| dc.contributor.author | Díaz J | |
| dc.contributor.author | Guzmán R | |
| dc.contributor.author | Arango-López J | |
| dc.contributor.author | Hochstetter J | |
| dc.contributor.author | V. G.M.R | |
| dc.contributor.author | Moreira F. | |
| dc.date.accessioned | 2024-07-31T21:07:07Z | |
| dc.date.available | 2024-07-31T21:07:07Z | |
| dc.date.created | 2024 | |
| dc.identifier.isbn | 9783031456411 | |
| dc.identifier.issn | 23673370 | |
| dc.identifier.uri | http://hdl.handle.net/11407/8476 | |
| dc.description | Public and private institutions have invested in IT to increase their information security. Along with investments, the human factor is dominant. In that sense, countries have also implemented their own Computer Security Incident Response Teams (CSIRTs), whose main objective is to minimize and control the damage in case of a security breach. In the case of the Chilean government, with its CSIRT, they propose new guidelines for IT standards related to cybersecurity in the country’s gaming casinos. This incorporation includes creating internal policies, procedures, protocols, and procurement. The objective of this article is to design a model for creating a cybersecurity awareness and education campaign based on the recommendations of the National Institute of Standards and Technology (NIST) and ISO 27001. The methodology consists of the evaluation of these alternatives and the declaration of 5 preliminary stages. On this occasion, we evaluated the first of them, evaluating all the internal workers of the company to form the subsequent initiatives. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024. | |
| dc.language.iso | eng | |
| dc.publisher | Springer Science and Business Media Deutschland GmbH | |
| dc.relation.isversionof | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85187723184&doi=10.1007%2f978-3-031-45642-8_13&partnerID=40&md5=85cc3821385a3794be0e724baaf932c7 | |
| dc.source | Lecture Notes in Networks and Systems | |
| dc.source | Lect. Notes Networks Syst. | |
| dc.source | Scopus | |
| dc.subject | Cybersecurity awareness | eng |
| dc.subject | Education | eng |
| dc.subject | Electronic commerce | eng |
| dc.subject | Policy development | eng |
| dc.subject | E-learning | eng |
| dc.subject | Electronic commerce | eng |
| dc.subject | Cyber security | eng |
| dc.subject | Cybersecurity awareness | eng |
| dc.subject | Incident response | eng |
| dc.subject | IT standards | eng |
| dc.subject | Policy development | eng |
| dc.subject | Private institutions | eng |
| dc.subject | Public institution | eng |
| dc.subject | Security breaches | eng |
| dc.subject | Security incident | eng |
| dc.subject | Workers' | eng |
| dc.subject | Cybersecurity | eng |
| dc.title | Towards a Cybersecurity Awareness Plan for Casinos: An Initial Review for Internal Workers | eng |
| dc.type | conference paper | |
| dc.rights.accessrights | info:eu-repo/semantics/restrictedAccess | |
| dc.publisher.program | Ingeniería de Sistemas | spa |
| dc.type.spa | Documento de conferencia | |
| dc.identifier.doi | 10.1007/978-3-031-45642-8_13 | |
| dc.relation.citationvolume | 799 LNNS | |
| dc.relation.citationstartpage | 134 | |
| dc.relation.citationendpage | 143 | |
| dc.publisher.faculty | Facultad de Ingenierías | spa |
| dc.affiliation | Díaz, J., Depto. Cs. de la Computación e Informática, Universidad de La Frontera, Temuco, Chile | |
| dc.affiliation | Guzmán, R., Consultora Tecnológica RGIT, Temuco, Chile | |
| dc.affiliation | Arango-López, J., Depto. de Ingeniería de Sistemas e Informática, Universidad de Caldas, Manizales, Colombia | |
| dc.affiliation | Hochstetter, J., Depto. Cs. de la Computación e Informática, Universidad de La Frontera, Temuco, Chile | |
| dc.affiliation | V., G.M.R., Facultad de Ingenierías, Universidad de Medellín, Medellín, Colombia | |
| dc.affiliation | Moreira, F., REMIT, IJP, Universidade Portucalense and IEETA, Universidade de Aveiro, Aveiro, Portugal | |
