The Enterprises Risk Management in the Context of Digital Transformation

Пупенцова, Светлана Валентиновна; Livintsova, Maria

doi:10.1007/978-3-030-96383-5_129

Cited by 4 publications

(1 citation statement)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also, in the worst-case scenario, if we identify computer risks, there are mechanisms designed to fix the problem, such as the use of access codes, antivirus, firewall, etc. As the author [12] claims, the purpose of this phase is to mitigate potential cyber-risks that may arise in an organization.…”

Section: Phase 3: Develop Security Strategy and Plansmentioning

confidence: 99%

Leveraging Security Modeling and Information Systems Audits to Mitigate Network Vulnerabilities

Arenas,

Yactayo-Arias,

Quispe

et al. 2023

IJSSE

View full text Add to dashboard Cite

Advancements in digital technologies have significantly enhanced the functional capabilities of consumers and businesses alike, yet have concurrently amplified the complexities associated with cybersecurity, including theft and cyber-attacks. Consequently, auditing of information systems has emerged as a crucial security apparatus for organizations aiming to safeguard their data assets, specifically with respect to customer information. This study aims to design an information systems security and audit model that emphasizes the fortification of an organization's crucial assets via IT infrastructure security and information security management systems, in alignment with ISO 27001 standards. The proposed model seeks to assure information confidentiality, integrity, availability, and compliance with legal mandates. The study adopted the OCTAVE v2.0 method, executed in three distinct phases. In the first phase, profiles of asset-based threats were constructed. The second phase involved the identification of infrastructure vulnerabilities, whereas the final phase focused on the development of a security strategy and plans. The implementation of the proposed model yielded a marked impact, with a positive shift from 46% to 94% following the establishment of IT infrastructure security policies. The study underscores the importance of conducting a comparative analysis prior to implementation and asserts that well-defined and identified security models and information systems auditing can effectively counteract potential data leaks and cyber-attacks such as malware, phishing, spam, and ransomware. The findings suggest that a meticulous and preemptive approach to auditing and security planning can significantly bolster the resilience of an organization's digital infrastructure.

show abstract

Section: Phase 3: Develop Security Strategy and Plansmentioning

confidence: 99%