Please use this identifier to cite or link to this item:
http://hdl.handle.net/10071/25132
Author(s): | Teodoro, N Gonçalves, L. Serrão, C. |
Editor: | Raimo Kantola, Aalto-Yliopisto |
Date: | 2015 |
Title: | NIST cybersecurity framework compliance: A generic model for dynamic assessment and predictive requirements |
Volume: | 3 |
Event title: | ISPA 2015 |
ISBN: | 978-1-4673-7951-9 |
DOI (Digital Object Identifier): | 10.1109/Trustcom.2015.402 |
Keywords: | NIST Compliance Cybersecurity Resources optimization Information security Generic model Privacy |
Abstract: | Organizations have become increasingly dependent on information systems to perform their business as usual activities. Moreover, organizations have registered an increase in the number of cyber-attacks, namely: industrial espionage, confidential information leakage, digital theft or pure damage to corporate image and reputation. In order to try to mitigate these issues, organizations like the National Institute of Standards and Technology (NIST) have made an effort to establish a cybersecurity protection guide. This paper presents a baseline for developing a generic and flexible model for manipulating key factors inside organizations: Processes, Human Resources and Technology, and extrapolate the percentage of compliance with the NIST cybersecurity framework, measure the current cybersecurity risk and allocate financial investments towards specific compliance objectives and reduce the overlapping of existing resources. |
Peerreviewed: | yes |
Access type: | Open Access |
Appears in Collections: | ISTAR-CRI - Comunicações a conferências internacionais |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
conferenceobject_24162.pdf | Versão Submetida | 5,81 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.