Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/101921
| Title: | Un modelo práctico para realizar auditorías exhaustivas de Ciberseguridad |
| Other Titles: | A Practical Model to Perform Comprehensive Cybersecurity Audits |
| Author: | Sabillon, Regner |
| Others: | Universitat Oberta de Catalunya. Internet Interdisciplinary Institute (IN3) |
| Citation: | Sabillon, R. (2018). Un modelo práctico para realizar auditorías exhaustivas de Ciberseguridad. Enfoque UTE, 9(1), 127-137. doi: 10.29019/enfoqueute.v9n1.214 |
| Abstract: | These days organizations are continually facing being targets of cyberattacks and cyberthreats; the sophistication and complexity of modern cyberattacks and the modus operandi of cybercriminals including Techniques, Tactics and Procedures (TTP) keep growing at unprecedented rates. Cybercriminals are always adopting new strategies to plan and launch cyberattacks based on existing cybersecurity vulnerabilities and exploiting end users by using social engineering techniques. Cybersecurity audits are extremely important to verify that information security controls are in place and to detect weaknesses of inexistent cybersecurity or obsolete controls. This article presents an innovative and comprehensive cybersecurity audit model. The CyberSecurity Audit Model (CSAM) can be implemented to perform internal or external cybersecurity audits. This model can be used to perform single cybersecurity audits or can be part of any corporate audit program to improve cybersecurity controls. Any information security or cybersecurity audit team has either the options to perform a full audit for all cybersecurity domains or by selecting specific domains to audit certain areas that need control verification and hardening. The CSAM has 18 domains; Domain 1 is specific for Nation States and Domains 2-18 can be implemented at any organization. The organization can be any small, medium or large enterprise, the model is also applicable to any Non-Profit Organization (NPO). |
| Keywords: | Cybersecurity Cybersecurity audit Cybersecurity audit model Cybersecurity assurance Cybersecurity controls |
| DOI: | 10.29019/enfoqueute.v9n1.214 |
| Document type: | info:eu-repo/semantics/article |
| Version: | info:eu-repo/semantics/publishedVersion |
| Issue Date: | 30-Mar-2018 |
| Publication license: | http://creativecommons.org/licenses/by/4.0  |
| Appears in Collections: | Articles cientÍfics Articles |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| auditorias_ciberseguridad.pdf | 508,89 kB | Adobe PDF |  View/Open |
Share:
Google Scholar
Microsoft Academic
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.