The Impact of 5G Technology on the Internet of Things and Society
Kriativ-tech Volume 1, Issue 11, Edição Nº 11 – 4-12-2025
Authors
Tiago Dias, Student, ISTEC Lisboa - Instituto Superior de Tecnologias Avançadas Lisboa, Portugal
Paulo Duarte Branco, Associate Professor at ISTEC Lisboa, CIAC-PLDIS, ISTEC Lisboa - Instituto Superior de Tecnologias Avançadas Lisboa, Portugal
José Pereira Reis, Invited Assistant Professor at ISCTE
Media
To cite this article
Tiago Dias, Paulo Duarte Branco, José Pereira Reis The Impact of 5G Technology on the Internet of Things and Society
Abstract
The Internet of Things (IoT) and fifth-generation mobile networks (5G) represent two of the most transformative technologies of the 21st century. When integrated, they offer a synergistic foundation for advanced applications in numerous fields, from healthcare to transportation, agriculture, industry, and smart urban infrastructure. IoT enables devices to sense, transmit, and act on data autonomously, while 5G provides the ultra-fast, ultra-reliable, and high-capacity network environment these devices require to function at scale. The confluence of these technologies is driving the emergence of interconnected ecosystems that are reshaping business models, service delivery, and public life. This paper explores the impact of 5G on IoT, assesses their combined influence on society, and discusses both the technological advantages and the risks—particularly in terms of security, privacy, and ethical concerns. Through an in-depth examination of their architectures, capabilities, limitations, and real-world deployments, we conclude that the integration of 5G and IoT holds tremendous potential to revolutionize daily life, but achieving this promise will depend on addressing foundational challenges in regulation, trust, and inclusivity. We evaluate how 5G and IoT together are redefining the digital landscape, while also identifying key challenges that must be addressed for their widespread and sustainable adoption.
Keywords
5G, Internet of Things, security architecture, data ethics, regulatory frameworks, distributed systems, edge computing, trust management
References
Ahad, A., Tahir, M., & Yau, K. (2019). 5G-based smart healthcare network: Architecture, taxonomy, challenges and future research directions. IEEE Access, 7, 100747-100762. https://doi.org/10.1109/ACCESS.2019.2930628
Albadran, S. (2021). Evaluation of development level and technical contribution of recent technologies adopted to meet the challenges of 5G wireless cellular networks. Symmetry, 13(4), 635. https://doi.org/10.3390/sym13040635
Alhayani, B., Kwekha-Rashid, A. S., Mahajan, H. B., Ilhan, H., Uke, N., Alkhayyat, A., & Mohammed, H. J. (2022). 5G standards for the Industry 4.0 enabled communication systems using artificial intelligence: Perspective of smart healthcare system. Applied Nanoscience, 12(4), 2515-2532. https://doi.org/10.1007/s13204-021-02152-4
Attaran, M. (2021). The impact of 5G on the evolution of intelligent automation and industry digitization. Journal of Ambient Intelligence and Humanized Computing, 12(2), 5977-5993. https://doi.org/10.1007/s12652-020-02521-x
Auat Cheein, F. (2020). The role of 5G technologies: Challenges in smart cities and intelligent transportation systems. Sustainability, 12(16), 6469. https://doi.org/10.3390/su12166469
Banik, S., Cardenas, I. S., & Kim, J. H. (2019). IoT platforms for 5G network and practical considerations: A survey. arXiv preprint. https://arxiv.org/abs/1907.03592
Batool, A., Sun, B., Saleem, A. F., & Ali, J. (2021). Convergence of 5G with Internet of Things for enhanced privacy. arXiv preprint. https://arxiv.org/abs/2107.04594
El-Saleh, A. A. (2023). Measurements and analyses of 4G/5G mobile broadband networks: An overview and a case study. Wireless Communications and Mobile Computing, 2023, 6205689. https://doi.org/10.1155/2023/6205689
Ghaffarianhoseini, A. (2024). IoT-enabled smart cities: A hybrid systematic analysis of key research areas, challenges, and recommendations for future direction. Smart Cities, 7(1), 38-64. https://doi.org/10.1007/s44327-024-00002-w
Gohar, A., & Nencioni, G. (2021). The role of 5G technologies in a smart city: The case for intelligent transportation system. Sustainability, 13(9), 5188. https://doi.org/10.3390/su13095188
Hao, Y. (2021). Investigation and technological comparison of 4G and 5G networks. Journal of Communications and Computer, 18(1), 23-28. https://doi.org/10.17265/1548-7709/2021.01.003
Ivanova, E. P., Iliev, T., Stoyanov, I., & Mihaylov, G. (2021). Evolution of mobile networks and seamless transition to 5G. IOP Conference Series: Materials Science and Engineering, 1032(1), 012008. https://doi.org/10.1088/1757899X/1032/1/012008
Kar, S., Mishra, P., & Wang, K. C. (2021). 5G-IoT architecture for next generation smart systems. IEEE Transactions on Network Science and Engineering, 8(4), 2847-2861. https://doi.org/10.1109/TNSE.2021.3118875
Khan, R., Kumar, P., Jayakody, D., & Liyanage, M. (2020). A survey on security and privacy of 5G technologies: Potential solutions, recent advancements, and future directions. IEEE Communications Surveys & Tutorials, 22(1), 196-248. https://doi.org/10.1109/COMST.2019.2933899
Kumari, A., Gupta, R., & Tanwar, S. (2021). Amalgamation of blockchain and IoT for smart cities underlying 6G communication: A comprehensive review. Computer Communications, 172, 102-118. https://doi.org/10.1016/j.comcom.2021.03.005
Lin, X. (2025). 3GPP evolution from 5G to 6G: A 10-year retrospective. Telecom, 6(2), 32. https://doi.org/10.3390/telecom6020032
Moin, S. (2020). Blockchain for 5G-enabled IoT for industrial automation: A systematic review, solutions, and challenges. Mechanical Systems and Signal Processing, 135, 106382. https://doi.org/10.1016/j.ymssp.2019.106382
The Era of Mobile Devices
Kriativ-tech Volume 1, Issue 11, Edição Nº 11 – 04-12-2025
Authors
Geraldo Oliveira Sales Junior, Student, ISTEC Lisboa - Instituto Superior de Tecnologias Avançadas Lisboa, Portugal
Paulo Duarte Branco Associate Professor at ISTEC Lisboa, CIAC-PLDIS
Media
To cite this article
Geraldo Oliveira Sales Junior, Paulo Duarte BrancoThe Era of Mobile Devices
Abstract
The era of mobile devices presents, in chronological order, the technological evolution leading to the current computing configuration as observed at the beginning of the 2020s. Grounded on a literature review, this study highlights the macrostructural events that decisively influenced the development of mobile devices.
