Towards a Cybersecurity Awareness Plan for Casinos: An Initial Review for Internal Workers

Díaz J; Guzmán R; Arango-López J; Hochstetter J; V. G.M.R; Moreira F.

doi:10.1007/978-3-031-45642-8_13

dc.contributor.author	Díaz J
dc.contributor.author	Guzmán R
dc.contributor.author	Arango-López J
dc.contributor.author	Hochstetter J
dc.contributor.author	V. G.M.R
dc.contributor.author	Moreira F.
dc.date.accessioned	2024-07-31T21:07:07Z
dc.date.available	2024-07-31T21:07:07Z
dc.date.created	2024
dc.identifier.isbn	9783031456411
dc.identifier.issn	23673370
dc.identifier.uri	http://hdl.handle.net/11407/8476
dc.description	Public and private institutions have invested in IT to increase their information security. Along with investments, the human factor is dominant. In that sense, countries have also implemented their own Computer Security Incident Response Teams (CSIRTs), whose main objective is to minimize and control the damage in case of a security breach. In the case of the Chilean government, with its CSIRT, they propose new guidelines for IT standards related to cybersecurity in the country’s gaming casinos. This incorporation includes creating internal policies, procedures, protocols, and procurement. The objective of this article is to design a model for creating a cybersecurity awareness and education campaign based on the recommendations of the National Institute of Standards and Technology (NIST) and ISO 27001. The methodology consists of the evaluation of these alternatives and the declaration of 5 preliminary stages. On this occasion, we evaluated the first of them, evaluating all the internal workers of the company to form the subsequent initiatives. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
dc.language.iso	eng
dc.publisher	Springer Science and Business Media Deutschland GmbH
dc.relation.isversionof	https://www.scopus.com/inward/record.uri?eid=2-s2.0-85187723184&doi=10.1007%2f978-3-031-45642-8_13&partnerID=40&md5=85cc3821385a3794be0e724baaf932c7
dc.source	Lecture Notes in Networks and Systems
dc.source	Lect. Notes Networks Syst.
dc.source	Scopus
dc.subject	Cybersecurity awareness	eng
dc.subject	Education	eng
dc.subject	Electronic commerce	eng
dc.subject	Policy development	eng
dc.subject	E-learning	eng
dc.subject	Electronic commerce	eng
dc.subject	Cyber security	eng
dc.subject	Cybersecurity awareness	eng
dc.subject	Incident response	eng
dc.subject	IT standards	eng
dc.subject	Policy development	eng
dc.subject	Private institutions	eng
dc.subject	Public institution	eng
dc.subject	Security breaches	eng
dc.subject	Security incident	eng
dc.subject	Workers'	eng
dc.subject	Cybersecurity	eng
dc.title	Towards a Cybersecurity Awareness Plan for Casinos: An Initial Review for Internal Workers	eng
dc.type	conference paper
dc.rights.accessrights	info:eu-repo/semantics/restrictedAccess
dc.publisher.program	Ingeniería de Sistemas	spa
dc.type.spa	Documento de conferencia
dc.identifier.doi	10.1007/978-3-031-45642-8_13
dc.relation.citationvolume	799 LNNS
dc.relation.citationstartpage	134
dc.relation.citationendpage	143
dc.publisher.faculty	Facultad de Ingenierías	spa
dc.affiliation	Díaz, J., Depto. Cs. de la Computación e Informática, Universidad de La Frontera, Temuco, Chile
dc.affiliation	Guzmán, R., Consultora Tecnológica RGIT, Temuco, Chile
dc.affiliation	Arango-López, J., Depto. de Ingeniería de Sistemas e Informática, Universidad de Caldas, Manizales, Colombia
dc.affiliation	Hochstetter, J., Depto. Cs. de la Computación e Informática, Universidad de La Frontera, Temuco, Chile
dc.affiliation	V., G.M.R., Facultad de Ingenierías, Universidad de Medellín, Medellín, Colombia
dc.affiliation	Moreira, F., REMIT, IJP, Universidade Portucalense and IEETA, Universidade de Aveiro, Aveiro, Portugal
dc.relation.references	WEF: The Global Risk Report 2022. World Economic Forum (2022). https://www3.weforum. org/docs/WEF_The_Global_Risks_Report_2022.pdf
