Application and Evaluation of Method for Establishing Consensus on Measures Based on Cybersecurity Framewor
Proceeding: The Third International Conference on Digital Security and Forensics (DigitalSec2016)Publication Date: 2016-09-06
Authors : Shota Fukushima; Ryoichi Sasaki;
Page : 27-34
Keywords : Cybersecurity Framework; Information Security Management; Information Security Governance; Risk Management; Consensus Building;
Abstract
Due to the development of our information society in recent years, the number of companies depending on IT systems has increased. However, it has been noticed that executives have not implemented sufficient information security measures. This is due to the poor consensus regarding information security between executives and IT administrators in an enterprise. Numerous approaches to solve this problem have been carried out. The Cybersecurity Framework developed by NIST is one approach. However, the Cybersecurity Framework does not have a function to select and enumerate specific measures on the basis of mutual understanding between executives and administrators. By applying the Cybersecurity Framework and use cases of the framework provided by the Intel Corporation, we propose a method that can enumerate measures and obtain the optimal combination of measures that leads to mutual agreement between executives and administrators. Moreover, the authors implemented a system called Risk Communicator for Tier (RC4T) to support the framework. By applying this framework and RC4T to a small example, we were able to enumerate specific measures for obtaining mutual consensus between executives and administrators.
Other Latest Articles
- Systems in Danger: A Short Review on Metamorphic Computer Viruses
- Utilizing Program's Execution Data for Digital Forensics
- An Evidence Collection and Analysis of Ubuntu File System
- The Study of Automobile-Used Voice-Activity Detection System Based on Two-Dimensional Long-Time and Short-Frequency Spectral Entropy
- Automatic Car Park Management System Using Face and Vehicle Registration Recognition
Last modified: 2016-09-11 23:54:01