Evaluating informatics security in an organization: The minimal distance method

Felipe, Federico; Acevedo-Mosqueda, María Elena; Sanchez, M. M.

doi:10.1109/intercon.2017.8079676

Cited by 1 publication

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Through this standard, companies can also develop their own information security management guidelines. The standard has 114 controls, grouped into 14 domains and 35 control objectives that organizations can adapt according to their nature [6].…”

Section: Iso/iec 27002: 2013mentioning

confidence: 99%

“…The Minimum distance to an ideal point method is a method that allows evaluating different object parameters in a n-dimensional unit mathematical space. The minimum distance method is a methodology that can be used to assess computer security in organizations [6]. With this method, public organizations can evaluate controls from adapted standards, using the following equation:…”

Section: Prototype Of a Standards-based Information Security Management Modelmentioning

confidence: 99%

“…3 PRM (6) The calculation of the Risk Mitigation Percentage was carried out by applying Eq. 3 and allowed determining areas in which controls should be improved to reduce the risks related to information.…”

Section: Calculation Of Risk Mitigation Percentagementioning

confidence: 99%

“…Then there is the social engineering through which certain people outside or related to the organization, access the internal information of the company and use it to harm it [5]. And we must not forget natural disasters such as fires, landslides, floods or human error [6].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Analysis for the Adoption of Security Standards to Improve the Management of Securities in Public Organizations

Ronquillo¹,

Lilibeth²

2020

Machine Learning and Artificial Intelligence

View full text Add to dashboard Cite

Public organizations have the ongoing task of properly managing the security of the information they handle. The objective of this research is to analyze the security standards adopted by public organizations in Ecuador to improve their management of information security. The deductive method was applied for the review and analysis of appropriate standards for public institutions. As a result, information was obtained on the different security policies, standards and guidelines that apply, national and international public organizations. A Diagram of activities for the adoption of standards for public organizations resulted; a prototype standards-based Information Security Management Model; and an Information Security Management Matrix, from which the Risk Mitigation Percentage was calculated. It was concluded that maintaining high levels of security in public organizations requires the adoption of control standards in different areas and the collaboration of the different organizational and hierarchical levels of public organizations.

show abstract

Section: Iso/iec 27002: 2013mentioning

confidence: 99%

Section: Prototype Of a Standards-based Information Security Management Modelmentioning

confidence: 99%

Section: Calculation Of Risk Mitigation Percentagementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations