{"title":"预测网络安全风险——一种评估方法","authors":"Daniel Jorge Ferreira, Henrique São Mamede","doi":"10.56394/aris2.v2i2.23","DOIUrl":null,"url":null,"abstract":"Defining an appropriate cybersecurity incident response model is a critical challenge that all companies face on a daily basis.However, there is not always an adequate answer. This is due to the lack of predictive models based on data (evidence). There is a significant investment in research to identify the main factors that can cause such incidents, always trying to have the most appropriate response and, consequently, enhancing response capacity and success. At the same time, several different methodologies assess the risk management and maturity level of organizations.There is, however, a gap in determining an organization's degree of proactive responsiveness to successfully adopt cybersecurity and an even more significant gap in assessing it from a risk management perspective. This paper proposes a model to evaluate this capacity, a model that intends to evaluate the methodological aspects of an organization and indicates the apparent gaps that can negatively impact the future of the organization in the management of cybersecurity incidents and presents a model that intends to be proactive.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Predicting Cybersecurity Risk - A Methodology for Assessments\",\"authors\":\"Daniel Jorge Ferreira, Henrique São Mamede\",\"doi\":\"10.56394/aris2.v2i2.23\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Defining an appropriate cybersecurity incident response model is a critical challenge that all companies face on a daily basis.However, there is not always an adequate answer. This is due to the lack of predictive models based on data (evidence). There is a significant investment in research to identify the main factors that can cause such incidents, always trying to have the most appropriate response and, consequently, enhancing response capacity and success. At the same time, several different methodologies assess the risk management and maturity level of organizations.There is, however, a gap in determining an organization's degree of proactive responsiveness to successfully adopt cybersecurity and an even more significant gap in assessing it from a risk management perspective. This paper proposes a model to evaluate this capacity, a model that intends to evaluate the methodological aspects of an organization and indicates the apparent gaps that can negatively impact the future of the organization in the management of cybersecurity incidents and presents a model that intends to be proactive.\",\"PeriodicalId\":438607,\"journal\":{\"name\":\"ARIS2 - Advanced Research on Information Systems Security\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ARIS2 - Advanced Research on Information Systems Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.56394/aris2.v2i2.23\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ARIS2 - Advanced Research on Information Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.56394/aris2.v2i2.23","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Predicting Cybersecurity Risk - A Methodology for Assessments
Defining an appropriate cybersecurity incident response model is a critical challenge that all companies face on a daily basis.However, there is not always an adequate answer. This is due to the lack of predictive models based on data (evidence). There is a significant investment in research to identify the main factors that can cause such incidents, always trying to have the most appropriate response and, consequently, enhancing response capacity and success. At the same time, several different methodologies assess the risk management and maturity level of organizations.There is, however, a gap in determining an organization's degree of proactive responsiveness to successfully adopt cybersecurity and an even more significant gap in assessing it from a risk management perspective. This paper proposes a model to evaluate this capacity, a model that intends to evaluate the methodological aspects of an organization and indicates the apparent gaps that can negatively impact the future of the organization in the management of cybersecurity incidents and presents a model that intends to be proactive.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
