actions of hackers. A thorough examination into the 2013 Target Organization data breach revealed that while the target’s current security procedures were successful in identifying the intrusion, the IT staff’s failure was brought on by their lack of knowledge and skill regarding the cyber-attack [54].

The majority of governments and organizations claim that the overall strength of cyber security is commonly based on cyber defense, or on various technological and non-technical methods that enable a country to effectively guard information systems that are critical to the establishment of cyberspace in most government institutions [55]. In such a scenario, a country’s cyberspace can survive any occurrences that would ordinarily put in danger the general reliability, security, or confidentiality of the data saved, processed, and afterwards communicated through the information systems.

According to OECD [17], an effective information system security approach is used in a robust cyberspace, which is built on the battle against cybercrime and cyber defense. Security measures and methods for combating cybercrime work together to help organizations respond to the numerous attacks launched on their information systems. However, the only way to begin constructing a strong cyberspace is to have a strategic vision that specifies how to achieve and maintain a high level of cybersecurity. Enhancing organizational and policy coordination, fostering public-private sector partnership, and highlighting the importance of core principles such as data security are the most frequent components of such strategic initiatives [56]. Along with promoting improved international collaboration, this also includes creating laws or regulations that encourage freedom of speech and the free movement of information.

Additional strategies to counter cyberattacks are presented in

Table 2. Strategic steps to avoid cybercrimes.

Monitoring and alerts	It is crucial to have robust system monitoring in place to prevent malicious attackers from accessing and storing sensitive data on a peripheral device. This includes network monitoring and alerting settings to spot unusual behavior.
Risk management decision-making	They may decide how assets and a constrained budget should be used by performing a risk assessment. The element in question will access technical hardware, software, and assign monetary risk value if it is degraded or infected by a virus.
Up-to-date technology	The effective use of security technology and the required tools. Due to old computer firmware, shoddy security methods, and antiquated safety technologies, the corporation will continue to be exposed to hackers.
Security team	Sensitive and confidential information should be immediately protected by well-trained professional personnel; the IT department should be watchful to know about frequent risks.
Knowledge is power	Maintaining thorough awareness of prospective risks and assaults is essential for preventing cybercrimes.

below and these mostly relate to using different applications or software to prevent any occurrence of a cyberattack.

In this context, game-based learning can be an effective strategy. The potential of game-based learning to draw a diverse user base, including students, adults, professionals, etc., is what makes it effective. The core premise of gamified learning centers on the creation of awareness among users regarding a topic matter is through educating them via games. It tries to boost their interest in learning about the topics that affect them. The idea that the game-based method is successful in raising users’ awareness of social engineering dangers including phishing attempts has been backed by research. According to Abu et al. [21], gamified learning alters the user’s status in a way that places them in a situation where their learning improves.

Since phishing attacks are widely utilized by social engineers, using a game-based approach can help people better understand social engineering attacks in general. Its efficacy resides on its capacity to inspire computer users’ drive to gain a deeper understanding of the dangers of social engineering assaults. Additionally, it influences susceptible users and customers to alter their interactions and behaviors with their information security systems. Because it focuses users’ attention on the learning by giving them instant outcomes, gamified learning is very successful at generating a realistic environment for users to learn about potential social engineering assaults.

In order to secure information systems against social engineering assaults, a robust and qualified cybersecurity workforce at the national and federal level is essential. As it would increase public interest in learning about cybercrime, game-based learning may be a tremendous tool in developing a cybersecurity workforce.

Table 3. Showing additional strategies to counter cyberattacks.

Mitigation Strategy	Rationale
Use critical infrastructure to help deter the execution of harmful malware and unauthorized apps.	One of the finest security techniques is application whitelisting, which only permits a limited set of programs to execute while prohibiting all others, even dangerous malware.
Patch software such as Microsoft Office, Java, PDF players, or Flash, and Patch operating system vulnerabilities.	Most attacks target operating systems and vulnerable applications. The amount of exploitable entry points that an attacker can use is decreased by ensuring these are effectively patched [57].
Game-based learning	Attracts a wide range of users to learn about cybersecurity [58].
Based on user responsibilities, limit access to administrative functions to operating systems and apps.	By limiting certain rights, malware may be stopped from operating or have less room to proliferate throughout the network.

present additional strategies to counter cyberattacks.