Keywords
Mobile devices, History of computing, Technological evolution, Digital mobility
References
Alajrami, S., Romanovsky, A., & Gallina, B. (2016). Software Development in the Post-PC Era: Towards Software Development as a Service (pp. 662–671). https://doi.org/10.1007/978-3-319-49094-6_53
Ali, A. X., McAweeney, E., & Wobbrock, J. O. (2021). Anachronism by Design: Understanding Young Adults’ Perceptions of Computer Iconography. International Journal of Human-Computer Studies, 151, 102599. https://doi.org/10.1016/j.ijhcs.2021.102599
Android - Wikipedia.org. (2024, April 4). Android. https://en.wikipedia.org/wiki/Android_(operating_system)
Apollo Guidance Computer - Wikipedia.org. (2024, April 4). Apollo Guidance Computer. https://en.wikipedia.org/wiki/Apollo_Guidance_Computer
Apple A17 - Wikipedia.org. (2024, April 4). Apple A17. https://en.wikipedia.org/wiki/Apple_A17
BlackBerry - Wikipedia.org. (2024, April 7). BlackBerry. https://en.wikipedia.org/wiki/BlackBerry
Brock, D., & Laws, D. (2012). The Early History of Microcircuitry: An Overview. IEEE Annals of the History of Computing, 34(1), 7–19. https://doi.org/10.1109/MAHC.2011.85
Electronic organizer - Wikipedia.org. (2024, April 4). Electronic. https://en.wikipedia.org/wiki/Electronic_organizer
Ericcsson.com. (2024, March 31). The Lauhrén system. https://www.ericsson.com/en/about-us/history/changing-the-world/small-steps-great-advances/the-lauhren-system
Graffiti (Palm OS) - Wikipedia.org. (2024, April 4). Graffiti (Palm OS). https://en.wikipedia.org/wiki/Graffiti_(Palm_OS)
HEATH, N., & BEST, J. (2011). From the abacus to the iPhone The 50 breakthroughs that sparked the digital revolution (N. HEATH & J. BEST, Eds.). CBS Interactive UK.
History of mobile phones - Wikipedia.org. (2024, April 1). History of mobile phones. https://en.wikipedia.org/wiki/History_of_mobile_phones
iPhone - Wikipedia.org. (2024, April 4). iPhone. https://en.wikipedia.org/wiki/IPhone
iPod - Wikipedia.org. (2024, April 4). iPod. Https://En.Wikipedia.Org/Wiki/IPod.
MackBook Air - Wikipedia.org. (2024, April 4). MacBook Air. https://en.wikipedia.org/wiki/MacBook_Air
Miller, C. (2023). A guerra dos chips: A batalha pela tecnologia que move o mundo (Editora Globo, Ed.; 1a edição). Editora Globo.
Moore, G. (2021). Cramming More Components onto Integrated Circuits (1965). In Ideas That Created the Future (pp. 261–266). The MIT Press. https://doi.org/10.7551/mitpress/12274.003.0027
Motorola DynaTAC - Wikipedia.org. (2024, April 1). Motorola DynaTAC. Https://En.Wikipedia.Org/Wiki/Motorola_DynaTAC.
