Title :
Enterprise-oriented cybersecurity management
Author :
Chmielecki, Tomasz ; Cholda, Piotr ; Pacyna, Piotr ; Potrawka, Pawel ; Rapacz, Norbert ; Stankiewicz, Rafal ; Wydrych, Piotr
Author_Institution :
Dept. of Telecommun., AGH Univ. of Sci. & Technol., Kraków, Poland
Abstract :
Information technology is widely used in processes vital to enterprises. Therefore, IT systems must meet at least the same level of security as required from the business processes supported by these systems. In this paper, we present a view on cybersecurity management as an enterprise-centered process, and we advocate the use of enterprise architecture in security management. Activities such as risk assessment, selection of security controls, as well as their deployment and monitoring should be carried out as a part of enterprise architecture activity. A set of useful frameworks and tools is presented and discussed.
Keywords :
risk management; security of data; business process; enterprise architecture; enterprise-centered process; enterprise-oriented cybersecurity management; information technology; risk assessment; security control selection; security deployment; security monitoring; Computer architecture; Computer security; Monitoring; Risk management; Unified modeling language;
Conference_Titel :
Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on
Conference_Location :
Warsaw
