Ciência_Iscte Comunicações Descrição Detalhada da Comunicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Teodoro, N, Luis Gonçalves & Serrão, C. (2015). NIST CyberSecurity Framework Compliance -  A Generic Model for Dynamic Assessment and Predictive Requirements. 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15). III, 418-425

Exportar Referência (IEEE)

N. F. Teodoro et al.,  "NIST CyberSecurity Framework Compliance -  A Generic Model for Dynamic Assessment and Predictive Requirements", in 14th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15), Helsinquia, vol. III, pp. 418-425, 2015

Exportar BibTeX

@misc{teodoro2015_1775514883119,
	author = "Teodoro, N and Luis Gonçalves and Serrão, C.",
	title = "NIST CyberSecurity Framework Compliance -  A Generic Model for Dynamic Assessment and Predictive Requirements",
	year = "2015",
	howpublished = "Ambos (impresso e digital)",
	url = "http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=7345310&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D7345310"
}

Exportar RIS

TY  - CPAPER
TI  - NIST CyberSecurity Framework Compliance -  A Generic Model for Dynamic Assessment and Predictive Requirements
T2  - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15)
VL  - III
AU  - Teodoro, N
AU  - Luis Gonçalves
AU  - Serrão, C.
PY  - 2015
SP  - 418-425
CY  - Helsinquia
UR  - http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=7345310&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D7345310
AB  - Organizations have become increasingly dependent on information systems to perform their business as usual activities. Moreover, organizations have registered an increase in the number of cyber-attacks, namely: industrial espionage, confidential information leakage, digital theft or pure damage to corporate image and reputation. In order to try to mitigate these issues, organizations like the National Institute of Standards and Technology (NIST) have made an effort to establish a cybersecurity protection guide. This paper presents a baseline for developing a generic and flexible model for manipulating key factors inside organizations: Processes, Human Resources and Technology, and extrapolate the percentage of compliance with the NIST cybersecurity framework, measure the current cybersecurity risk and allocate financial investments towards specific compliance objectives and reduce the overlapping of existing resources.

ER  -