Qualcomm. (2024, March 30). Our Company. https://www.qualcomm.com/company#about
Samolu, K. (2012). The History of the Abacus. Journal of School Mathematics, 65, 58–66. https://kb.osu.edu/server/api/core/bitstreams/5ec33729-835c-5b97-8993-f6ea84bd7617/content?utm_source=chatgpt.com
Sony.com. (2024, April 7). Personal Audio. https://www.sony.com/en/SonyInfo/CorporateInfo/History/sonyhistory-e.html
United Nations. (2024, April 8). Mais de três quartos da população mundial possuem um telefone celular. https://news.un.org/pt/story/2023/12/1825432
Windows Embedded Compact - Wikipedia.org. (2024, March 29). Windows Embedded Compact. https://en.wikipedia.org/wiki/Windows_CE
Wondery. (2024). Mac vs PC - Podcast Guerras Comerciais. In https://wondery.com/shows/guerras-comerciais/episode/6436-apple-vs-microsoft-podre-ate-o-caroco/. https://wondery.com/shows/business-wars/episode/5296-apple-vs-microsoft-rotten-to-the-core/
Computing Service Models: General Concepts and Differences Among IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service)
Kriativ-tech Volume 1, Issue 11, Edição Nº 11 – 4-12-2025
Authors
Diogo Correia, Student, ISTEC Lisboa - Instituto Superior de Tecnologias Avançadas Lisboa, Portugal
Andreia Teles Vieira, Assistant Professor at ISTEC Lisboa, CIAC-PLDIS
Media
To cite this article
Diogo Correia, Andreia Teles VieiraComputing Service Models: General Concepts and Differences Among IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service)
Abstract
This study focuses on cloud-computing service models, specifically the differences among IaaS (Infrastructure as a Service), PaaS (Platform as a Service) and SaaS (Software as a Service). Cloud computing is a fundamental technology in today’s business environment, offering advantages such as scalability, cost-efficiency and flexibility. The project seeks to demystify each service model by highlighting its unique characteristics and ideal use cases. IaaS provides virtualised infrastructure, PaaS supplies development platforms, whereas SaaS delivers software applications as a service. The aim is to present a detailed analysis that helps readers identify which model best suits their needs, thereby optimising cloud adoption to achieve greater efficiency and innovation in business.
Keywords
Cloud Computing, IaaS (Infrastructure as a Service), PaaS (Platform as a Service), SaaS (Software as a Service), Scalability, Cost Efficiency, On-demand Self-service, Elasticity, and Scaling
References
[1] Braga, A. S., Silva, G. M., & Barros, M. C. (2012). Cloud computing. Instituto de
Computação-Universidade Estadual de Campinas, 18.
[2] Sousa, F. R., Moreira, L. O., & Machado, J. C. (2009). Computação em nuvem: Conceitos, tecnologias, aplicações e desafios. II Escola Regional de Computação Ceará, Maranhão e Piauí (ERCEMAPI), 150-175.
[3] Oliveira Freitas¹, L., & Neto, A. P. F. COMPUTAÇÃO EM NUVEM: UMA BREVE REVISÃO BIBLIOGRAFICA. energia, 3, 12.
[4] Cogo, G. S. (2013). Análise da intenção de adoção da computação em nuvem por profissionais da área de TI.
[5] Mansur, A. F. U., Gomes, S. S., Lopes, A. D. A., & Biazus, M. C. B. (2010, August). Novos rumos para a Informática na Educação pelo uso da Computação em Nuvem (Cloud Education): Um estudo de Caso do Google Apps. In Foz do Iguaçu: Anais do XVI Congresso Internacional ABED de Educação a Distância (p. 35). Sn
[6] McCoy K. (2017) “Target to pay $18.5M for 2013 data breach that affected 41 million consumers”. USAToday, May 23rd 2017 edition, Money section
[7] Oliveira, C., Fambrini, F., de Oliveira, M. G. C., & Moreira, W. (2020). Computação em
Nuvem
Digitalization and digital marketing: the impact on the Portuguese economy
Kriativ-tech Volume 1, Issue 11, Edição Nº 11 – 14-12-2025
Authors
Ricardo Gonçalves, Master in Data-Driven Marketing, with specializing in Marketing Intelligence, ISTEC Lisboa - Instituto Superior de Tecnologias Avançadas Lisboa, Portugal
Media
To cite this article
Ricardo Gonçalves Digitalization and digital marketing: the impact on the Portuguese economy
Abstract
This article is based on a research whose objective was to identify and analyze the evolution of digital and digital marketing, finding explanatory factors, and its impact on the Portuguese economy, as well as to know the current and emerging challenges for Portuguese companies in the digitalization era and its importance for business survival and competitiveness.
The research has shown that technological progress, namely the registered evolution, dissemination and adoption of digital, are fundamental for the competitiveness and survival of companies and for the economic growth of the country.
Keywords
Technology, digital, digital transition, digital marketing, portuguese economy
References
[1] Dias, Jacqueline (2012). The influence of content marketing on consumer behavior: Analysis of engagement in social networks. Dissertation submitted as partial requirement for obtaining the degree of Master in Advertising and Marketing. ESCS-IPL
[2] Gobira, João (2020). Marketing and digital transformation: how does it relate to the new economy? Available at https://www.startse.com/noticia/mercado/marketing-e-transformacao-digital-qual-a-relacao-disso-com-a-nova-economia ; consulted on 08-05-2022
[3] Peçanha, Vitor (2020). What is Marketing: everything you need to know about the art of winning and retaining customers. Available at https://rockcontent.com/br/blog/o-que-e-marketing/; accessed on 10-05-2022
[4] American Marketing Association (?). Definitions of Marketing. Available at https://www.ama.org/the-definition-of-marketing-what-is-marketing/; retrieved on 11-05-2022
[5] Kotler, Philip, et al. (2012). Marketing Management. In MISIS - Interdisciplinary Journal of Philosophy, Law and Economics. São Paulo - Pearson Education. Volume IV, Number 2 (Issue 8), July-December 2016.