dc.relation.references	Reason, J., Human error: Models and management (2000) BMJ, 320 (7237), pp. 768-770. , https://doi.org/10.1136/bmj.320.7237.768. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC 1117770/
dc.relation.references	Alshammari, Z., Phishing attacks cybersecurity (2022) ISSA Journal
dc.relation.references	Alkhalil, Z., Hewage, C., Nawaf, L., Khan, I., Phishing attacks: A recent comprehensive study and a new anatomy (2021) Front. Comput. Sci., 3 (320). , https://doi.org/10.3389/fcomp. 2021.563060
dc.relation.references	Jiménez, F., (2019) Handbook of Intelligence and Counterintelligence, , Third Edition. Seville, Spain: CISDE Editorial
dc.relation.references	Frauenstein, E.D., von Solms, R., An enterprise anti-phishing framework (2013) Information Assurance and Security Education and Training. WISE WISE 2013 2013 2011 2009. IFIP Advances in Information and Communication Technology, Vol, p. 406. , https://doi.org/10.1007/978-3-642-39377-8_22, Dodge, R.C., Futcher, L, Springer, Berlin, Heidelberg
dc.relation.references	Yu, W.D., Nargundkar, S., Tiruthani, N.: A phishing vulnerability analysis of web based systems. In: Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC 2008), pp. 326–331. IEEE, Marrakech, Morocco (2008). https://doi.org/10.1109/ISCC. 2008.4625681
dc.relation.references	Blankenship, J., O’Malley, C., (2019) Best Practices: Phishing Prevention. Protect against Email-Borne Threats with Forrester’s Layered Approach, , https://www. proofpoint.com/au/resources/threat-reports/forrester-best-practices-phishing-prevention, Forrester Research
dc.relation.references	Kletz, T., (2001) Learning from Accidents in Industry, , Gulf Professional Publishing, Oxford, UK
dc.relation.references	de la Torre, S., (2004) Learning from Mistakes. El Tratamiento didáctico De Los Errores Como Estrategia De innovación. Buenos Aires, , Argentina: Editorial Magisterio del Río de la Plata
dc.relation.references	Reason, J., (1997) Managing the Risks of Organizational Accidents. Ashgate, , Aldershot, england
dc.relation.references	Steves, M., Greene, K., Theofanos, M., Categorizing human phishing difficulty: A phish scale (2020) J. Cybersecurity., 6 (1), p. tyaa009. , https://doi.org/10.1093/cybsec/tyaa009
dc.relation.references	Edmondson, A., Strategies for learning from failure (2011) Harvard Business Review, , https://hbr.org/2011/04/strategies-for-learning-from-failure
dc.relation.references	Stalling, W., (2019) Effective Cybersecurity. a Guide to Using Best Practices and Standards, , USA: Addisson Wesley
dc.relation.references	Carpenter, P., Roer, K., (2022) The Security Culture Playbook. an Executive Guide to Reducing Risk and Developing Your Human Defense Layer, , Wiley, Hoboken, NJ. USA
dc.relation.references	Brumfield, C., A medical model for reducing cybersecurity risk behavior (2022) CSO Computer-World, , https://cso.computerworld.es/tendencias/un-modelo-medico-para-reducir-el-comportamiento-de-riesgo-en-ciberseguridad
dc.relation.references	Barojan, D., Building digital resilience ahead of elections and beyond (2021) Disinformation and Fake News, pp. 61-73. , https://doi.org/10.1007/978-981-15-5876-4_5, Jayakumar, S., Ang, B., Anwar, N.D. (eds.) , Springer, Singapore
dc.type.version	info:eu-repo/semantics/publishedVersion
dc.identifier.reponame	reponame:Repositorio Institucional Universidad de Medellín
dc.identifier.repourl	repourl:https://repository.udem.edu.co/
dc.identifier.instname	instname:Universidad de Medellín
dc.contributor.event	11th World Conference on Information Systems and Technologies, WorldCIST 2023

Ficheros en el ítem

Ficheros	Tamaño	Formato	Ver
No hay ficheros asociados a este ítem.

Este ítem aparece en la(s) siguiente(s) colección(ones)

Indexados Scopus [1893]

Mostrar el registro sencillo del ítem