Regresar

The importance of the security culture in SMEs as regards the correct management of the security of their assets

Abstract:

The information society is increasingly more dependent on Information Security Management Systems (ISMSs), and the availability of these kinds of systems is now vital for the development of Small and Medium-Sized Enterprises (SMEs). However, these companies require ISMSs that have been adapted to their special features, and which are optimized as regards the resources needed to deploy and maintain them. This article shows how important the security culture within ISMSs is for SMEs, and how the concept of security culture has been introduced into a security management methodology (MARISMA is a Methodology for "Information Security Management System in SMEs" developed by the Sicaman Nuevas Tecnologías Company, Research Group GSyA and Alarcos of the University of Castilla-La Mancha.) for SMEs. This model is currently being directly applied to real cases, thus allowing a steady improvement to be made to its implementation.

Año de publicación:

2016

Keywords:

  • CYBERSECURITY
  • ISO27001
  • Information security management systems
  • smes
  • Security Culture
  • ISO27002
  • ISMS

Fuente:

scopusscopus
googlegoogle

Tipo de documento:

Article

Estado:

Acceso abierto

Áreas de conocimiento:

  • Gestión de riesgos

Áreas temáticas:

  • Funcionamiento de bibliotecas y archivos
  • Dirección general
  • Otros problemas y servicios sociales

Contribuidores:

Fernandez-Medina E.Fernandez-Medina E.
Santos-Olmo A.Santos-Olmo A.
Caballero I.Caballero I.
Luis Enrique Sánchez CrespoLuis Enrique Sánchez Crespo
Sara CamachoSara Camacho
Sara Camacho EstradaSara Camacho Estrada