A security review of local government using NIST CSF: a case study-Reference-Cited by-同舟云学术

A security review of local government using NIST CSF: a case study

Published:2018-07-12 Issue:10 Volume:74 Page:5171-5186
ISSN:0920-8542
Container-title:The Journal of Supercomputing
language:en
Short-container-title:J Supercomput

Author:

Ibrahim Ahmed^ORCID,Valli Craig,McAteer Ian,Chaudhry Junaid

Abstract

Abstract Evaluating cyber security risk is a challenging task regardless of an organisation’s nature of business or size, however, an essential activity. This paper uses the National Institute of Standards and Technology (NIST) cyber security framework (CSF) to assess the cyber security posture of a local government organisation in Western Australia. Our approach enabled the quantification of risks for specific NIST CSF core functions and respective categories and allowed making recommendations to address the gaps discovered to attain the desired level of compliance. This has led the organisation to strategically target areas related to their people, processes, and technologies, thus mitigating current and future threats.

Publisher

Springer Science and Business Media LLC

Subject

Hardware and Architecture,Information Systems,Theoretical Computer Science,Software

Link

http://link.springer.com/article/10.1007/s11227-018-2479-2/fulltext.html

Reference32 articles.

1. Abrams M, Weiss J (2008) Malicious control system cyber security attack case study: Maroochy water services, Australia. https://www.mitre.org/sites/default/files/pdf/08_1145.pdf . Accessed 29 Jan 2018

2. Angelini M, Lenti S, Santucci G (2017) Crumbs: a cyber security framework browser. In: 2017 IEEE Symposium on Visualization for Cyber Security (VizSec). IEEE, pp 1–8

3. BSI Group (2011) Case study Thames Security Shredding (TSS) Ltd. https://www.bsigroup.com/Documents/iso-27001/case-studies/BSI-ISO-IEC-27001-case-study-Thames-Security-UK-EN.pdf?epslanguage=en-MY . Accessed 15 Feb 2018

4. BSI Group (2012) How Fredrickson has reduced third party scrutiny and protected its reputation with ISO 27001 certification. https://www.bsigroup.com/Documents/iso-27001/case-studies/BSI-ISO-IEC-27001-case-study-Fredrickson-International-EN-UK.pdf?epslanguage=en-MY . Accessed 15 Feb 2018

5. BSI Group (2013) Implementing best practice and improving client confidence with ISO/IEC 27001. https://www.bsigroup.com/Documents/iso-27001/case-studies/BSI-ISO-IEC-27001-case-study-Legal-Ombudsman-UK-EN.pdf . Accessed 15 Feb 2018

Cited by 30 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Stronger together? EU Support for Ukrainian Local Authorities Facing Cyber Attacks (2022-2023);Applied Cybersecurity & Internet Governance;2024-07-23

2. Local Government Cybersecurity Landscape: A Systematic Review and Conceptual Framework;Applied Sciences;2024-06-25

3. Understanding Local Government Cybersecurity Policy: A Concept Map and Framework;Information;2024-06-10

4. Industry 4.0 data security: A cybersecurity frameworks review;Journal of Industrial Information Integration;2024-05

5. Weathering the storm: examining how organisations navigate the sea of cybersecurity regulations;European Journal of Information Systems;2024-04-26