In addition to game-based learning, the high level of cyber threats or attacks can be addressed through utilizing critical infrastructure. It is important to note that critical infrastructures protection is one of the most important topics concerning the application of cybersecurity strategies to modern societies. Critical infrastructure may relate to physical and cyber systems and resources that are so vital to the nation that their failure or destruction would seriously jeopardize national security, including our physical and financial safety and well-being [59]. The classical Bloom filter data structure was proposed by Calderoni et al. [60] and is an essential part of hundreds of cryptographic protocols that have been successfully used in privacy preservation and secure computation settings, frequently in conjunction with the homomorphic characteristics of cyphers such as Paillier’s.

Calderoni et al. [61] claim that crucial infrastructure such as indoor localization may be employed as an enabling technology for location-based services. Service providers passively gather various form data that might expose strictly personal information about an individual in order to maintain the availability of these products. Téglásy & Katsikas [62] suggested a security service based on large symmetric keys that enables the automated verification of asset authorization status and as a strategy of enhance cybersecurity.

2.4. Civil Protection

According to Boyens et al. [1], the damage caused by COVID-19 demonstrates how the character and scope of catastrophic risk have evolved through time. The varied consequences have had substantial socioeconomic effects outside of certain industries. Despite the increase in the complexity and unpredictable nature of catastrophes, thereby making managing disaster risks a more difficult and ambitious challenge, the knowledge, cooperation, and a greater culture of anticipation would increase the EU’s resilience and enable intelligent, sustainable, and equitable development.

As indicated by Bernat [55], identifying the hazards, functioning as a successful team, and employing a multi-skilled strategy are crucial for disaster planning and response. The EU’s civil protection strategy enjoys widespread public support in both Europe and the rest of the world as one of the most visible displays of its compassion for those affected by disasters of any kind [63]. The EU is creating a new forum for professionals in civil protection and disaster management to exchange knowledge, best practices, and lessons learned through the Union Civil Protection Knowledge Network. Through the Knowledge Network, the EU hopes to improve its European Disaster Risk Management [19].

Abie [30] indicated that the COVID-19 outbreak demonstrated the benefits of close collaboration between national civil protection groups, academic institutions, and researchers. It also showed how vital training, research, and innovation are. The organizations required to react to catastrophes, especially those with a health component, such as COVID-19, must be reinforced and inclusive [64,65]. Along with the institutions that support the labor market and research centers, these institutions should be present in the health and civil protection sectors [66]. They must be capable of understanding hazards, averting them, and acting in unison when necessary [67].

2.5. Research Gap

Based on the reviewed literature, it is clear that cyber security attacks pose serious hazards to businesses and academia. In order to reduce the threat posed by cyber security attacks, businesses must now educate and train end users. Replicating the attacker’s behaviors in a safe setting allows one to explore and learn without worrying about losing anything, and it also enables the participant to see dangers early on, thereby reducing the likelihood of successful cyber-attacks. Researchers have examined the vulnerability of people and organizations to cybersecurity threats [55]. The literature shows that collection of comprehensive scenarios and the analysis of actual cybersecurity threats are particularly important. This research tackles a number of contemporary issues, including gathering examples of actual cybersecurity assaults, data analysis, and identification of the attack’s key characteristics. Researchers in another study presented cyber-attack frameworks that are based on instances from the actual world [19]. After examining real-world examples, the researchers in this study offered an attack framework that roughly corresponds to those examples but was not exhaustive of the many approaches to countering cybersecurity assaults in relation to civil protection. This study differs very significantly from some of the other previous studies in that it majorly focuses on the importance of cyber security in boosting civil protection.

3. Methods

3.1. Research Design

A cross-sectional survey design and quantitative research technique were utilized in this study. This design is essentially an investigation in which quantitative data are collected and analyzed to identify a certain phenomenon in terms of recent trends, present occurrences, and current links between different cyber security effects and civil protection. The descriptive research method allows the researcher to generalize the study’s various results to a broader population of IT enterprises that gave data on the subject of inquiry.

3.2. Target Population

The study targeted the different accessible companies in the IT companies in Greece, which was an estimated 120,000 persons [68]. The population was included to establish the most appropriate sample for the study. The study targeted both the public and private IT sectors of Greece, since this would help to obtain a more representative sample of people with good knowledge on cyber security and civil protection.

