Português
Ciência_Iscte
Publications
Publication Detailed Description
NIST cybersecurity framework compliance: A generic model for dynamic assessment and predictive requirements
Proceedings 13th IEEE International Symposium on Parallel and Distributed Processing with Applications
Year (definitive publication)
2015
Language
English
Country
United States of America
More Information
Web of Science®
Scopus
Google Scholar
Abstract
Organizations have become increasingly dependent on information systems to perform their business as usual activities. Moreover, organizations have registered an increase in the number of cyber-attacks, namely: industrial espionage, confidential information leakage, digital theft or pure damage to corporate image and reputation. In order to try to mitigate these issues, organizations like the National Institute of Standards and Technology (NIST) have made an effort to establish a cybersecurity protection guide. This paper presents a baseline for developing a generic and flexible model for manipulating key factors inside organizations: Processes, Human Resources and Technology, and extrapolate the percentage of compliance with the NIST cybersecurity framework, measure the current cybersecurity risk and allocate financial investments towards specific compliance objectives and reduce the overlapping of existing resources.
Acknowledgements
--
Keywords
NIST,Compliance,Cybersecurity,Resources optimization,Information security,Generic model,Privacy
Fields of Science and Technology Classification
- Physical Sciences - Natural Sciences
Funding Records
| Funding Reference | Funding Entity |
|---|---|
| UID/MULTI/0446/2013 | Fundação para a Ciência e a Tecnologia |
