Ítem
Solo Metadatos

A comprehensive cybersecurity audit model to improve cybersecurity assurance: The cybersecurity audit model (CSAM)

dc.creatorSabillon R.spa
dc.creatorSerra-Ruiz J.spa
dc.creatorCavaller V.spa
dc.creatorCano J.spa
dc.date.accessioned2020-05-25T23:58:25Z
dc.date.available2020-05-25T23:58:25Z
dc.date.created2018spa
dc.description.abstractNowadays, private corporations and public institutions are dealing with constant and sophisticated cyberthreats and cyberattacks. As a general warning, organizations must build and develop a cybersecurity culture and awareness in order to defend against cybercriminals. Information Technology (IT) and Information Security (InfoSec) audits that were efficient in the past, are trying to converge into cybersecurity audits to address cyber threats, cyber risks and cyberattacks that evolve in an aggressive cyber landscape. However, the increase in number and complexity of cyberattacks and the convoluted cyberthreat landscape is challenging the running cybersecurity audit models and putting in evidence the critical need for a new cybersecurity audit model. This article reviews the best practices and methodologies of global leaders in the cybersecurity assurance and audit arena. By means of the analysis of the current approaches and theoretical background, their real scope, strengths and weaknesses are highlighted looking forward a most efficient and cohesive synthesis. As a resut, this article presents an original and comprehensive cybersecurity audit model as a proposal to be utilized for conducting cybersecurity audits in organizations and Nation States. The CyberSecurity Audit Model (CSAM) evaluates and validates audit, preventive, forensic and detective controls for all organizational functional areas. CSAM has been tested, implemented and validated along with the Cybersecurity Awareness TRAining Model (CATRAM) in a Canadian higher education institution. A research case study is being conducted to validate both models and the findings will be published accordingly. © 2017 IEEE.eng
dc.format.mimetypeapplication/pdf
dc.identifier.doihttps://doi.org/10.1109/INCISCOS.2017.20
dc.identifier.urihttps://repository.urosario.edu.co/handle/10336/22858
dc.language.isoengspa
dc.publisherInstitute of Electrical and Electronics Engineers Inc.spa
dc.relation.citationEndPage259
dc.relation.citationStartPage253
dc.relation.citationTitleProceedings - 2017 International Conference on Information Systems and Computer Science
dc.relation.citationVolumeVol. 2017
dc.relation.ispartofProceedings - 2017 International Conference on Information Systems and Computer Science, INCISCOS 2017, Vol.2017-November,(2018); pp. 253-259spa
dc.relation.urihttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85050981578&doi=10.1109%2fINCISCOS.2017.20&partnerID=40&md5=cfbf1e32d9f1d7ebfecdf197003290f8spa
dc.rights.accesRightsinfo:eu-repo/semantics/openAccess
dc.rights.accesoAbierto (Texto Completo)spa
dc.source.instnameinstname:Universidad del Rosariospa
dc.source.reponamereponame:Repositorio Institucional EdocURspa
dc.subject.keywordInformation usespa
dc.subject.keywordNetwork securityspa
dc.subject.keywordAudit modelsspa
dc.subject.keywordCyber securityspa
dc.subject.keywordCybercriminalsspa
dc.subject.keywordFunctional areasspa
dc.subject.keywordHigher education institutionsspa
dc.subject.keywordPrivate corporationspa
dc.subject.keywordPublic institutionspa
dc.subject.keywordTraining modelspa
dc.subject.keywordInformation systemsspa
dc.subject.keywordCybersecurityspa
dc.subject.keywordCybersecurity assurancespa
dc.subject.keywordCybersecurity auditspa
dc.subject.keywordCybersecurity audit modelspa
dc.subject.keywordCybersecurity controlsspa
dc.subject.keywordCybersecurity domainsspa
dc.titleA comprehensive cybersecurity audit model to improve cybersecurity assurance: The cybersecurity audit model (CSAM)spa
dc.typeconferenceObjecteng
dc.type.hasVersioninfo:eu-repo/semantics/publishedVersion
dc.type.spaDocumento de conferenciaspa
Archivos
Colecciones