Vol. 4 (2022): january-december: continuous publication
Original article

Analysis of the information by the management of security incidents in organizations

PDF (Español (España)) HTML (Español (España)) XML (Español (España)) EPUB (Español (España))
María Elena Tasa-Catanzaro
Universidad Tecnológica del Perú
Bio
Henry George Maquera-Quispe
Universidad Nacional del Centro del Perú
Bio
John Fredy Rojas-Bujaico
Universidad Nacional de Huancavelica
Bio
Marjorie Gabriela del Carmen Delgado-Rospigliosi
Pontifical Catholic University of Peru
Bio
DOI: https://doi.org/10.37073/puriq.4.1.196

Published 2022-01-04

Keywords

  • Good practice,
  • incident,
  • information,
  • security

How to Cite

Tasa-Catanzaro, M. E., Maquera-Quispe, H. G., Rojas-Bujaico, J. F., & Delgado-Rospigliosi, M. G. del C. (2022). Analysis of the information by the management of security incidents in organizations. Puriq, 4, e196. https://doi.org/10.37073/puriq.4.1.196

Copyright (c) 2022 María Elena Tasa Catanzaro, Henry George Maquera Quispe, John Fredy Rojas Bujaico, Marjorie Gabriela del Carmen Delgado Rospigliosi

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Métricas alternativas

Share
Crossref
Scopus
Google Scholar
Europe PMC

Abstract

Security incidents in an organization are considered the main source for evaluating the correct application of security controls in public or private organizations. The investigation is based on the behavior of the incidents before the participation of information technology controls together with the formal processes in the organizations. Good security practices based on the international standards ISO / IEC 27001 and ISO / IEC 27002 were used. The Magerit v3 methodology and business intelligence techniques were applied to integrate and process the information obtained through heterogeneous sources of information implemented in the organizations under study. The information obtained was established in 9 security controls common to the organizations under study applied under an experimental study. The analysis of the arrival data will establish that the constant monitoring and supervision of the application of the security controls raises the security levels in the organizations that guarantee the continuity of the services and processes.

PDF (Español (España)) HTML (Español (España)) XML (Español (España)) EPUB (Español (España))

Downloads

Download data is not yet available.

References

  1. Ali, O., Shrestha, A., Chatfield, A., y Murray, P. (2019). Assessing information security risks in the cloud: A case study of Australian local government authorities. Government Information Quarterly. https://doi.org/10.1016/j.giq.2019.101419
  2. Carvalho, J. V., Rocha, Á., Vasconcelos, J., y Abreu, A. (2019). A health data analytics maturity model for hospitals information systems. International Journal of Information Management, 46, 278–285. https://doi.org/10.1016/j.ijinfomgt.2018.07.001
  3. Caseiro, N., y Coelho, A. (2019). The influence of Business Intelligence capacity, network learning and innovativeness on startups performance | Elsevier Enhanced Reader. Journal of Innovation & Knowledge, 4(3), 139–145. https://doi.org/10.1016/j.jik.2018.03.009
  4. Cheng, C., Zhong, H., y Cao, L. (2020). Facilitating speed of internationalization: The roles of business intelligence and organizational agility. Journal of Business Research, 110, 95–103. https://doi.org/10.1016/j.jbusres.2020.01.003
  5. Cobb, C., Sudar, S., Reiter, N., Anderson, R., Roesner, F., y Kohno, T. (2018). Computer security for data collection technologies. Development Engineering, 3, 1–11. https://doi.org/10.1016/j.deveng.2017.12.002
  6. da Veiga, A., Astakhova, L. V., Botha, A., y Herselman, M. (2020). Defining organisational information security culture – Perspectives from academia and industry. Computers & Security, 101713. https://doi.org/10.1016/j.cose.2020.101713
  7. Dumont, F., Jemai, S., Xu, Z., Felan, P. M., y Farges, G. (2018). Sécurité de l’information : autodiagnostic selon l’ISO/CEI 27001. In IRBM News (Vol. 39, Issues 4–5, pp. 90–95). Elsevier Masson SAS. https://doi.org/10.1016/j.irbmnw.2018.08.001
  8. Evans, M., He, Y., Maglaras, L., Yevseyeva, I., y Janicke, H. (2019). Evaluating information security core human error causes (IS-CHEC) technique in public sector and comparison with the private sector. International Journal of Medical Informatics, 127, 109–119. https://doi.org/10.1016/j.ijmedinf.2019.04.019
  9. Larson, D., y Chang, V. (2016). A review and future direction of agile, business intelligence, analytics and data science. International Journal of Information Management, 36(5), 700–710. https://doi.org/10.1016/j.ijinfomgt.2016.04.013
  10. Lopes, J., Guimarães, T., y Santos, M. F. (2020). Adaptive business intelligence: A new architectural approach. Procedia Computer Science, 177, 540–545. https://doi.org/10.1016/j.procs.2020.10.075
  11. Lukic, J., Radenkovic, M., Despotovic-Zrakic, M., Labus, A., y Bogdanovic, Z. (2016). A hybrid approach to building a multi-dimensional business intelligence system for electricity grid operators. Utilities Policy, 41, 95-106. https://doi.org/10.1016/j.jup.2016.06.010
  12. Mall, S., y Saroj, S. K. (2018). A New Security Framework for Cloud Data. Procedia Computer Science, 143, 765-775. https://doi.org/10.1016/j.procs.2018.10.397
  13. Polyvyanyy, A., Ouyang, C., Barros, A., y van der Aalst, W. M. P. (2017). Process querying: Enabling business intelligence through query-based process analytics. Decision Support Systems, 100, 41–56. https://doi.org/10.1016/j.dss.2017.04.011
  14. Ramalingam, D., Arun, S., y Anbazhagan, N. (2018). A Novel Approach for Optimizing Governance, Risk management and Compliance for Enterprise Information security using DEMATEL and FoM. Procedia Computer Science, 134, 365–370. https://doi.org/10.1016/j.procs.2018.07.197
  15. Sauerwein, C., Pekaric, I., Felderer, M., y Breu, R. (2019). An analysis and classification of public information security data sources used in research and practice. Computers and Security, 82, 140–155. https://doi.org/10.1016/j.cose.2018.12.011
  16. Szczepaniuk, E. K., Szczepaniuk, H., Rokicki, T., y Klepacki, B. (2020). Information security assessment in public administration. Computers and Security, 90. https://doi.org/10.1016/j.cose.2019.101709
  17. Vajirakachorn, T., y Chongwatpol, J. (2017). Application of business intelligence in the tourism industry: A case study of a local food festival in Thailand. Tourism Management Perspectives, 23, 75–86. https://doi.org/10.1016/j.tmp.2017.05.003
  18. Wu, X., Zhang, R., Zeng, B., y Zhou, S. (2013). A trust evaluation model for cloud computing. Procedia Computer Science, 17, 1170–1177. https://doi.org/10.1016/j.procs.2013.05.149