Enhancing Information Security for Businesses and Organizations: Practical Controls and Systems Frameworks

Volume 8, Issue 4, August 2024     |     PP. 154-173      |     PDF (346 K)    |     Pub. Date: August 31, 2024
DOI: 10.54647/isss120360    15 Downloads     939 Views  

Author(s)

Anastasios Papathanasiou, Cyber Crime Division, Hellenic Police, 173 Alexandras Avenue, 11522 Athens, Greece; Department of Informatics and Telecommunications, University of Ioannina, Kostaki Artas, 47150 Arta, Greece
George Liontos, Department of Materials Science and Engineering, University of Ioannina, 45110 Ioannina, Greece
Vasiliki Liagkou, Department of Informatics and Telecommunications, University of Ioannina, Kostaki Artas, 47150 Arta, Greece
Euripides Glavas, Department of Informatics and Telecommunications, University of Ioannina, Kostaki Artas, 47150 Arta, Greece

Abstract
Businesses and Organizations or Small and Medium-sized Enterprises (SMEs) are pivotal to the global economy, yet they frequently encounter cyber threats that jeopardize their financial stability and operational continuity. This paper presents a proactive approach to cybersecurity designed to protect SMEs from such threats. We propose a comprehensive and scalable cybersecurity framework tailored specifically for SMEs, integrating a range of practical measures and protocols. These measures span technological defenses, employee training programs, and regulatory compliance strategies, all aimed at enhancing resilience and fostering greater cybersecurity awareness among SMEs. By adopting this holistic framework, SMEs can better safeguard their assets and ensure their continued operational success in the face of evolving cyber risks.

Keywords
Information security, cybersecurity, Businesses and Organizations, SMEs (Small and Medium-sized Enterprises), risk management, information security measurements and controls, cybersecurity frameworks

Cite this paper
Anastasios Papathanasiou, George Liontos, Vasiliki Liagkou, Euripides Glavas, Enhancing Information Security for Businesses and Organizations: Practical Controls and Systems Frameworks , SCIREA Journal of Information Science and Systems Science. Volume 8, Issue 4, August 2024 | PP. 154-173. 10.54647/isss120360

References

[ 1 ] IBM, IBM Cost of a Data Breach Report, 2023; Available online: https://www.ibm.com/reports/data-breach (accessed on 12 April 2024).
[ 2 ] Ion, B., Rodica, B., Dumitru, C; Support of education in cybersecurity; Pro Publico Bono–Public Administration; 2021; 9(1), 128-147.
[ 3 ] Kweon, E., Lee, H., Chai, S., Yoo, K; The utility of information security training and education on cybersecurity incidents: An empirical evidence; 2021; Information Systems Frontiers, 23; 361-373.
[ 4 ] He, W., Ash, I., Anwar, M., Li, L., Yuan, X., Xu, L., Tian, X.; Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training; 2020; Journal of intellectual capital; 21(2), 203-213.
[ 5 ] Majthoub, M., Qutqut, M. H., Odeh, Y.; Software re-engineering: An overview; 2018; In 2018 8th International Conference on Computer Science and Information Technology (CSIT); (pp. 266-270), IEEE.
[ 6 ] Ali, M., Hussain, S., Ashraf, M., Paracha, M. K.; Addressing Software Related Issues On Legacy Systems–A Review; 2020; International Journal of Scientific & Technology Research; 9(03), 3738-3742.
[ 7 ] Santos, B. M., de Guzmán, I. G. R., de Camargo, V. V., Piattini, M., Ebert, C.; Software refactoring for system modernization; 2018; IEEE Software; 35(6), 62-67.
[ 8 ] Badhon, A. J., Aggarwal, S.; Cybersecurity in Networking Devices; 2021; Journal of Cybersecurity and Information Management (JCIM); Vol, 8(1), 35-41.
[ 9 ] Mueller, P., Huang, C. T., Yu, S., Tari, Z., Lin, Y. D.; Cloud security; 2016; IEEE Cloud Computing; 3(5), 22-24.
[ 10 ] Laksmiati, D.; Vulnerability Assessment with Network-Based Scanner Method for Improving Website Security; 2023; Journal of Computer Networks; Architecture and High Performance Computing; 5(1), 38-45.
[ 11 ] Walden, J., Doyle, M., Lenhof, R., Murray, J., Plunkett, A.; Impact of plugins on the security of web applications; 2010; In Proceedings of the 6th International Workshop on Security Measurements and Metrics; (pp. 1-8).
[ 12 ] Da Fonseca, J. C. C. M., Vieira, M. P. A.; A practical experience on the impact of plugins in web security; 2014; In 2014 IEEE 33rd International Symposium on Reliable Distributed Systems; (pp. 21-30), IEEE.
[ 13 ] Cernica, I., Popescu, N.; Security evaluation of wordpress backup plugins; 2019; In 2019 22nd International Conference on Control Systems and Computer Science (CSCS); (pp. 312-316), IEEE.
[ 14 ] Jin, Y., Tomoishi, M., Matsuura, S., Kitaguchi, Y.; A secure container-based backup mechanism to survive destructive ransomware attacks. In 2018 International Conference on Computing; 2018; Networking and Communications (ICNC); (pp. 1-6); IEEE.
[ 15 ] Alharbi, T., Portmann, M.; The (in) security of virtualization in software defined networks; 2019; IEEE Access; 7, 66584-66594.
[ 16 ] Dabbagh, M., Hamdaoui, B., Guizani, M., Rayes, A.; Software-defined networking security: pros and cons; 2015; IEEE Communications Magazine; 53(6), 73-79.
[ 17 ] Barker, E., Barker, W.; Recommendation for key management, part 2: best practices for key management organization; 2018; National Institute of Standards and Technology.
[ 18 ] Abrham, T., Kaddoura, S., Al Breiki, H.; Artificial intelligence applications in cybersecurity; 2023; In Handbook of Research on AI Methods and Applications in Computer Engineering; (pp. 179-205), IGI Global.
[ 19 ] Barker, E., Barker, W.; Recommendation for key management, part 2: best practices for key management organization; 2018; National Institute of Standards and Technology.
[ 20 ] Abrham, T., Kaddoura, S., Al Breiki, H.; Artificial intelligence applications in cybersecurity; 2023; In Handbook of Research on AI Methods and Applications in Computer Engineering; (pp. 179-205), IGI Global.