[6] Kotler, Milton, et al. (2020). Marketing strategy in the digital age. World Scientific Publishing Co. Pte. Ltd. Singapore
[7] Kotler, Philip, et al. (2021).Marketing 5.0: Technology for humanity, Conjuntura Actual Editora, Coimbr
[8] Coutinho, Rui (2020). A brave new digital world, more human than ever. Available at https://www.pbs.up.pt/pt/artigos-e-eventos/artigos/um-admiravel-mundo-novo-digital-mais-humano-do-que-nunca/; consulted on 12-05-2022
[9] FIA (2021). Digital Transformation: What it is, Key Causes and Impacts. Available at https://fia.com.br/blog/transformacao-digital/; accessed on 12-05-2022
[10] Rabelo, Agnes (2020). Digital Transformation: what is it and what are its impacts on society. Available at https://rockcontent.com/br/blog/transformacao-digital/; accessed on 14-05-2022
[11] Boston Consulting Group (2018). The impact of digital on the Portuguese economy.
[12] Boston Consulting Group (2021). The road to a bionic Portugal: the digital maturity of the business fabric in Portugal.
[13] Gonçalves, João (2021). Technology, Empowerment and Economic Development. In Kriativ-Tech n.9, October
Zero Trust Architecture Overview
Kriativ-tech Volume 1, Issue 11, Edição Nº 11 – 4-12-2025
Authors
Sérgio Pinto, Invited Assistant Professor, ISTEC Lisboa - Instituto Superior de Tecnologias Avançadas Lisboa, Portugal
Abstract
The Zero Trust Architecture (ZTA) represents a significant paradigm shift in network security by moving away from the traditional perimeter-based model. Instead, it follows the principle of “never trust, always verify”, operating under the assumption that threats may originate both inside and outside the network. This shift requires rigorous verification of every user, device, and application requesting access to protected resources, regardless of their location. Consequently, the core elements of ZTA include strict identity verification and context control for every access request. Moreover, ZTA represents a transformative approach to addressing the limitations of traditional security frameworks. By emphasizing continuous authentication, least-privilege access, microsegmentation, and continuous monitoring, it establishes a robust foundation for protecting sensitive information in an increasingly complex threat landscape. As cyber risks evolve, adopting Zero Trust principles will be critical for organizations seeking to safeguard digital assets while ensuring that trust is never assumed but always verified.
Keywords
Cybersecurity, Zero Trust, “Verify, Control and Enforce”, Authentication, Least Privilege, Monitoring, Segmentation.
References
[1] N. Howe, S. Ganguli, and G. Festa, Seven Elements of Highly Successful Zero Trust Architecture: An Architect’s Guide to the Zscaler Zero Trust Exchange. Zscaler, 2024. [Online]. Available: https://info.zscaler.com/resources-ebooks-seven-elements-of-highly-successful-zta
[2] E. Ok, J. Willams, and J. Nicee, “Understanding Zero Trust Architecture,” 2025. [Online]. Available: https://www.researchgate.net/publication/389713227_Understanding_Zero_Trust_Architecture
[3] O. E. Ejiofor, O. Olusoga, and A. Akinsola, “Zero Trust Architecture: A Paradigm Shift in Network Security,” Computer Science & IT Research Journal, Apr. 2025. [Online]. Available: https://www.researchgate.net/publication/390558157_Zero_trust_architecture_A_paradigm_shift_in_network_security
[4] O. Christopher, T. Tenebe, E. Etu, A. Ayuwu, J. Emakhu, and S. Adebiyi, “Zero Trust Architecture: Trend and Impact on Information Security,” International Journal of Emerging Technology and Advanced Engineering, 2022. [Online]. Available: https://www.researchgate.net/publication/361758378_Zero_Trust_Architecture_Trend_and_Impact_on_Information_Security
[5] National Institute of Standards and Technology (NIST), Zero Trust Architecture, NIST Special Publication 800-207, 2020. [Online]. Available: https://csrc.nist.gov/pubs/sp/800/207/final
[6] J. Keshav, “Zero-Trust Security Models Overview,” 2023. [Online]. Available: https://www.researchgate.net/publication/377247838_Zero-Trust_Security_Models_Overview
[7] D. Holmes, “The Definition of Modern Zero Trust,” Forrester, 2022. [Online]. Available: https://www.forrester.com/blogs/the-definition-of-modern-zero-trust/
[8] J. Hietala, “Zero-Trust Architecture: Why Trusting No One Is a Smart Way to Protect Your IT Infrastructure,” Red Hat, 2022. [Online]. Available: https://www.redhat.com/architect/zero-trust-architecture
[9] Zscaler site, available: https://www.zscaler.com/resources/security-terms-glossary/what-is-zero-trust-architecture
[10] Cloudflare site, available: https://www.cloudflare.com/learning/security/glossary/what-is-zero-trust/
[11] Crowdstrike site, available: https://www.crowdstrike.com/en-us/cybersecurity-101/zero-trust-security/zero-trust-architecture/
VI Abbreviations
AI: Artificial Intelligence
IdP: Identity Provider
IAM: Identity and Access Management
IoT: Internet of Things
OT: Operational Technology
NIST National Institute of Standards and Technology
SSL/TLS:Secure Socket Layer / Transport Layer Security
VM: Virtual Machine
ZT: Zero Trust
ZTA: Zero Trust Architecture
Demystifying Platform Engineering: A Study from Theory to Practice
Kriativ-tech Volume 1, Issue 11, Edição Nº 11 – 4-12-2025
Authors
Tiago Arrulo, Student ISTEC Lisboa
Paulo Duarte Branco, Associate Professor, ISTEC Lisboa, CIAC-PLDIS
Media
To cite this article
Tiago Arrulo, Paulo Duarte Branco Demystifying Platform Engineering: A Study from Theory to Practice
Abstract
The increasing complexity of the modern software development landscape has motivated organizations towards Platform Engineering, as a structured approach to enhance development workflows, improve system reliability and accelerate software delivery. This article provides an analysis of Platform Engineering, exploring its theoretical foundations, benefits and challenges. Using both quantitative data from industry surveys and qualitative data gathered from interviews with industry professionals, the article highlights how Platform Engineering improves developer experience, boosts team productivity and delivers business value. Real-world examples, including a case study from the UAE, reinforce the practical implications of adopting platform-centric strategies. Finally, the study highlights that while Platform Engineering presents organizational benefits, its successful implementation requires significant investment, cultural shifts and strategic alignment between technological capabilities and organizational practices.