| dc.relation.references | WEF: The Global Risk Report 2022. World Economic Forum (2022). https://www3.weforum. org/docs/WEF_The_Global_Risks_Report_2022.pdf | |
| dc.relation.references | Reason, J., Human error: Models and management (2000) BMJ, 320 (7237), pp. 768-770. , https://doi.org/10.1136/bmj.320.7237.768. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC 1117770/ | |
| dc.relation.references | Alshammari, Z., Phishing attacks cybersecurity (2022) ISSA Journal | |
| dc.relation.references | Alkhalil, Z., Hewage, C., Nawaf, L., Khan, I., Phishing attacks: A recent comprehensive study and a new anatomy (2021) Front. Comput. Sci., 3 (320). , https://doi.org/10.3389/fcomp. 2021.563060 | |
| dc.relation.references | Jiménez, F., (2019) Handbook of Intelligence and Counterintelligence, , Third Edition. Seville, Spain: CISDE Editorial | |
| dc.relation.references | Frauenstein, E.D., von Solms, R., An enterprise anti-phishing framework (2013) Information Assurance and Security Education and Training. WISE WISE 2013 2013 2011 2009. IFIP Advances in Information and Communication Technology, Vol, p. 406. , https://doi.org/10.1007/978-3-642-39377-8_22, Dodge, R.C., Futcher, L, Springer, Berlin, Heidelberg | |
| dc.relation.references | Yu, W.D., Nargundkar, S., Tiruthani, N.: A phishing vulnerability analysis of web based systems. In: Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC 2008), pp. 326–331. IEEE, Marrakech, Morocco (2008). https://doi.org/10.1109/ISCC. 2008.4625681 | |
| dc.relation.references | Blankenship, J., O’Malley, C., (2019) Best Practices: Phishing Prevention. Protect against Email-Borne Threats with Forrester’s Layered Approach, , https://www. proofpoint.com/au/resources/threat-reports/forrester-best-practices-phishing-prevention, Forrester Research | |
| dc.relation.references | Kletz, T., (2001) Learning from Accidents in Industry, , Gulf Professional Publishing, Oxford, UK | |
| dc.relation.references | de la Torre, S., (2004) Learning from Mistakes. El Tratamiento didáctico De Los Errores Como Estrategia De innovación. Buenos Aires, , Argentina: Editorial Magisterio del Río de la Plata | |
| dc.relation.references | Reason, J., (1997) Managing the Risks of Organizational Accidents. Ashgate, , Aldershot, england | |
| dc.relation.references | Steves, M., Greene, K., Theofanos, M., Categorizing human phishing difficulty: A phish scale (2020) J. Cybersecurity., 6 (1), p. tyaa009. , https://doi.org/10.1093/cybsec/tyaa009 | |
| dc.relation.references | Edmondson, A., Strategies for learning from failure (2011) Harvard Business Review, , https://hbr.org/2011/04/strategies-for-learning-from-failure | |
| dc.relation.references | Stalling, W., (2019) Effective Cybersecurity. a Guide to Using Best Practices and Standards, , USA: Addisson Wesley | |
| dc.relation.references | Carpenter, P., Roer, K., (2022) The Security Culture Playbook. an Executive Guide to Reducing Risk and Developing Your Human Defense Layer, , Wiley, Hoboken, NJ. USA | |
| dc.relation.references | Brumfield, C., A medical model for reducing cybersecurity risk behavior (2022) CSO Computer-World, , https://cso.computerworld.es/tendencias/un-modelo-medico-para-reducir-el-comportamiento-de-riesgo-en-ciberseguridad | |
| dc.relation.references | Barojan, D., Building digital resilience ahead of elections and beyond (2021) Disinformation and Fake News, pp. 61-73. , https://doi.org/10.1007/978-981-15-5876-4_5, Jayakumar, S., Ang, B., Anwar, N.D. (eds.) , Springer, Singapore | |
| dc.type.version | info:eu-repo/semantics/publishedVersion | |
| dc.identifier.reponame | reponame:Repositorio Institucional Universidad de Medellín | |
| dc.identifier.repourl | repourl:https://repository.udem.edu.co/ | |
| dc.identifier.instname | instname:Universidad de Medellín | |
| dc.contributor.event | 11th World Conference on Information Systems and Technologies, WorldCIST 2023 | |
