AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity
Empreu sempre aquest identificador per citar o enllaçar aquest ítem
http://hdl.handle.net/10045/136755
Títol: | AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity |
---|---|
Autors: | Hochstetter Diez, Jorge Alberto | Diéguez Rebolledo, Mauricio | Fenner-López, Julio | Cachero, Cristina |
Grups d'investigació o GITE: | Advanced deveLopment and empIrical research on Software (ALISoft) |
Centre, Departament o Servei: | Universidad de Alicante. Departamento de Lenguajes y Sistemas Informáticos |
Paraules clau: | Maturity model | Cybersecurity | Information security |
Data de publicació: | 19-de juliol-2023 |
Editor: | MDPI |
Citació bibliogràfica: | Hochstetter-Diez J, Diéguez-Rebolledo M, Fenner-López J, Cachero C. AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity. Applied Sciences. 2023; 13(14):8339. https://doi.org/10.3390/app13148339 |
Resum: | In today’s world, private and government organizations are legally obligated to prioritize their information security. They need to provide proof that they are continually improving their cybersecurity compliance. One approach that can help organizations achieve this goal is implementing information security maturity models. These models provide a structured framework for measuring performance and implementing best practices. However, choosing a suitable model can be challenging, requiring cultural, process, and work practice changes. Implementing multiple models can be overwhelming, if possible. This article proposes a prioritization strategy for public institutions that want to improve their information security maturity. We thoroughly analyzed various sources through systematic mapping to identify critical similarities in information security maturity models. Our research led us to create the AIM (Awareness, Infrastructure, and Management) Triad. This triad is a practical guide for organizations to achieve maturity in information security practices. |
Patrocinadors: | This work received partial support from Proyecto DIUFRO DI21-0079 and Proyecto DIUFRO DI22-0043, Universidad de La Frontera, Temuco. Chile. |
URI: | http://hdl.handle.net/10045/136755 |
ISSN: | 2076-3417 |
DOI: | 10.3390/app13148339 |
Idioma: | eng |
Tipus: | info:eu-repo/semantics/article |
Drets: | © 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
Revisió científica: | si |
Versió de l'editor: | https://doi.org/10.3390/app13148339 |
Apareix a la col·lecció: | INV - ALISoft - Artículos de Revistas |
Arxius per aquest ítem:
Arxiu | Descripció | Tamany | Format | |
---|---|---|---|---|
Hochstetter-Diez_etal_2023_ApplSci.pdf | 793,93 kB | Adobe PDF | Obrir Vista prèvia | |
Aquest ítem està subjecte a una llicència de Creative Commons Llicència Creative Commons