Keywords
Developer Experience, Internal Developer Platform, Platform Engineering
References
[1] E. Bottcher, “What I Talk About When I Talk About Platforms.” Accessed: Dec. 15, 2024. [Online]. Available: https://martinfowler.com/articles/talk-about-platforms.html
[2] C. Fournier and I. Nowland, Platform Engineering: A Guide for Technical, Product, and People Leaders, 1st Edition. O’Reilly Media, 2024.
[3] R. Van De Kamp, “Paving the path towards platform engineering using a comprehensive reference model,” 2023. [Online]. Available: http://www.software-engineering-amsterdam.nl
[4] “Platform Engineering That Empowers Users and Reduces Risk.” Accessed: Dec. 14, 2024. [Online]. Available: https://www.gartner.com/en/infrastructure-and-it-operations-leaders/topics/platform-engineering
[5] “Platform tooling landscape.” Accessed: Dec. 15, 2024. [Online]. Available: https://platformengineering.org/platform-tooling
[6] “The State of Platform Engineering Report 2023,” 2023. Accessed: Dec. 14, 2024. [Online]. Available: https://www.puppet.com/resources/state-of-devops-report
[7] M. Campbell, “Platform Engineering Challenges: Small Teams, Build Versus Buy, and Building the Wrong Thing.” Accessed: Jan. 06, 2025. [Online]. Available: https://www.infoq.com/news/2023/02/platform-engineering-challenges/
[8] “Challenges of platform engineering and potential risks.” Accessed: Jan. 06, 2025. [Online]. Available: https://www.stackspot.com/en/blog/challenges-of-platform-engineering-and-potential-risks
[9] “2024 State of DevOps Report: The Evolution of Platform Engineering,” 2024.
[10] “Accelerate State of DevOps 2024,” 2024.
[11] M. El Khatib, H. Alawadhi, and M. Al Mansoori, “Platform Engineering in Manufacturing: Role, Effect, Challenges and Opportunities,” International Journal of Business Analytics and Security, vol. 4, no. 2, p. 2024, doi: 10.54489/ijbas.v4i2.364.
[12] V. Kunchenapalli, “Good Developer Experience with Platform Engineering and Devops,” Int J Res Appl Sci Eng Technol, vol. 12, no. 3, pp. 2240–2244, Mar. 2024, doi: 10.22214/ijraset.2024.58839.
Attack surface management (ASM): Strategic pillar of modern cybersecurity operations
Kriativ-tech Volume 1, Issue 11, Edição Nº 11 – 14-12-2025
Authors
Ivo Ricardo Dias Rosa, Invited Assistant Professor, ISTEC Lisboa - Instituto Superior de Tecnologias Avançadas Lisboa, Portugal
Media
To cite this article
Ivo Ricardo Dias Rosa Attack surface management (ASM): Strategic pillar of modern cybersecurity operations
Abstract
In an increasingly dynamic digital landscape, the expansion of the attack surface has become one of the foremost challenges for modern cybersecurity. Traditional perimeter-based defense models are no longer sufficient in the face of distributed digital assets, widespread cloud adoption, and the proliferation of connected devices. In this context, Attack Surface Management (ASM) emerges as a strategic pillar, enabling organizations to adopt a proactive stance in identifying, monitoring, and mitigating cyber risks. This article explores the core principles of ASM, outlining key categories of the attack surface and addressing both EASM (External Attack Surface Management) and CAASM (Cyber Asset Attack Surface Management) approaches. Strategic benefits—such as continuous visibility, integration with Security Operations Centers (SOCs), and risk-based prioritization—are discussed, along with technical and operational challenges tied to ASM implementation. Practical use cases and performance indicators are presented to support effective exposure management. Ultimately, ASM is positioned as a cybersecurity maturity accelerator, essential for building a resilient and adaptive security posture aligned with regulatory demands and business continuity imperatives in an ever-evolving digital ecosystem.
