A Novel Security Framework to Mitigate and Avoid Unexpected Security Threats in Saudi Arabia-Reference-Cited by-同舟云学术

A Novel Security Framework to Mitigate and Avoid Unexpected Security Threats in Saudi Arabia

Published:2023-08-09 Issue:4 Volume:13 Page:11445-11450
ISSN:1792-8036
Container-title:Engineering, Technology & Applied Science Research
language:
Short-container-title:Eng. Technol. Appl. Sci. Res.

Author:

Alshammari Ahmad

Abstract

Many organizations around the world suffer large losses due to unexpected risks which can have a profound impact on their survival. This paper presents a novel security framework to address the security needs of Saudi organizations. There are four stages in the security framework: risk assessment and management, security intelligence and analytics, security policies and procedures, and security monitoring. A comprehensive security solution was provided by combining common security frameworks, e.g. ISO/IEC 27001:2013, NIST Cybersecurity Framework, and COBIT. The developed framework was designed to help Saudi organizations identify, assess, and control risks and respond to unexpected events in a timely and effective manner. It is expected to help organizations develop and implement effective security measures to protect their critical assets and operations from security threats. The proposed framework is comprehensive and can cover most organizations' requirements.

Publisher

Engineering, Technology & Applied Science Research

Subject

General Medicine

Reference63 articles.

1. R. Saint-Germain, "Information security management best practice based on ISO/IEC 17799; the international information security standard provides a framework for ensuring business continuity, maintaining legal compliance, and achieving a competitive edge," Information Management Journal, vol. 39, no. 4, pp. 60–66, Jul. 2005.

2. Lynette Mears and R. von Solms, "Corporate Information Security Governance: A Holistic Approach," presented at the ISSA 2004 enabling tomorrow Conference, Johannesburg, South Africa, 2004.

3. M. Malatji, "Management of enterprise cyber security: A review of ISO/IEC 27001:2022," in 2023 International Conference On Cyber Management And Engineering (CyMaEn), Bangkok, Thailand, Jan. 2023, pp. 117–122.

4. P. Radanliev, "Review and Comparison of US, EU, and UK Regulations on Cyber Risk/Security of the Current Blockchain Technologies: Viewpoint from 2023," The Review of Socionetwork Strategies, May 2023.

5. Lilis Griffith Toyner; Sfenrianto Sfenrianto, "Information System Security Evaluation Using COBIT 5 Framework," Journal of Information System Management (JOISM), vol. 4, no. 2, pp. 147–157, 2023.

Cited by 11 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A model on workarounds and information security integrity;South African Journal of Information Management;2024-08-30

2. A Detection Android Cybercrime Model utilizing Machine Learning Technology;Engineering, Technology & Applied Science Research;2024-08-02

3. Preliminary Model on Factors Influencing the Adoption of Medical Internet of Things (MIoT) Systems in Small and Medium-sized Hospitals in Saudi Arabia;2024 3rd International Conference on Computational Modelling, Simulation and Optimization (ICCMSO);2024-06-14

4. IoT Security Model for Smart Cities based on a Metamodeling Approach;Engineering, Technology & Applied Science Research;2024-06-01

5. A Forensic Framework for gathering and analyzing Database Systems using Blockchain Technology;Engineering, Technology & Applied Science Research;2024-06-01