Loading…

AVARCIBER: a framework for assessing cybersecurity risks

The identification and assessment of risks are a fundamental part of cybersecurity. Determining the elements that participate in this field is difficult because there is no exclusive approach to cybersecurity. This document aims to provide a framework to identify and assess cybersecurity risks. For...

Full description

Saved in:
Bibliographic Details
Published in:Cluster computing 2020-09, Vol.23 (3), p.1827-1843
Main Authors: Rea-Guaman, Angel Marcelo, Mejía, Jezreel, San Feliu, Tomas, Calvo-Manzano, Jose A.
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The identification and assessment of risks are a fundamental part of cybersecurity. Determining the elements that participate in this field is difficult because there is no exclusive approach to cybersecurity. This document aims to provide a framework to identify and assess cybersecurity risks. For this, a systematic review of the studies related to cybersecurity risk taxonomies was carried out. The main elements of the proposed conceptual model and framework have been determined by applying the snowball technique. To validate the implementation of the proposed framework, a case study has been implemented at the Ecuadorian Social Security Institute. The first task was to consolidate the information in a baseline. Once the baseline was obtained, the defined framework has been applied. As a result, through the use of the proposed framework, the assessment process has improved the decision-making process regarding the importance and criticality of the risks and countermeasures that must be applied.
ISSN:1386-7857
1573-7543
DOI:10.1007/s10586-019-03034-9