Keywords
Attack Surface Management (ASM), External Attack Surface Management (EASM), Shadow IT, Threat Intelligence, Risk-Based Prioritization, Cybersecurity Maturity, CI/CD Security, Security Operations Center (SOC), Exposure Management, Regulatory Compliance.
References
[1] M. C. Montoya, D. C. Yates, and P. N. Otto, “Managing Your Digital Attack Surface,” ISACA Journal, vol. 4, pp. 1–5, 2021.
[2] Gartner, “Market Guide for Attack Surface Management,” Gartner Research, 2021.
[3] S. Adair and C. Hessel, “Seeing Your Organization Through the Eyes of an Attacker,” Dragos White Paper, 2020.
[4] ENISA, “Threat Landscape for Attack Surface Management,” European Union Agency for Cybersecurity, 2023.
[5] Palo Alto Networks, “Understanding EASM: External Attack Surface Management,” Palo Alto Whitepaper, 2022.
[6] Rapid7, “InsightVM and ASM Integration Guide,” Rapid7 Documentation, 2021.
[7] M. Curphey, “DevSecOps and ASM Automation,” OWASP Global AppSec, 2020.
[8] Trend Micro, “ASM with API-first Security Architecture,” Trend Micro Blog, 2021
[9] BitSight, “Security Ratings vs. Attack Surface Management: Understanding the Differences,” BitSight Whitepaper, 2022.
[10] Randori, “Real-Time Visibility with ASM,” Randori Attack Surface Report, 2021.
[11] SecurityScorecard, “How Security Ratings Complement ASM,” SecurityScorecard Insights, 2021.
[12] Recorded Future, “Dark Web Monitoring for ASM,” Recorded Future Intelligence Report, 2020.
[13] Forescout Technologies, “Visibility and Control of OT and IoT Assets,” Forescout Whitepaper, 2022.
[14] IBM, “Zero Trust and Endpoint ASM,” IBM Security Report, 2021.
[15] McAfee, “Shadow IT: A Growing Risk,” McAfee Threats Report, 2020.
[16] SANS Institute, “Prioritizing Risk in Attack Surface Management,” SANS White Paper, 2022.
[17] FireEye, “Threat Intelligence for ASM,” FireEye Threat Research, 2021.
[18] Proofpoint, “ASM and Credential Phishing Trends,” Proofpoint Quarterly Report, 2022.
[19] Splunk, “ASM Data in SIEM/SOAR Workflows,” Splunk Security Essentials, 2021.
[20] ISO/IEC, “ISO/IEC 27001:2022 - Information Security,” ISO Standard, 2022.
[21] GitLab, “Shift Left with DevSecOps and ASM,” GitLab DevSecOps Handbook, 2021.
[22] Gartner, “Continuous Threat Exposure Management: A New Framework,” Gartner Report, 2022.
[23] Tenable, “Managing False Positives in ASM,” Tenable Blog, 2021.
[24] Cisco, “ASM Integration Challenges,” Cisco Cybersecurity Series, 2020.
[25] Forrester, “The Limits of Attack Surface Visibility,” Forrester Consulting, 2021.
[26] Netskope, “Discovering Shadow IT Assets,” Netskope Cloud Report, 2020.
[27] Check Point, “Identifying Shadow Cloud Instances,” Check Point Research, 2021.
[28] OWASP, “API Security Top 10,” OWASP Foundation, 2023.
[29] Deloitte, “Cyber Due Diligence in M&A,” Deloitte Insights, 2021.
[30] Bugcrowd, “Zombie Servers and Forgotten Assets,” Bugcrowd ASM Report, 2022.
[31] Axonius, “Asset Inventory Metrics for ASM,” Axonius Tech Brief, 2021.
[32] Gartner, “KPIs for ASM Platforms,” Gartner Research Note, 2021.
[33] Mandiant, “Measuring Exposure Time in ASM,” Mandiant Threat Report, 2022.
[34] ServiceNow, “CMDB Integration with ASM,” ServiceNow Whitepaper, 2021.
[35] Qualys, “Unmanaged Asset Discovery in ASM,” Qualys Whitepaper, 2021.
[36] NIST, “Cybersecurity Framework Implementation Tiers,” NIST CSF, 2020.
[37] ISACA, “Bridging the Gap between IT and Security,” ISACA Cyber Leadership Study, 2022.
[38] CrowdStrike, “Feeding ASM with Endpoint Intelligence,” CrowdStrike Tech Blog, 2021.
[39] Gartner, “Maximizing ROI from ASM Investments,” Gartner Strategic Planning Assumptions, 2021.
[40] Accenture, “ASM Maturity Assessment Framework,” Accenture Cyber Strategy, 2022.
[41] Microsoft, “ASM and Adaptive Security Architecture,” Microsoft Security Blog, 2022.
[42] World Economic Forum, “Cybersecurity Leadership and Communication,” WEF White Paper, 2021.
[43] KPMG, “Cyber Resilience in a Digital World,” KPMG Security Insights, 2022.
The Danger of Ransomware Threats: A Comprehensive Analysis
Kriativ-tech Volume 1, Issue 10, February 2025, Pages: xxx Received: Fev. 25, 2025; Accepted: Fev. 25, 2025. Published: Fev. 25, 2025.
