Osamah M. Al-Matari, Iman M. A. Helal, Sherif A. Mazen, Sherif Elhennawy
{"title":"网络安全审计集成框架","authors":"Osamah M. Al-Matari, Iman M. A. Helal, Sherif A. Mazen, Sherif Elhennawy","doi":"10.1080/19393555.2020.1834649","DOIUrl":null,"url":null,"abstract":"ABSTRACT Organizations receive several cyberattacks on their daily operations, thus the need for auditing. However, there is no unified tool to perform cybersecurity audit tasks which are expensive and tedious. In this paper, we build a cybersecurity framework to perform cybersecurity auditing process in organizations. It covers several types of threats and risks by providing the information systems auditors and cybersecurity professionals with several types of controls. Moreover, it illustrates the essential tools and techniques for cybersecurity auditing. The proposed framework clarifies the security issues through output reports. These reports specify the cybersecurity gaps. Also, it helps practitioners to generate an integrated tool to support cybersecurity auditors learning how to secure organizations and finding a mechanism to achieve the cybersecurity audit tasks.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Integrated framework for cybersecurity auditing\",\"authors\":\"Osamah M. Al-Matari, Iman M. A. Helal, Sherif A. Mazen, Sherif Elhennawy\",\"doi\":\"10.1080/19393555.2020.1834649\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT Organizations receive several cyberattacks on their daily operations, thus the need for auditing. However, there is no unified tool to perform cybersecurity audit tasks which are expensive and tedious. In this paper, we build a cybersecurity framework to perform cybersecurity auditing process in organizations. It covers several types of threats and risks by providing the information systems auditors and cybersecurity professionals with several types of controls. Moreover, it illustrates the essential tools and techniques for cybersecurity auditing. The proposed framework clarifies the security issues through output reports. These reports specify the cybersecurity gaps. Also, it helps practitioners to generate an integrated tool to support cybersecurity auditors learning how to secure organizations and finding a mechanism to achieve the cybersecurity audit tasks.\",\"PeriodicalId\":103842,\"journal\":{\"name\":\"Information Security Journal: A Global Perspective\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information Security Journal: A Global Perspective\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/19393555.2020.1834649\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Security Journal: A Global Perspective","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/19393555.2020.1834649","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
ABSTRACT Organizations receive several cyberattacks on their daily operations, thus the need for auditing. However, there is no unified tool to perform cybersecurity audit tasks which are expensive and tedious. In this paper, we build a cybersecurity framework to perform cybersecurity auditing process in organizations. It covers several types of threats and risks by providing the information systems auditors and cybersecurity professionals with several types of controls. Moreover, it illustrates the essential tools and techniques for cybersecurity auditing. The proposed framework clarifies the security issues through output reports. These reports specify the cybersecurity gaps. Also, it helps practitioners to generate an integrated tool to support cybersecurity auditors learning how to secure organizations and finding a mechanism to achieve the cybersecurity audit tasks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
