安全控制评估挑战的系统文献综述

2022 IEEE 12th International Conference on Control System, Computing and Engineering (ICCSCE) Pub Date : 2022-10-21 DOI:10.1109/ICCSCE54767.2022.9935661

N. Othman, A. Norman, M. L. M. Kiah

{"title":"安全控制评估挑战的系统文献综述","authors":"N. Othman, A. Norman, M. L. M. Kiah","doi":"10.1109/ICCSCE54767.2022.9935661","DOIUrl":null,"url":null,"abstract":"The advancement of cybersecurity has called for active effective information security management. Security control (SC) assessment must be empowered to ensure that security implementation is effective and provides expected protection. Lack of comprehensive literature analysis on SC assessment compared to risk and threats assessments are concerning. This research aims to systematically review the trends of SC assessment by identifying, categorizing and analyzing the challenges and available solutions of SC assessment. 34 articles were qualitatively selected with a definite contribution in SC assessment. These articles were reviewed using thematic analysis according to Theme 1: Assessment Challenges, and Theme 2: Proposed Solution. Findings from each theme are systematically categorized to answer research questions. The results of this review are significant in identifying the issues and areas of improvement for future research and can serve as the baseline for SC assessment characteristics.","PeriodicalId":346014,"journal":{"name":"2022 IEEE 12th International Conference on Control System, Computing and Engineering (ICCSCE)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Systematic Literature Review of Security Control Assessment Challenges\",\"authors\":\"N. Othman, A. Norman, M. L. M. Kiah\",\"doi\":\"10.1109/ICCSCE54767.2022.9935661\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The advancement of cybersecurity has called for active effective information security management. Security control (SC) assessment must be empowered to ensure that security implementation is effective and provides expected protection. Lack of comprehensive literature analysis on SC assessment compared to risk and threats assessments are concerning. This research aims to systematically review the trends of SC assessment by identifying, categorizing and analyzing the challenges and available solutions of SC assessment. 34 articles were qualitatively selected with a definite contribution in SC assessment. These articles were reviewed using thematic analysis according to Theme 1: Assessment Challenges, and Theme 2: Proposed Solution. Findings from each theme are systematically categorized to answer research questions. The results of this review are significant in identifying the issues and areas of improvement for future research and can serve as the baseline for SC assessment characteristics.\",\"PeriodicalId\":346014,\"journal\":{\"name\":\"2022 IEEE 12th International Conference on Control System, Computing and Engineering (ICCSCE)\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 12th International Conference on Control System, Computing and Engineering (ICCSCE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCSCE54767.2022.9935661\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 12th International Conference on Control System, Computing and Engineering (ICCSCE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCSCE54767.2022.9935661","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

网络安全的发展要求对信息安全进行积极有效的管理。必须授权安全控制(SC)评估，以确保安全实现有效并提供预期的保护。与风险和威胁评估相比，SC评估缺乏全面的文献分析令人担忧。本研究旨在通过识别、分类和分析供应链评估的挑战和可用的解决方案，系统地回顾供应链评估的趋势。定性选择34篇在SC评估中有明确贡献的文章。根据主题1:评估挑战和主题2:建议的解决方案对这些文章进行了专题分析。每个主题的发现都被系统地分类，以回答研究问题。本综述的结果对于确定未来研究的问题和改进领域具有重要意义，并且可以作为SC评估特征的基线。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Systematic Literature Review of Security Control Assessment Challenges

The advancement of cybersecurity has called for active effective information security management. Security control (SC) assessment must be empowered to ensure that security implementation is effective and provides expected protection. Lack of comprehensive literature analysis on SC assessment compared to risk and threats assessments are concerning. This research aims to systematically review the trends of SC assessment by identifying, categorizing and analyzing the challenges and available solutions of SC assessment. 34 articles were qualitatively selected with a definite contribution in SC assessment. These articles were reviewed using thematic analysis according to Theme 1: Assessment Challenges, and Theme 2: Proposed Solution. Findings from each theme are systematically categorized to answer research questions. The results of this review are significant in identifying the issues and areas of improvement for future research and can serve as the baseline for SC assessment characteristics.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE 12th International Conference on Control System, Computing and Engineering (ICCSCE)

自引率

0.00%

发文量