Part 2: Asian Conference on Availability, Reliability and Security (AsiaARES)International audienceSelection of proper security mechanisms that will protect the organization’s assets against cyber threats is an important non-trivial problem. This paper introduces the approach based on statistical methods that will help to choose the proper controls with respect to actual security threats. First, we determine security mechanisms that support control objectives from ISO/IEC 27002 standard and assign them meaningful weights. Then we employ a factor analysis to reveal dependencies among control objectives. Then this knowledge can be reflected to security mechanisms, that inherit these dependencies from control objectives
Achieving a sufficient level of security of control systems is very important, yet challenging. Firs...
This article is devoted to the development of a model and elaboration of the structure of the mathem...
The increasing integration of information technology with operational technology leads to the format...
Part 2: Asian Conference on Availability, Reliability and Security (AsiaARES)International audienceS...
Abstract IT security incidents pose a major threat to the efficient execution of cor-porate strategi...
Part 2: Asian Conference on Availability, Reliability and Security (AsiaARES)International audienceI...
Many international standards exist in the field of IT security. This research is based on the ISO/IE...
Abstract. [Context and motivation] Security mechanisms, such as fire-walls and encryption, operation...
Security standards are essential instruments for security assessment. To create security assessment ...
Assuring information security is a necessity in modern organizations. Many recommendations for infor...
Cybersecurity standards provide a structured approach to manage and assess cybersecurity risks. They...
information and communication devices are an unavoidable concern of modern infrastructures. There is...
State-supported cyber attacks, cyber espionage campaigns, and hacktivist movements have forced many ...
The development of computer networks and technology allow organizations to process and transmit trem...
The scientific considerations outlined in this article address the threat to the cyber security qual...
Achieving a sufficient level of security of control systems is very important, yet challenging. Firs...
This article is devoted to the development of a model and elaboration of the structure of the mathem...
The increasing integration of information technology with operational technology leads to the format...
Part 2: Asian Conference on Availability, Reliability and Security (AsiaARES)International audienceS...
Abstract IT security incidents pose a major threat to the efficient execution of cor-porate strategi...
Part 2: Asian Conference on Availability, Reliability and Security (AsiaARES)International audienceI...
Many international standards exist in the field of IT security. This research is based on the ISO/IE...
Abstract. [Context and motivation] Security mechanisms, such as fire-walls and encryption, operation...
Security standards are essential instruments for security assessment. To create security assessment ...
Assuring information security is a necessity in modern organizations. Many recommendations for infor...
Cybersecurity standards provide a structured approach to manage and assess cybersecurity risks. They...
information and communication devices are an unavoidable concern of modern infrastructures. There is...
State-supported cyber attacks, cyber espionage campaigns, and hacktivist movements have forced many ...
The development of computer networks and technology allow organizations to process and transmit trem...
The scientific considerations outlined in this article address the threat to the cyber security qual...
Achieving a sufficient level of security of control systems is very important, yet challenging. Firs...
This article is devoted to the development of a model and elaboration of the structure of the mathem...
The increasing integration of information technology with operational technology leads to the format...