3.3. Sample Size

The study utilized a sample of 345 executives of IT companies in Greece. The sample acted as a representative sample for entire Greece.

3.4. Sampling Technique

Both stratified and basic random sample approaches, which are both part of probability sampling processes, were utilized in the research. In this instance, stratified sampling was used to create the target sample, and a straightforward random sampling method was used to extract the final sample from the strata. Samples obtained by simple random sampling are quite representative of the whole population. However, it could take a while, particularly when working with large samples.

3.5. Data Collection

The research used an online survey to obtain information from executives of IT companies in Greece (more than 120,000 persons) (Figure 1). One of the simplest and most popular methods for collecting data is via a survey questionnaire. This is because it is less expensive since a large number of respondents are surveyed quickly, and it allows respondents to freely answer delicate questions without worrying about the researcher’s approval or rejection.

Having determined the survey’s accuracy and then its reliability corresponding to P = 99.7%, the sample size was selected. The variance of managers, directors, or workers that commute was assessed using a pilot sample of 50 individuals. S² = 466,699.14 and s = 683.15 were the outcomes. A value of z = 3 is often employed in sample size calculations, which corresponds to a degree of dependability of P = 99.7%. The required level of reliability determines z’s value (P). Equation (1) determines that the minimum sample size was 344.76, or 345 people, based on the values of N = 120,000 (available target population), s = 683.15 (standard deviation of the sample), z = 3, and d = 115.61 [69,70,71,72,73].

$$\mathrm{n}=\frac{\mathrm{N}{\left(\mathrm{zs}\right)}^2}{{\mathrm{Nd}}^2+{\left(\mathrm{zs}\right)}^2}$$

(1)

Determination of the required sample of respondents

$$\mathrm{n}=\frac{120.000{\left(3\times 683.15\right)}^2}{120.000\times {115.61}^2+{\left(3\times 683.15\right)}^2} \iff \mathrm{n}=344.76$$

where by:

$\mathrm{n}$ is the minimum sample of respondents.

$\mathrm{d}$ is the needed precision.

$\mathrm{N}$ is the total population.

$\mathrm{s}$ is the population proportion.

$\mathrm{z}$ is the critical value.

A purposive sampling technique was used to select the representative sample for the study.

3.6. Validity and Reliability

The validity is the level extent to which the observed scale scores are a true reflection of the existing differences among the objects under measurement instead of the systematic or random error. The validity for this study was obtained using the Content Validity Coefficient (CVC). For this study, instruments with a content validity index of 0.6 or higher were therefore considered acceptable for use while those with a value less than 0.6 were rejected.

The test-retest reliability can be used to measure the extent to which instruments produced consistent scores when the same group of individuals is repeatedly measured under the same conditions. A Cronbach’s alpha correlation coefficient of greater than 0.5 was considered to have passed the reliability test and the instrument was considered suitable for use.

3.7. Data Analysis

Following the collection of the given questionnaires, the data will be analyzed in accordance with the study’s goals. To achieve a more statistical analysis of the research, all the data that were gathered from the respondents were then examined using the SPSS 16.0 version. The data used for the frequency distribution were obtained from the first portion of the user profile questionnaire; it is explained using a frequency table, with the mean and standard deviation calculated for some of the data. To determine the relationship between the study variables, the researcher also used the Pearson’s rank correlation test. The extent to which the various facets of cyber security impact civil protection in Europe was also investigated using regression analysis. A multiple regression model in Equation (2) helped to obtain coefficients of the different variables that also doubled as the predicted values.

$$\mathrm{Y}={\mathsf{\beta }}_0+{\mathsf{\beta }}_1{\mathrm{X}}_1+{\mathsf{\beta }}_2{\mathrm{X}}_2+{\mathsf{\beta }}_3{\mathrm{X}}_3+\mathsf{\epsilon }\dots \dots \dots \dots \dots 1$$

(2)

where:

Y = Civil protection

β₀ = constant (coefficient of intercept)

${\mathrm{X}}_1$ = Cyber security technologies

${\mathrm{X}}_2$ = Cybercrime reduction

${\mathrm{X}}_3$ = Government role in cyber security

$\mathsf{\epsilon }$ = Represents the error term in the multiple regression model

The three hypotheses of this study were tested based on the obtained regression results at 95% confidence interval or at 0.05 significance level.

