Abstract
As cyber-attacks grow worldwide, companies have begun to realize the importance of being protected against malicious actions that seek to violate their systems and access their information assets. Faced with this scenario, organizations must carry out correct and efficient management of their information security, which implies that they must adopt a proactive attitude, implementing standards that allow them to reduce the risk of computer attacks. Unfortunately, the problem is not only implementing a standard but also determining the best way to do it, defining an implementation path that considers the particular objectives and conditions of the organization and its availability of resources. This paper proposes a methodological approach for selecting and planning security controls, standardizing and systematizing the process by modeling the situation (objectives and constraints), and applying optimization techniques. The work presents an evaluation of the proposal through a methodology adoption study. This study showed a tendency of the study subjects to adopt the proposal, perceiving it as a helpful element that adapts to their way of working. The main weakness of the proposal was centered on ease of use since the modeling and resolution of the problem require advanced knowledge of optimization techniques.
Funder
Universidad de La Frontera
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference96 articles.
1. Internet of things: Information security challenges and solutions;Miloslavskaya;Clust. Comput.,2019
2. Mariano Díaz, R. (2020). La Ciberseguridad en Tiempos del COVID-19 y el Tránsito Hacia una Ciberinmunidad, CEPAL.
3. Cybersecurity: Risks, vulnerabilities and countermeasures to prevent social engineering attacks;Conteh;Int. J. Adv. Comput. Res.,2016
4. Information systems control: A review and framework for emerging information systems processes;Cram;J. Assoc. Inf. Syst.,2016
5. Sousa, V. (2019, January 16). A Review on Cyber Attacks and Its Preventive Measures. Proceedings of the Digital Privacy and Security Conference, Porto, Portugal.
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献