Affiliation:
1. University of Trás-os-Montes and Alto Douro, Portugal
2. INESC-TEC, University of Porto, Portugal
3. COPELABS - Lusófona University, Portugal
Abstract
The global overview of the challenges faced in trying to minimise the risks of organisations in the face of cyber-attacks is arduous for any organisation. Defining an appropriate risk management model that proactively minimises cybersecurity incidents is a critical challenge. Many malicious attacks occur daily, and there is only sometimes an adequate response. There is a significant investment in research to identify the main factors that may cause such incidents, always trying to have the most appropriate response and, consequently, potentiating the response capacity and success. At the same time, several different methodologies evaluate risk management and the maturity level of organisations. Due to the lack of predictive models based on data (evidence), there is a significant investment in research to identify the main factors that may cause such incidents, starting to design models based on AI - Artificial Intelligence. This research will go in the direction of developing a user-friendly model supporting the assessment of the methodological aspects of an organisation.
Reference54 articles.
1. ENISA. (n.d.). Compendium of risk management frameworks. European Agency for Cybersecurity. https://www.enisa.europa.eu/publications/compendium-of-risk-management-frameworks
2. Cyber Threat Intelligence – Issue and Challenges
3. Ahmad, A., Desouza, K. C., Maynard, S. B., Naseer, H., & Baskerville, R. L. (2020). How the integration of cyber security management and incident response enables organisational learning.
4. Alberts, C., & Dorofee, A. (2002). Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process. Managing Information Security Risks: The OCTAVESM Approach. Addison Wesley. https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.461.7807&rep=rep1&type=pdf
5. Information security governance challenges and critical success factors: Systematic review