English
Related papers

Related papers: An Adaptable Maturity Strategy for Information Sec…

200 papers

The rapid exponential growth in cloud-first business models and tightened global data protection regulations have led to the exponential increase in the level of importance of ISO certifications, especially ISO/IEC 27001, 27017, and 27018,…

Cryptography and Security · Computer Science 2025-05-20 Nishant Sonkar

SMEs constitute a very large part of the economy in every country and they play an important role in economic growth and social development. SMEs are frequent targets of cybersecurity attacks similar to large enterprises. However, unlike…

Cryptography and Security · Computer Science 2020-07-06 Bilge Yigit Ozkan , Marco Spruit

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl

The importance of security metrics can hardly be overstated. Despite the attention that has been paid by the academia, government and industry in the past decades, this important problem stubbornly remains open. In this survey, we present a…

Cryptography and Security · Computer Science 2016-01-25 Marcus Pendleton , Richard Garcia-Lebron , Shouhuai Xu

Information security management aims at ensuring proper protection of information values and information processing systems (i.e. assets). Information security risk management techniques are incorporated to deal with threats and…

Computers and Society · Computer Science 2020-03-19 Michael Brunner , Clemens Sauerwein , Michael Felderer , Ruth Breu

With the increasing prevalence of open and connected products, cybersecurity has become a serious issue in safety-critical domains such as the automotive industry. As a result, regulatory bodies have become more stringent in their…

Software Engineering · Computer Science 2024-04-29 Mazen Mohamad , Jan-Philipp Steghöfer , Eric Knauss , Riccardo Scandariato

The Internet of Things (IoT) has the potential to enhance older adults' independence and quality of life, but it also exposes them to security, privacy, accessibility, and usability (SPAU) risks. We conducted a systematic review of 44…

Cryptography and Security · Computer Science 2025-12-19 Suleiman Saka , Sanchari Das

It is imperative for organizations to us Information Security Management System (ISMS) to effectively manage their information assets. ISMS starts with a set of policies that dictate the usage computer resources. It starts with the "21…

Cryptography and Security · Computer Science 2012-04-09 Heru Susanto , Fahad Bin Muhaya , Mohammad Nabil Almunawar , Yong Chee Tuan

Security patterns are a means to encapsulate and communicate proven security solutions. They are well-established approaches for introducing security into the software development process. Our objective is to explore the research efforts on…

Software Engineering · Computer Science 2018-12-03 Abbas Javan Jafari , Abbas Rasoolzadegan

Security has become, nowadays, a major concern for the organizations as the majority of its applications are exposed to Internet, which increases the threats of security considerably. Thus, the solution is to improve tools and mechanisms to…

Cryptography and Security · Computer Science 2013-09-25 Mohammed Ennahbaoui , Said Elhajji

Technical standards are a longstanding method of communicating best practice recommendations based on expert consensus. Cybersecurity standards are particularly important for informing policies that protect critical systems and sensitive…

Cryptography and Security · Computer Science 2025-06-11 Noah Apthorpe , Boen Beavers , Yan Shvartzshnaider , Brett Frischmann

Information System (IS) Security threats is still a major concern for many organisations. However, most organisations fall short in achieving a successful adoption and implementation of IS security measures. In this paper, we developed a…

Cryptography and Security · Computer Science 2017-05-05 Mumtaz Abdul Hameed , Nalin Asanka Gamagedara Arachchilage

Information Systems security cannot be fully apprehended if the user lacks the required knowledge and skills to effectively apply the safeguard measures. Knowledge and skills enhance one's self-efficacy. Individual self-efficacy is an…

Cryptography and Security · Computer Science 2018-10-01 Mumtaz Abdul Hameed , Nalin Asanka Gamagedara Arachchilage

Cyber threats affect all kinds of organisations. Risk analysis is an essential methodology for cybersecurity as it allows organisations to deal with the cyber threats potentially affecting them, prioritise the defence of their assets and…

Cryptography and Security · Computer Science 2019-03-20 David Rios Insua , Aitor Couce Vieira , Jose Antonio Rubio , Wolter Pieters , Katsiaryna Labunets , Daniel Garcia Rasines

Computer systems process, store and transfer sensitive information which makes them a valuable asset. Despite the existence of standards such as ISO 27005 for managing information risk, cyber threats are increasing, exposing such systems to…

Cryptography and Security · Computer Science 2023-06-09 Denys A. Flores , Ricardo Perugachi

Test automation is important in software industry but self-assessment instruments for assessing its maturity are not sufficient. The two objectives of this study are to synthesize what an organization should focus to assess its test…

Security risk assessment methods have served us well over the last two decades. As the complexity, pervasiveness and automation of technology systems increases, particularly with the Internet of Things (IoT), there is a convincing argument…

Cryptography and Security · Computer Science 2018-06-29 Jason R. C. Nurse , Petar Radanliev , Sadie Creese , David De Roure

Experts agree that keeping systems up to date is a powerful security measure. Previous work found that users sometimes explicitly refrain from performing timely updates, e.g., due to bad experiences which has a negative impact on end-user…

Human-Computer Interaction · Computer Science 2020-07-20 Christian Tiefenau , Maximilian Häring , Katharina Krombholz , Emanuel von Zezschwitz

Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security,…

Cryptography and Security · Computer Science 2017-07-10 Sabarathinam Chockalingam , Dina Hadziosmanovic , Wolter Pieters , Andre Teixeira , Pieter van Gelder

Risk is the best known and perhaps the best studied example within a much broader class of cyber security metrics. However, risk is not the only possible cyber security metric. Other metrics such as resilience can exist and could be…

Cryptography and Security · Computer Science 2015-12-31 Zachary A. Collier , Mahesh Panwar , Alexander A. Ganin , Alex Kott , Igor Linkov