Fast, Lightweight, and Efficient Cybersecurity Optimization for Tactical–Operational Management

Domínguez-Dorado, Manuel; Cortés-Polo, David; Carmona-Murillo, Javier; Rodríguez-Pérez, Francisco J.; Galeano-Brajones, Jesús

doi:10.3390/app13106327

Cited by 3 publications

(3 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Dominguez-Dorado M. et al in [25] introduced the CyberTOMP framework, a comprehensive tool that equips organizations with resources for holistic cybersecurity management on both tactical and operational fronts. A significant component of this framework is the Unified List of Expected Outcomes (ULEO), which offers a consistent listing of cybersecurity measures required to safeguard specific assets.…”

Section: Sulistyowati Et Al Inmentioning

confidence: 99%

Leveraging Taxonomical Engineering for Security Baseline Compliance in International Regulatory Frameworks

Grigaliūnas,

Schmidt,

Brūzgienė

et al. 2023

Future Internet

View full text Add to dashboard Cite

A surge in successful Information Security (IS) breaches targeting Research and Education (R&E) institutions highlights a pressing need for enhanced protection. Addressing this, a consortium of European National Research and Education Network (NREN) organizations has developed a unified IS framework. This paper aims to introduce the Security Baseline for NRENs and a security maturity model tailored for R&E entities, derived from established security best practices to meet the specific needs of NRENs, universities, and various research institutions. The models currently in existence do not possess a system to smoothly correlate varying requirement tiers with distinct user groups or scenarios, baseline standards, and existing legislative actions. This segmentation poses a significant hurdle to the community’s capacity to guarantee consistency, congruency, and thorough compliance with a cohesive array of security standards and regulations. By employing taxonomical engineering principles, a mapping of baseline requirements to other security frameworks and regulations has been established. This reveals a correlation across most regulations impacting R&E institutions and uncovers an overlap in the high-level requirements, which is beneficial for the implementation of multiple standards. Consequently, organizations can systematically compare diverse security requirements, pinpoint gaps in their strategy, and formulate a roadmap to bolster their security initiatives.

show abstract

Section: Sulistyowati Et Al Inmentioning

confidence: 99%

Leveraging Taxonomical Engineering for Security Baseline Compliance in International Regulatory Frameworks

Grigaliūnas,

Schmidt,

Brūzgienė

et al. 2023

Future Internet

View full text Add to dashboard Cite

show abstract

“…Holistic cybersecurity foundations and cybersecurity context in public sector [2,3,13,[15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34] Tactical-operational cybersecurity workforce management [1,[35][36][37][38][39][40][41][42][43][44][45][46][47] Cybersecurity talent development and retention [4][5][6][7][8][9][10][48][49][50][51][52][53][54]…”

Section: Topic Analyzed Sourcementioning

confidence: 99%

“…The study of Domínguez-Dorado et al in [1] follows a practical approach and provides step-by-step processes, procedures, and guidance for identifying cybersecurity actions through a collaborative process that engages all functional areas of the organization. It is additionally supported by tools that facilitate the attainment of agreements on the necessary set of cybersecurity actions [35]. This approach allows for the development of holistic cybersecurity actions that are agreed upon and assigned to the functional areas involved in cybersecurity.…”

Section: Tactical-operational Cybersecurity Workforce Managementmentioning

confidence: 99%

Boosting Holistic Cybersecurity Awareness with Outsourced Wide-Scope CyberSOC: A Generalization from a Spanish Public Organization Study

Domínguez-Dorado,

Rodríguez-Pérez,

Carmona-Murillo

et al. 2023

Information

Self Cite

View full text Add to dashboard Cite

Public sector organizations are facing an escalating challenge with the increasing volume and complexity of cyberattacks, which disrupt essential public services and jeopardize citizen data and privacy. Effective cybersecurity management has become an urgent necessity. To combat these threats comprehensively, the active involvement of all functional areas is crucial, necessitating a heightened holistic cybersecurity awareness among tactical and operational teams responsible for implementing security measures. Public entities face various challenges in maintaining this awareness, including difficulties in building a skilled cybersecurity workforce, coordinating mixed internal and external teams, and adapting to the outsourcing trend, which includes cybersecurity operations centers (CyberSOCs). Our research began with an extensive literature analysis to expand our insights derived from previous works, followed by a Spanish case study in collaboration with a digitization-focused public organization. The study revealed common features shared by public organizations globally. Collaborating with this public entity, we developed strategies tailored to its characteristics and transferrable to other public organizations. As a result, we propose the “Wide-Scope CyberSOC” as an innovative outsourced solution to enhance holistic awareness among the cross-functional cybersecurity team and facilitate comprehensive cybersecurity adoption within public organizations. We have also documented essential requirements for public entities when contracting Wide-Scope CyberSOC services to ensure alignment with their specific needs, accompanied by a management framework for seamless operation.

show abstract

Optimal Job Role Allocation for Compliance With NCA-ECC Controls Using the Saudi Cybersecurity Workforce Framework

Mosli

2024

IEEE Access

View full text Add to dashboard Cite

Fast, Lightweight, and Efficient Cybersecurity Optimization for Tactical–Operational Management

Cited by 3 publications

References 27 publications

Leveraging Taxonomical Engineering for Security Baseline Compliance in International Regulatory Frameworks

Leveraging Taxonomical Engineering for Security Baseline Compliance in International Regulatory Frameworks

Boosting Holistic Cybersecurity Awareness with Outsourced Wide-Scope CyberSOC: A Generalization from a Spanish Public Organization Study

Optimal Job Role Allocation for Compliance With NCA-ECC Controls Using the Saudi Cybersecurity Workforce Framework

Contact Info

Product

Resources

About