3.8. Ethical Considerations

The researcher confirmed that employees or owners of the selected firms provided informed consent and indicated their desire to participate in the study, along with strictly upholding high level of confidentiality and privacy while dealing with respondents’ data. Respondents also had the freedom to reply to questions based on how well they understood the different opinion questions. This helped to increase the number of replies to certain inquiries.

4. Results

This section interprets the various conclusions acquired after analyzing data gathered from the chosen research participants.

4.1. Demographic Characteristics

Results about the different demographic characteristics of the selected respondents who participated in the study are presented in

Table 4. Participants’ demographic characteristics.

Characteristic	Frequency	Percentage (%)
Gender
Male	217	62.9
Female	128	37.1
Age bracket in years
Below 30	26	7.5
30–40	189	54.8
41–50	113	32.8
Above 50	17	4.9
Designation
Employee	173	50.2
Director	67	19.4
Manager	86	24.9
Administrator	19	5.5
Years spent in the IT sector
Below 5	63	18.3
5–10	197	57.1
Above 10 years	85	24.6
Total	345	100

Source: Authors’ own work (2022).

.

The majority of research participants (62.9%) were male, with just 37% being female. The bulk of research participants (54.8%) were between the ages of 30 and 40, with just 4.9% being beyond the age of 50. The bulk of research participants (57.1%) had spent 5–10 years in the IT industry, with just 18.3% having spent less than 5 years.

4.2. Descriptive Results

The results of the established effect of cyber security technologies on civil protection in Greece are presented in

Table 5. Opinions on the effect of cyber security technologies on civil protection in Greece.

	Agree	Disagree
Behavioral analytics help to analyze user behavior on websites, mobile apps, systems, and networks in organizations	74.4%	25.6%
Platforms for behavioral analytics may be used by cybersecurity experts to identify possible threats and weaknesses.	71.4%	28.6%
Blockchain may be used by cybersecurity experts to protect devices or systems, develop industry-standard security procedures, and make it almost impossible for hackers to access databases.	56.4%	43.6%
Cybersecurity experts can react to and identify targeted assaults using extended detection and response (XDR), automatically validate and correlate warnings, and provide extensive analytics.	13.5%	86.5%
Organizations must embrace new cyber security emerging technologies to enhance their resilience to cyber disasters and crises	66.2%	33.8%

Source: Authors’ own work (2022).

.

According to the findings in Table 5, the majority of survey participants (74.4%) agreed that behavioral analytics aid in the analysis of user behavior on websites, mobile applications, systems, and networks in businesses. Platforms for behavioral analytics may be used by cybersecurity experts to identify potential threats and weaknesses. Blockchain may be used by cybersecurity experts to protect devices or systems, develop industry-standard security procedures, and make it nearly impossible for hackers to access databases. A total of 86.5% of survey participants disagreed that cybersecurity experts can react to and identify targeted attacks using extended detection and response (XDR). However, 66.2% of respondents believed that organizations must adopt emerging cyber security technology to improve their resilience to cyber catastrophes and crises.

The study sought to establish the influence of cyber risk reduction practices on civil protection, and the results are presented in

Table 6. Opinions on the influence of cyber risk reduction practices on civil protection.

	Agree	Disagree
Cybersecurity reduction influences the performance of critical infrastructure such as power plants, electricity grids, communication networks, and cloud systems	64.6%	35.4%
Cybersecurity risk mitigation is possible through the utilization of security policies and processes to reduce the overall risk or impact of cybercrimes	51.2%	48.8%
Prevention, detection, and remediation attributes in cybersecurity help in disaster management	80.3%	19.7%
Proactive cybersecurity risk mitigation enhances disaster preparedness in organizations and in the general public	53.5%	46.5%
Implementing new cybersecurity technologies helps to mitigate the different threats to poor civil protection	64.3%	35.7%

Source: Authors’ own work (2022).

.

According to the results in Table 6, the majority of the study participants (64.6%) agreed that cybersecurity reduction influences the performance of critical infrastructure such as power plants, electricity grids, communication networks, and cloud systems. A total of 51.2% of the study participants agreed that cybersecurity risk mitigation is possible through the utilization of security policies and processes to reduce the overall risk or impact of cybercrimes. In total, 80.3% of the study participants agreed with the notion that the prevention, detection, and remediation attributes in cybersecurity help in disaster management; 53.5% of the study participants agreed that proactive cybersecurity risk mitigation enhances disaster preparedness in organizations and in the general public; and 64.3% agreed that implementing new cybersecurity technologies helps to mitigate the different threats to poor civil protection.

The study sought to determine the government’s influence in the relationship between cyber security and civil protection, and the results are presented in

Table 7. Opinions on the government’s influence in the relationship between cyber security and civil protection.

	Agree	Disagree
Analysis of cybersecurity issues has continued to weaken due limited involvement of the government in addressing causes of cybercrime	15.7%	84.3%
Large portions of the Critical National Infrastructure in the majority of OECD nations are privately owned rather than being under direct government authority.	53.5%	46.5%
Numerous civilian systems are susceptible to cybersecurity flaws and assaults; therefore, a solely military strategy to cybersecurity defense has minimal utility.	51.7%	48.3%
Cybersecurity concerns that pose a significant long-term physical danger to the globe or to specific countries are likely to pale in comparison to other global hazards, in which information infrastructures play an essential but seemingly secondary role.	35.6%	64.4%

Source: Authors’ own work (2022).

.

The results in Table 7 show that the majority of the study participants (84.3%) disagreed with the notion that the analysis of cybersecurity issues has continued to weaken due to limited involvement of the government in addressing causes of cybercrime. The study showed that large portions of the Critical National Infrastructure in the majority of OECD nations are privately owned rather than being under direct government authority as agreed by 53.5% of the study participants. A total of 51.7% of the study participants agreed that numerous civilian systems are susceptible to cybersecurity flaws and assaults; therefore, a solely military strategy to cybersecurity defense has minimal utility. However, 64.4% of the study participants disagreed with the fact that cybersecurity concerns that pose a significant long-term physical danger to the globe or to specific countries are likely to pale in comparison to other global hazards, in which information infrastructures play an essential but seemingly secondary role.

The study sought to establish the different strategies to enhance civil protection through cybersecurity.

From Figure 2, it was established that proper monitoring and alerts is one of the best strategies to enhance civil protection through cyber security as revealed by 32% of the study participants, followed by 21% who showed that acquiring knowledge on cybersecurity is important in enhancing cybersecurity. This therefore indicates that educating the general public or enhancing awareness on cyber threats or crimes is an important strategy towards improving civil protection in countries. Furthermore, 15% of the respondents indicated that risk management and decisions are important in enhance civil protection through cyber security; 13% of the study participants mentioned that improving cybersecurity technologies is the best strategy and the least number of participants (4%) mentioned effective allocation of resources.

4.3. Correlation Analysis

Table 8. Cross-tabulation of aspects of cyber security technologies, cybercrime reduction, and government role in cyber security and civil protection.

	Cyber Security Technologies	Cybercrime Reduction	Government Role in Cyber Security	Civil Protection
Cyber security technologies	1
Cybercrime reduction	0.548 **	1
	0.00
Government role in cyber security	0.551 *	0.649 *	1
	0.02	0.000
Civil protection (dep.)	0.482 *	0.631 *	0.546 *	1
	0.00	0.00	0.00	0.00

** and * respectively indicate statistical significance at a 5% significance level.

contains the findings of correlation analysis used to determine the link between the research variables.

The results revealed a positive correlation between cyber security technologies and civil protection (r = 0.482), which is equally significant at 0.05. There was a positive correlation between cybercrime reduction and civil protection (r = 0.631), which was significant at 0.05, and indication practices such as enforcing cyber security laws or policies, training people in cyber protection techniques, and embracing cyber technologies help to enhance civil protection. The government’s role in cyber security showed a positive correlation with civil protection (r = 0.546), at a 0.05 level of significance (p = 0.00 < 0.05), showing that increased investment in cyber infrastructure by the government has a great role in improving civil protection.

4.4. Results of Regression Analysis

Regression analysis was also conducted to determine the extent to which civil protection is predicted by the different aspects of cyber security technologies, cybercrime reduction, and government role in cyber security, and the results are presented in

Table 9. Model Summary.

Model	R	R Square	Adjusted R Square	Std. Error of the Estimate
	0.702 a	0.661	0.659	0.37412

^a Predictors: Cyber security technologies, cybercrime reduction, and government role in cyber security.

