A Novel Security Framework to Mitigate and Avoid Unexpected Security Threats in Saudi Arabia-Reference-Cited by-同舟云学术

A Novel Security Framework to Mitigate and Avoid Unexpected Security Threats in Saudi Arabia

Published:2023-08-09 Issue:4 Volume:13 Page:11445-11450
ISSN:1792-8036
Container-title:Engineering, Technology & Applied Science Research
language:
Short-container-title:Eng. Technol. Appl. Sci. Res.

Author:

Alshammari Ahmad

Abstract

Many organizations around the world suffer large losses due to unexpected risks which can have a profound impact on their survival. This paper presents a novel security framework to address the security needs of Saudi organizations. There are four stages in the security framework: risk assessment and management, security intelligence and analytics, security policies and procedures, and security monitoring. A comprehensive security solution was provided by combining common security frameworks, e.g. ISO/IEC 27001:2013, NIST Cybersecurity Framework, and COBIT. The developed framework was designed to help Saudi organizations identify, assess, and control risks and respond to unexpected events in a timely and effective manner. It is expected to help organizations develop and implement effective security measures to protect their critical assets and operations from security threats. The proposed framework is comprehensive and can cover most organizations' requirements.

Publisher

Engineering, Technology & Applied Science Research

Subject

General Medicine

Reference63 articles.

1. R. Saint-Germain, "Information security management best practice based on ISO/IEC 17799; the international information security standard provides a framework for ensuring business continuity, maintaining legal compliance, and achieving a competitive edge," Information Management Journal, vol. 39, no. 4, pp. 60–66, Jul. 2005.

2. Lynette Mears and R. von Solms, "Corporate Information Security Governance: A Holistic Approach," presented at the ISSA 2004 enabling tomorrow Conference, Johannesburg, South Africa, 2004.

3. M. Malatji, "Management of enterprise cyber security: A review of ISO/IEC 27001:2022," in 2023 International Conference On Cyber Management And Engineering (CyMaEn), Bangkok, Thailand, Jan. 2023, pp. 117–122.

4. P. Radanliev, "Review and Comparison of US, EU, and UK Regulations on Cyber Risk/Security of the Current Blockchain Technologies: Viewpoint from 2023," The Review of Socionetwork Strategies, May 2023.

5. Lilis Griffith Toyner; Sfenrianto Sfenrianto, "Information System Security Evaluation Using COBIT 5 Framework," Journal of Information System Management (JOISM), vol. 4, no. 2, pp. 147–157, 2023.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Developing an Abstraction Framework for Managing and Controlling Saudi Banks’ Cybersecurity Threats Based on the NIST Cybersecurity Framework and ISO/IEC 27001;Journal of Software Engineering and Applications;2023