Galleta

Cookies

El sitio web de la UCLM utiliza cookies propias y de terceros con fines técnicos y de análisis.

Aviso de Cookies


MARISMA: A modern and context-aware framework for assessing and managing information cybersecurity risks

29 de Noviembre del 2024



Nuestros compañeros Luis Enrique Sánchez, Antonio Santos-Olmo, David G. Rosado, Carlos Blanco y Eduardo Fernández-Medina del grupo GSYA junto a Manuel A. Serrano del grupo Alarcos y Haralambos Mouratidis de la Universidad de Essex del Reino Unido han publicado el artículo “MARISMA: A modern and context-aware framework for assessing and managing information cybersecurity risks”, en Journal of Computer Standards & Interfaces (IF 4.1, Q1). DOI: https://doi.org/10.1016/j.csi.2024.103935.


Resumen

In a globalised world dependent on information technology, ensuring adequate protection of an organisation’s information assets has become a decisive factor for the longevity of the organisation’s operation. This is especially important when these organisations are critical infrastructures that provide essential services to nations and their citizens. However, to protect these assets, we must first be able to understand the risks to which they are subject and how to manage them properly. To understand and manage such the risks, we need first to acknowledge that organisations have changed, and they now have an increasing reliance on information assets, which in many cases are shared with other organisations. Such reliance and interconnectivity means that risks are constantly changing, they are dynamic, and potential mitigation does not just rely on the organisation’s own controls, but also on the controls put in place by the organisations with which it shares those assets. Taking the above requirements as essential, we have reviewed the state of the art, and we have concluded that current risk analysis and management systems are unable to meet all the needs inherent in this dynamic and evolving risk environment. This gap in the state of the art requires novel approaches that draw on the foundations of risk management, but they are adapted to the new challenges.



Más noticias por año: