A Collaborative System Offering Security Management Services for SMEs/mEs

Ntouskas, Theodoros; Papanikas, Dimitrios; Polemi, Nineta

doi:10.1007/978-3-642-33448-1_30

Cited by 7 publications

(10 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to meet these requirements, we modified the risk management methodology STORM-RM [22][23] [24], in order to be applicable to ports/ICT environments. We implemented it as a service in the collaborative port security management environment S-Port [ [29]). …”

Section: Overview Of the S-port System And Its Servicesmentioning

confidence: 99%

“…The STORM environment utilizes web 2.0 technologies in order to provide a collaborative security management of PICT systems with a series of user friendly services [26][28] [29]. Remarkable services are (a) the STORM-RM services that implement all the phases of the risk management methodology and offer them as separated services, and (b) the Security Awareness services (e.g., wiki, forum and a digital library that help users collaborate, communicate and find solutions and training material for security management purposes).…”

Section: Overview Of the S-port System And Its Servicesmentioning

confidence: 99%

See 1 more Smart Citation

S-Port: Collaborative security management of Port Information systems

et al. 2013

Self Cite

View full text Add to dashboard Cite

Port Information and Communication Technology (PICT) systems offer a series of critical services rendering their effective security management an issue of vital importance. Existing regulation, standardization, and risk management methodologies do not adequately address the cyber threats the dependent environment of PICT systems is exposed to. In the SPort project, we identified and addressed these needs by proposing a collaborative environment offering customized security management services targeted at the unique needs of port authorities. The success of S-Port has been deployed in three commercial ports, so as to assist them in self managing security and risks. In this paper, we present the main objectives and core functionalities of S-Port environment, as well as the overall results of its assessment.

show abstract

Section: Overview Of the S-port System And Its Servicesmentioning

confidence: 99%

Section: Overview Of the S-port System And Its Servicesmentioning

confidence: 99%

S-Port: Collaborative security management of Port Information systems

et al. 2013

Self Cite

View full text Add to dashboard Cite

show abstract

“…The second security management need is addressed in S-PORT by developing a collaborative environment [14] (a recent trend in Web services applied in various sectors e.g. e-commerce [10], [11], e-government [7] and e-migration, [17]) using innovative Web2.0 technologies. The S-PORT environment [14], [15] is a parameterisation of the STORM security management environment [12] addressing the specific needs of PIT and involving all PIT users in the security management procedures.…”

Section: S-port: a National Projectmentioning

confidence: 99%

Open Issues and Proposals in the IT Security Management of Commercial Ports: The S-PORT National Case

Polemi

Ntouskas

2012

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

Commercial ports are large scale infrastructures which their Information and Telecommunication (PIT) systems offer critical services and host sensitive data. However the current maritime legislation or standardization efforts do not sufficiently cover the IT security of the commercial ports. Identifying these needs we propose a collaborative environment offering security management services including a targeted risk management methodology which will help commercial ports to self manage their security.

show abstract

“…Small and medium-sized businesses (SMBs) as the foundation of the EU's economy [1] are the weakest spot for cyber-attacks [2,3]. SMBs have specific characteristics, and these characteristics separate them from large companies and make them highly vulnerable to security attacks [4][5][6][7].…”

Section: Introductionmentioning

confidence: 99%

“…The lack of financial resources, expertise, written formal security policies, and also the common wrong attitude towards security and risks are some of these characteristics. Previous studies considered these characteristics and their influences on SMBs' resilience to security threats [3,[8][9][10].…”

Section: Introductionmentioning

confidence: 99%

Automating the Communication of Cybersecurity Knowledge: Multi-case Study

Shojaifar

Fricker

Gwerder³

2020

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Cybersecurity is essential for the protection of companies against cyber threats. Traditionally, cybersecurity experts assess and improve a company's capabilities. However, many small and medium-sized businesses (SMBs) consider such services not to be affordable. We explore an alternative do-ityourself (DIY) approach to bringing cybersecurity to SMBs. Our method and tool, CYSEC, implements the Self-Determination Theory (SDT) to guide and motivate SMBs to adopt good cybersecurity practices. CYSEC uses assessment questions and recommendations to communicate cybersecurity knowledge to the end-user SMBs and encourage self-motivated change. In this paper, the operationalisation of SDT in CYSEC is presented and the results of a multi-case study shown that offer insight into how SMBs adopted cybersecurity practices with CYSEC. Effective automated cybersecurity communication depended on the SMB's hands-on skills, tools adaptedness, and the users' willingness to documenting confidential information. The SMBs wanted to learn in simple, incremental steps, allowing them to understand what they do. An SMB's motivation to improve security depended on the fitness of assessment questions and recommendations with the SMB's business model and IT infrastructure. The results of this study indicate that automated counselling can help many SMBs in security adoption.

show abstract

A Collaborative System Offering Security Management Services for SMEs/mEs

Cited by 7 publications

References 3 publications

S-Port: Collaborative security management of Port Information systems

S-Port: Collaborative security management of Port Information systems

Open Issues and Proposals in the IT Security Management of Commercial Ports: The S-PORT National Case

Automating the Communication of Cybersecurity Knowledge: Multi-case Study

Contact Info

Product

Resources

About