期刊
JOURNAL OF DISASTER RESEARCH
卷 12, 期 5, 页码 1081-1090出版社
FUJI TECHNOLOGY PRESS LTD
DOI: 10.20965/jdr.2017.p1081
关键词
cybersecurity; exercise; maturity model; business continuity management; critical infrastructure protection
资金
- Ministry of Education, Science, Sports and Culture [16H01837]
- Grants-in-Aid for Scientific Research [16H01837] Funding Source: KAKEN
The purpose of this study is to illustrate how exercises can play the role of a driving power to improve an organization's cyber security preparedness. The degree of cyber security preparedness varies significantly among organizations. This implies that training and exercises must be tailored to specific capabilities. In this paper, we review the National Institute of Standards and Technology (NIST) cybersecurity framework that formalizes the concept of tier, which measures the degree of preparedness. Subsequently, we examine the types of exercises available in the literature and propose guidelines that assign specific exercise types, aims, and participants to each level of preparedness. The proposed guideline should facilitate the reinforcement of cybersecurity risk management practices, reduce resource misuse, and lead to a smooth improvement of capabilities.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据