Nowadays, every company should be aware of the importance and the way business information should be treated since it is one of their most important assets. Unfortunately, not all are sure about their actual value, and so, they may be exposed to large losses.According to EY, 41% of companies consider that they have minimum probabilities to detect a sophisticated attack. The main reason that hinders the effectiveness of information security is due to budgetary restrictions and the lack of specialized resources.To protect the information, companies must determine their risk exposure, for which it's advisable to use methodologies, reference frameworks or standards for information security risk analysis. This project consists on implementing an information security risk management model for SMEs, integrating the OCTAVE-S methodology and the ISO/IEC 27005 standard. This covers the analysis of methodologies and risk management standards, the design of the information security risk management model, the validation of the model in a SME in the sales process.This integration provides a timely and effective identification of the risks of the qualitative approach and makes it possible to take advantage of the values identified for the assets of the quantitative approach. Furthermore, this allows identifying the main information security risks by rating and treating them according to the needs of the company. It's expected that this model will help in the management of information security risks within SMEs, in order to reduce the impact of risks to which they may be exposed.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.