Authors
Pedro Brandao, Full Professor ISTEC, Assistent Professor – Universidade Lusíada de Lisboa - FCEE
Isabel Mendonça. Computer Science Degree Student, Universidade Lusíada de Lisboa - FCEE
Media
To cite this article
Pedro Brandao, Isabel Mendonça The Danger of Ransomware Threats: A Comprehensive Analysis
DOI: 10.31112/kriativ-tech-2023-06-96
Abstract
Ransomware is a type of threat to computer security which involves a program that, when executed, holds a computer system or the user’s data ransom by making them inactive, encrypted, and hidden from the user. After the user’s data is completely encrypted, the attacker will demand a ransom from the victim in exchange for the decryption key. The victim has to obtain and send the payment to the attacker within the given period, or the key will be lost forever. There have been numerous ransomware attacks targeting ordinary users, companies, public sectors, and even high profile medical facilities, to name a few instances [1].
What makes ransomware a dangerous threat is the different types that can be built: including file-encrypting, data-hiding, and lockscreen ransomware. Each of these types is designed to target different aspects of a computer system, and they are typically delivered through various methods as well. This makes it difficult for an average user to understand how ransomware works and how to protect against it. Additionally, since the dawn of Bitcoin, these attacks have spiked. Prior to this modern advancement, attackers needed to ask for bank information, which left a traceable paper trail; therefore, criminals were more afraid of being caught.
There is always something to take away from a ransomware incident whenever it happens. It is important to think ahead and do the R&D to analyze and understand the threat, know how it infects the system, what kind of ransomware was used, where are the encrypted keys stored, can the attack be stopped at any point, etc., while also being careful about how high-risk fields operate. No organization would ever want to lend itself liable to a lawsuit because of negligence due to insufficient security measures and potential harm to other third parties connected to that particular environment.
Keywords
Cybersecurity, Ransomware, Malware.
References
[1] S. M Aziz, "Ransomware in High-Risk Environments," 2016. [PDF]
[2] A. Zimba, M. Chishimba, and S. Chihana, "A Ransomware Classification Framework Based on File-Deletion and File-Encryption Attack Structures," 2021. [PDF]
[3] N. Pattnaik, J. R. C. Nurse, S. Turner, G. Mott et al., "It's more than just money: The real-world harms from ransomware attacks," 2023. [PDF]
[4] J. Ahn, D. Park, C. G. Lee, D. Min et al., "KEY-SSD: Access-Control Drive to Protect Files from Ransomware Attacks," 2019. [PDF]
[5] N. Dugan, "Security awareness training in a corporate setting," 2018. [PDF]
[6] C. J.W. Chew and V. Kumar, "Behaviour based ransomware detection," 2019. [PDF]
[7] K. Cabaj, M. Gregorczyk, and W. Mazurczyk, "Software-Defined Networking-based Crypto Ransomware Detection Using HTTP Traffic Characteristics," 2016. [PDF]
[8] H. Ghayoomi, K. Laskey, E. Miller-Hooks, C. Hooks et al., "Assessing resilience of hospitals to cyberattack," 2021. ncbi.nlm.nih.gov
[9] A. Laszka, S. Farhang, and J. Grossklags, "On the Economics of Ransomware," 2017. [PDF]
[10] J. Pont, O. Abu Oun, C. Brierley, B. Arief et al., "A Roadmap for Improving the Impact of Anti-Ransomware Research," 2019. [PDF]
Using Unreal Engine 5 to realistic rendering of scenes
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
Luísa Orvalho - Professor Coordinator and Research at CITECA- ISTEC Porto
Carlos Couto - Assistant Professor at ISTEC Porto Specialist in Computer Sciences, Researcher at CITECA|ISTEC Porto
Duarte Costa - 3rd year student of the degree in Multimedia Engineering at ISTEC Porto
Gonçalo Leite - 3rd year student of the degree in Multimedia Engineering at ISTEC Porto
Media
To cite this article
Luísa Orvalho, Carlos Couto, Duarte Costa, Gonçalo Leite Using Unreal Engine 5 to realistic rendering of scenes
DOI: 10.31112/kriativ-tech-2023-06-93
Abstract
This scientific paper discusses the Unreal Engine 5 (EU5) game engine and its tools in the field of realistic scene rendering. This real-time 3D image creation tool is used by developers to create photorealistic visuals and immersive experiences. Some of the main features of this graphics engine are presented, such as Nanite, Lumen and MetaHuman Creator, as well as the contributions that its use can bring to the industry of video games, film, architecture, virtual reality.
Keywords
Unreal Engine 5, 3D, Realistic Render Technologies, Nanite, Lumen, MetaHuman Creator, Live Link, ArchViz,Virtual Reality
References
[1] Lumen Technical Details. (2023). https://docs.unrealengine.com/5.0/en-US/lumen-technical-details-in-unreal-engine/. [website]. Unreal Engine.
[2] Hu, A. (2023). How to Use Lumen in Unreal Engine 5. Vertex Mode. https://vertexmode.com/how-to-use-lumen-in-unreal-engine-5/
[3] Epic Games. (2023). Nanite Virtualized Geometry. https://docs.unrealengine.com/5.0/en-US/nanite-virtualized-geometry-in-unreal-engine/. [website]. Unreal Engine.