. Regression analysis was used to analyze the amount to which the independent variables (cyber security technology, cybercrime reduction, and government engagement in cyber security) contribute to strengthening civil safety in Europe based on different projected values. The positive multiple correlation coefficient (R) of 0.702 was an indication that the three independent variables in this study were greatly associated with civil protection. Furthermore, the R-Square value revealed that the three independent factors resulted in a 66.1% shift in civil protection.

The one-way ANOVA in

Table 10. ANOVA analysis.

Model	Sum of Squares	df	Mean Square	F	Sig.
Regression	36.040	3	18.361	352.413	0.016
Residual	30.108	342	0.027
Total	66.148	345

Dependent Variable: Civil protection; Predictors: Cyber security technologies, cybercrime reduction, and government role in cyber security.

was used to assess if the three independent variables were superior predictors of the dependent variable or whether the linear regression model well fitted the data. F (3,342) = 352.413, p < 0.05 demonstrates that the model and data are sufficiently matched.

In

Table 11. Regression coefficients.

Model	Unstandardized Coefficients		Standardized Coefficients	T	Sig.
	B	Std. Error	Beta
(Constant)	0.318	0.136		2.438	0.026
Cyber security technologies	0.281	0.057	0.397	3.736	0.003
Cybercrime Reduction	0.186	0.067	0.213	3.195	0.021
Government role in cyber security	0.192	0.049	0.282	3.511	0.002

Dependent Variable: Civil protection. Predictors: Cyber security technologies, cybercrime reduction, and government role in cyber security. Source: Authors’ own work (2022).

, the model’s unstandardized coefficients were investigated to determine the impact of cyber security technology, cybercrime reduction, and the involvement of the government in cyber security on civil protection. The beta coefficient of cyber security technologies was 0.281, implying that a unit change in cyber security technologies resulted in a 28.1% increase in civil protection. Similarly, the beta coefficient of cybercrime was 0.186, meaning that a unit change in cybercrime reduction resulted in an 18.6% increase in civil protection. Finally, a unit shift in the role of the government in cyber security would result in a 19.2% increase in civil protection.

The beta coefficient (β1) was 0.315, and the p-value (0.001) was less than the significance level (0.05); hence, we accepted hypothesis 1 that cyber security technologies positively affects civil protection. The beta coefficient (β2) was 0.117 and significant at 0.05 (p = 0.014); hence, we accepted hypothesis 2 that cybercrime reduction practices have a positive influence on civil protection. The beta coefficient (β3) was 0,341, and the variable was significant where p-value = 0.000, indicating a substantial relationship between government role in cyber security and civil protection. We, therefore, accept hypothesis 3 that there is a significant relationship between government role in cyber security and civil protection.

5. Discussion

The study demonstrated a substantial link between government involvement in cyber security and civil protection, as well as a positive relationship between cyber security technologies and civil protection, cybercrime reduction methods, and civil protection.

Cybersecurity is a priority in most countries since it affects the protection of people. According to this report, cybercrimes include many aspects of hacking passwords, websites, or networks of countries or organizations, as well as conducting other criminal offences while utilizing information technology. Cybercrimes in this context significantly impair people’s privacy or secrecy because they involve attackers gaining unauthorized access to and using private or institutional data inadvertently. This study reveals that monitoring and adjustments are a crucial strategy for preventing cybercrime and therefore boosting the security of computer systems. This process is essential for identifying any potentially harmful activity and for enhancing cyber security in any environment using computer networks [74]. Never offer malicious attackers on a computer network or information system the chance to access and store sensitive data on a peripheral device. Only by carefully watching the entire system can this be accomplished. According to this study, cybercrimes can be prevented by effectively managing risks and making sound decisions. In this case, careful assessment of the numerous cyberattack threats helps businesses allocate resources to the most vulnerable component [75]. Studies have repeatedly demonstrated that the bulk of issues relating to cybercrime or cyberattacks arise from a firm’s lack of experienced IT professionals [76]. According to the majority of researchers, many people lack the skills and knowledge necessary to protect private or public data or information correctly, making it more vulnerable to hackers. This study also discovered that one of the most crucial ways to improve cybersecurity is to have a well-trained security staff with the abilities to handle the many dynamics of a cyberspace. This gives the expert team the opportunity to develop the best safeguards for the accessible sensitive data by allowing them to recognize any risks that may already be present in the IT department. It is essential for every institution or country to be knowledgeable about the many preventive measures for reducing cybercrime and protecting sensitive data from hacker intrusion [77]. It is vital to remember that knowledge is power. This study also demonstrated how essential it is to enact various cybersecurity laws as a preventative strategy. In this case, comprehensive cybercrime legislation and cyber-threat countermeasures that may be established on a national or global level are crucial for protecting a country’s or private organization’s cyberspace. Most countries and businesses have embraced the development of frameworks for cyber-security laws, which could essentially help in the fight against cybercrime. These frameworks are essential because they offer protections for safeguarding key information infrastructure, hence reducing the present national risks. The poll respondents also generally agreed with the researcher’s assessment of the contribution that fighting cybercrime makes in improving human security. The participants in the survey were unanimous in their agreement with the researcher’s challenges for combating cybercrime and enhancing human security in Greece. Participants in the survey strongly backed the research team’s strategic plan to combat cybercrime and enhance human security in Europe. According to Boyens et al. [1], it can be extremely challenging to pinpoint the genuine perpetrator of cyberattacks since the computers that the attack appears to originate from will have been compromised and utilized to relay and amplify the attack orders. The attribution problem is what is being discussed here. Contrary to conventional conflict, the intended target of retaliation is still unclear; hence, a notion of deterrence is ineffective. Thus, resilience must be the main emphasis of cyberweapon defense, together with proactive strategies and thorough contingency planning, to enable speedy recovery in the event of an attack. The cyber infrastructure may be used to lessen the impacts in addition to acting as a possible channel for spreading and amplifying an initial triggering event [78]. If proper backup preparations are in place, information systems may help in the management of other systemic risks. To reassure communities and lessen the possibility of social unrest and unhappiness, they can offer substitute means of delivering crucial services and disseminate the latest information and advice on catastrophic scenarios.

6. Conclusions

The study established that cybersecurity plays an important role in improving the levels of civil protection in a country. Hackers and other cybercriminals have advanced technologically due to the fast changes in technology and the complexity of online operations. The cybersecurity of both commercial and public organizations throughout the globe has been consistently impacted in this case as they employ all types of technology to modify the most sensitive data. This demonstrates the need of having a strategic vision to direct various nations or organizations in combating the problem of cybercrime. The most successful approaches for preventing cybercrime and enhancing cybersecurity center on eliminating human error to strengthen cyber security, include thorough risk assessment, ongoing monitoring of the organization’s network or information systems, and proper decision-making. Another key step in avoiding cybercrimes is the creation of national or international frameworks for cyber security policy. Such policies are essential for attaining economic and social development and, as a result, for defending societies that rely on the internet against all types of risks and threats [79]. Threats to cybersecurity are becoming an increasing worry as technology continues to advance [80]. Cybercriminals always create new strategies to target systems and the organizations that host them [81]. There are numerous cybersecurity solutions available that can aid in reducing the various risks or hazards related to cybersecurity. Any country would benefit from increased civic protection as a result of this. With improved cybersecurity, the general public is well equipped with important data and information on how to prepare, mitigate, and respond to different disasters or crises [40].

7. Recommendations

The following are recommendations based on the study findings:

To secure their cyberspace and thereby improve their overall cyber-security, nations must create national specialized cybersecurity authorities.

Public and internal personnel should be informed about the fundamentals of cyber security and how to safeguard sensitive information against cyberattacks by governments and commercial organizations.

Limitations, Reliability, and Future Work

The limitations of the research are mainly related to the composition of the sample and the way the survey was conducted. The number of 345 executives and managers who participated in the survey, although it was appropriate in size, largely covered IT businesses and fewer public sector organizations and services mainly related to civil protection; only a limited number of them were related to cyber security. Another limitation that was taken into account was the respondents’ unwillingness to complete and submit the questionnaire in its whole and on time.

In future research, an attempt will be made to investigate the readiness of the public sector in Greece to deal with crises on the internet with implications for civil protection. Moreover, the online conducting of surveys has almost been imposed on scientific research due to the COVID-19 pandemic. In fact, due to the complexity of the subject being investigated, it would be more correct to conduct the research face-to-face and with in-depth interviews with experts in the fields of civil protection and cyber security. Despite these limitations, it is estimated that the reliability of the research is quite high due to the significant sample size in relation to Greece, while the techniques chosen and used were appropriate according to the relevant international literature.