Roadmap Amid Chaos: Cyber Security Management for Organisations

Bahuguna, Ashutosh; Bisht, Raj Kishor; Pande, Jeetendra

doi:10.1109/icccnt.2018.8493977

Cited by 11 publications

(8 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…-Les modèles de maturité cyber La maturité cyber fait référence à l'évaluation de l'état de préparation et de récupération de l'organisation par rapport à différents critères (Bahuguna et al, 2019). Il existe plusieurs modèles de maturité cyber, notamment le modèle C2M2 (Cybersecurity Ccapability Maturity Model) de Curtis et al (2015), le modèle du management de la résilience de Caralli (2006) Compte tenu de l'attention portée à la cyberrésilience, au regard de leurs impacts et de l'intérêt porté par les parties prenantes, il est nécessaire de comprendre comment bien communiquer.…”

Section: La Communication Cyber : Une Mesure Indirecte De La Maturité...unclassified

La maturité cyber au prisme de la communication extra-financière : une analyse des entreprises du CAC 40

Farjaudon,

Gardès

2024

RFGI

View full text Add to dashboard Cite

L’objectif de ce papier est d’analyser le contenu des informations diffusées par les entreprises pour en déduire leur niveau de maturité en cas de cyberattaques. La survie d’une organisation ne dépend pas uniquement d’actions relatives à la cybersécurité, mais bien de sa capacité à récupérer et apprendre et donc à être résiliente. La résilience d’une organisation face à un risque cyber intéresse donc au plus haut point les parties prenantes. Si la communication extra-financière est un sujet qui préoccupe les chercheurs depuis longtemps, rares sont les articles qui s'intéressent à la communication en matière de risques cyber. L’objectif de cette étude est de caractériser la communication des grandes entreprises en la matière, notamment en identifiant la nature des informations publiées dans les rapports annuels et leur degré de précision. L’analyse des pratiques de diffusion de l’information nous permet de caractériser le degré de cyber résilience des entreprises du CAC 40

show abstract

Section: La Communication Cyber : Une Mesure Indirecte De La Maturité...unclassified

La maturité cyber au prisme de la communication extra-financière : une analyse des entreprises du CAC 40

Farjaudon,

Gardès

2024

RFGI

View full text Add to dashboard Cite

show abstract

“…There are many frameworks and standards that can be useful, in certain cases, to manage cybersecurity [18], which sometimes makes it difficult to choose one and implement it in organizations [19]. A large number of them, such as Capability Maturiry Model Integration (CMMI) [20]- [22] or Information Technology Infrastructure Library (ITIL) [23], [24] are generic and applicable to multiple spheres.…”

Section: A Lack Of High-level Standards That Provide Procedural Eleme...mentioning

confidence: 99%

“…• FA9. In charge of the management, development, implementation, and verification of compliance with the standards and regulations defined at the corporate level for cybersecurity: CIS controls, MITRE matrix, NIST framework for the improvement of cybersecurity of critical infrastructures, or the family of standards ISO27000[19].• FA10. • FA11.…”

mentioning

confidence: 99%

CyberTOMP: A Novel Systematic Framework to Manage Asset-Focused Cybersecurity From Tactical and Operational Levels

Manuel¹,

Carmona-Murillo

Cortés-Polo

et al. 2022

IEEE Access

View full text Add to dashboard Cite

Currently different reference models are used to manage cybersecurity, although practically none are applicable "as is" to lower levels as they do not detail specific procedural aspects for them. However, they urge organizations to develop a methodological foundation to manage cybersecurity at those levels. Although they allow organizations to adhere to a recognized standard at the strategic level, this advantage vanishes when organizations must define specific low-level procedures, allowing the appearance of inconsistency at tactical and operational levels between departments of the same organization or between organizations. The design of these elements with the required holism and homogeneity is difficult, and this is why generic processes focused on getting certified regarding a standard are usually originated, but they are insufficient to obtain effective cybersecurity because they are not focused on dealing with real cyber threats. Because of the great responsibility of lower levels to achieve effective cybersecurity, this lack of methodological definition makes it difficult to adapt cybersecurity to the highly dynamic cyber context with the required holism and strategic alignment. Our proposal provides CyberTOMP, a process for managing cybersecurity at lower levels, as well as a set of methodological elements that support it. The novelty of these contributions is that they complement the strategic standard selected by the organization, providing it with a set of procedural elements ready to be used out of the box, contributing those aspects required by high-level frameworks to manage cybersecurity at lower levels, for which there is no alternative with a managerial approach.

show abstract

“…Using this new approach, traffic accidental alerts were established depending on the trust ranges of the sender. In 2016, Bahuguna et al [65] have presented a novel method for safeguarding the privacy of vehicles in opposition to external eavesdroppers. At last, the development of the adopted method was established in terms of superior decision making.…”

Section: Related Workmentioning

confidence: 99%

A Brief Survey on Security Issues in Vehicular Networks

Anand¹

2022

JNACS

View full text Add to dashboard Cite

With the growth of Internet of Things and wireless communication systems, vehicular ad hoc networks (VANETs) have attained much consideration recently. VANETs act as a paradigm for vehicular management and communication and thereby, it requires the assurance of efficiency and security for the unreliable and resource constrained networks. This survey makes a critical analysis on about 65 papers regarding security issues in VANET. More particularly, varied performance measures and different types of systems that are contributed in different papers are analyzed. In addition, a comprehensive study is made regarding the signatures models in each contribution. Moreover, analytical review is made concerning various adopted tools and furthermore, the chronological review of the contributed works is examined. Finally, the survey extends with the determination of various research issues and gaps that might be useful for the researchers to promote improved future works on VANET systems.

show abstract

Roadmap Amid Chaos: Cyber Security Management for Organisations

Cited by 11 publications

References 1 publication

La maturité cyber au prisme de la communication extra-financière : une analyse des entreprises du CAC 40

La maturité cyber au prisme de la communication extra-financière : une analyse des entreprises du CAC 40

CyberTOMP: A Novel Systematic Framework to Manage Asset-Focused Cybersecurity From Tactical and Operational Levels

A Brief Survey on Security Issues in Vehicular Networks

Contact Info

Product

Resources

About