[4] SkyReal (2023). Nanite, a revolution for virtualized geometry with Unreal Engine 5. SkyReal. https://sky-real.com/news/nanite-a-revolution-for-virtualized-geometry-with-unreal-engine-5/
[5] Fang, Z. Cai, L. & Wang, G. (2021, June 1). MetaHuman Creator The starting point of the metaverse. IEEE Conference Publication | IEEE DOI: 10.1109/ISCTIS51085.2021.00040
[6] Shannon, T. (2017) Unreal Engine 4 for Design Visualization. Addison-Wesley Professional.
[7] Epic Games. (2023). Live Link. [website]. Unreal Engine.https://docs.unrealengine.com/5.0/en-US/live-link-in-unreal-engine/
[8] Salli, M. (2023). 3D Game Character Animations in Unreal Engine 5: Creation and Implementation. Master´s Thesis of Culture and Art submitted to South- Eastern Finland University of Applied Science https://www.theseus.fi/bitstream/handle/10024/796958/Marika_Salli.pdf?sequence=2
[9] https://docs.unrealengine.com/4.27/en-US/AnimatingObjects/SkeletalMeshAnimation/FacialRecordingiPhone/
[10] SkyReal .(2023). SAFRAN: The SkyReal solution accompanies the development of immersive training modules of Safran Engineering Services.[Website]. SkyReal. https://sky-real.com/news/the-skyreal-solution-accompanies-the-development-of-immersive-training-modules-of-safran-engineering-services/
[11] Thomsen, M. (2012b). History of the Unreal Engine - IGN. [Website]. IGN. https://www.ign.com/articles/2010/02/23/history-of-the-unreal-engine
Digital Marketing in the age of Sustainability
Kriativ-tech Volume 1, Issue 9, January 2023, Pages: xxx Received: Jan. 22, 2023; Accepted: Jan. 27, 2023. Published: Mar. 13, 2023.
Authors
Luísa Orvalho - Professor Coordinator and Research at CITECA- ISTEC Porto
Rúben Moleiro - 3rd year undergraduate student in Multimedia Engineering at ISTEC Porto
André Meireles - 3rd year undergraduate student in Multimedia Engineering at ISTEC Porto
Media
To cite this article
Luísa Orvalho Digital Marketing in the age of Sustainability
DOI: 10.31112/kriativ tech 2023 06 94
Abstract
Sustainability, known as one of the pillars of digital transformation, combined with the growing recognition of importance of environmental, social and economic sustainability, creates the need for companies to integrate sustainable practices into their business strategies and into the company's culture and philosophy. This scientific review article explores digital marketing opportunities and challenges in the sustainability era, as a set of strategies that promote sustainable actions and products for a company, this article analyzes the impact of sustainable practices on business strategies and addresses Green IT it also has some examples of good practices of companies that use green marketing.
Keywords
Digital Marketing, Sustainability, Sustainable Practices, Green IT, Green Marketing, Companies with Good Practices.
References
[1] Kotler, P., & Keller, K. L. (2016). Marketing management (15th Ed.). Pearson.
[2] Peattie, S. (2001). Golden goose or wild goose? The hunt for the green consumer. Business strategy and the environment, 10 (4), 187-199.
[3] Chabowski, B. R., Mena, J. A., & Gonzalez-Padron, T. L. (2011). The structure of sustainability research in marketing, 1958–2008: A basis for future research opportunities. Journal of the Academy of Marketing Science, 39 (1), 55-70.
[4] Fuller, D. A. (2012). Sustainable marketing: Managerial- ecological issues (2nd Ed.). SAGE Publications.
[5] Ramus, C. A., & Montiel, I. (2005). When are corporate environmental policies a form of greenwashing? Business & Society, 44 (4), 377-414.
[6] Luchs, M. G., & Swan, K. S. (2011). Perspective: The emergence of sustainable marketing as a discipline. Journal of Public Policy & Marketing, 30(1), 13-17.
[7] Melville, N. (2010). Information Systems Innovation for Environmental Sustainability. MIS Quarterly, 34(1), 1-21.
[8] Murugesan, S. (2008). Harnessing Green IT: Principles and Practices. IT Professional, 10(1), 24-33.
[9] Symons, C. R. (Ed.). (2010). Green IT for Sustainable Business Practice: An ISEB Foundation Guide. BCS, The Chartered Institute for IT.
[10] Zhu, X., & Kraemer, K. L. (2005). Post-Adoption Variations in Usage and Value of E-Business by Organizations: Cross-Country Evidence from the Retail Industry. Information Systems Research, 16(1), 61-84.
[11] United Nations Environment Programme (UNEP). (2011). Greening ICT: Towards a Sustainable World.UNEP.
[12] Höjer, M., & Wangel, J. (2015). Smart sustainable cities: definitions, dimensions, and divergence. Sustainable Development, 23(1), 27-39.
[13] Zutshi, A., Sohal, A., & Al-Ghassani, A. (2019). Towards sustainable digital transformation. Journal of Enterprise Information Management, 32(1), 75-97.
[14] Molla, A., & Abareshi, A. (2018). Green information technology: A comprehensive review on policies, practices, and strategies. Journal of Cleaner Production, 185, 60-82.
[15] Mont, O. K. (2004). Institutionalization of sustainable consumption patterns based on shared use. Ecological Economics, 50(1-2), 135-153. https://doi.org/10.1016/j.ecolecon.2004.03.030