Please use this identifier to cite or link to this item:
Author(s): Teodoro, N
Gonçalves, L.
Serrão, C.
Editor: Raimo Kantola, Aalto-Yliopisto
Date: 2015
Title: NIST cybersecurity framework compliance: A generic model for dynamic assessment and predictive requirements
Volume: 3
Event title: ISPA 2015
ISBN: 978-1-4673-7951-9
DOI (Digital Object Identifier): 10.1109/Trustcom.2015.402
Keywords: NIST
Resources optimization
Information security
Generic model
Abstract: Organizations have become increasingly dependent on information systems to perform their business as usual activities. Moreover, organizations have registered an increase in the number of cyber-attacks, namely: industrial espionage, confidential information leakage, digital theft or pure damage to corporate image and reputation. In order to try to mitigate these issues, organizations like the National Institute of Standards and Technology (NIST) have made an effort to establish a cybersecurity protection guide. This paper presents a baseline for developing a generic and flexible model for manipulating key factors inside organizations: Processes, Human Resources and Technology, and extrapolate the percentage of compliance with the NIST cybersecurity framework, measure the current cybersecurity risk and allocate financial investments towards specific compliance objectives and reduce the overlapping of existing resources.
Peerreviewed: yes
Access type: Open Access
Appears in Collections:ISTAR-CRI - Comunicações a conferências internacionais

Files in This Item:
File Description SizeFormat 
conferenceobject_24162.pdfVersão Submetida5,81 MBAdobe PDFView/Open

FacebookTwitterDeliciousLinkedInDiggGoogle BookmarksMySpaceOrkut
Formato BibTex mendeley Endnote Logotipo do DeGóis Logotipo do Orcid 

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.