Systematic approach to cyber resilience operationalization in SMEs

The constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. M...

Descripción completa

Detalles Bibliográficos
Autores: Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78, Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05, Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088d, Arrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98e, Hernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77
Tipo de recurso: artículo
Fecha de publicación:2020
País:España
Institución:Universidad de Navarra
Repositorio:Dadun. Depósito Académico Digital de la Universidad de Navarra
Idioma:inglés
OAI Identifier:oai:dadun.unav.edu:10171/66448
Acceso en línea:https://hdl.handle.net/10171/66448
Access Level:acceso abierto
Palabra clave:Cyber resilience
Design science research (DSR)
Framework
Grounded theory
Guidelines
SMEs
id ES_89229221553f85cd78939e8aadb9e00a
oai_identifier_str oai:dadun.unav.edu:10171/66448
network_acronym_str ES
network_name_str España
repository_id_str
spelling Systematic approach to cyber resilience operationalization in SMEsCarías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088dArrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98eHernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77Cyber resilienceDesign science research (DSR)FrameworkGrounded theoryGuidelinesSMEsThe constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. Moreover, the traditional cybersecurity approach of protecting against known threats cannot withstand the rapidly evolving technologies and threats used by cybercriminals. This study claims that cyber resilience, a more holistic approach to cybersecurity, could help SMEs anticipate, detect, withstand, recover from and evolve after cyber incidents. However, to operationalize cyber resilience is not an easy task, and thus, the study presents a framework with a corresponding implementation order for SMEs that could help them implement cyber resilience practices. The framework is the result of using a variation of Design Science Research in which Grounded Theory was used to induce the most important actions required to implement cyber resilience and an iterative evaluation from experts to validate the actions and put them in a logical order. Therefore, this study proposes that the framework could benefit SME managers to understand cyber resilience, as well as help them start implementing it with concrete actions and an order dictated by the experience of experts. This could potentially ease cyber resilience implementation for SMEs by making them aware of what cyber resilience implies, which dimensions it includes and what actions can be implemented to increase their cyber resilience.IEEEDadun. Depósito Académico Digital Universidad de Navarra20232023-05-2920202020-01-0120202020-01-01journal articlehttp://purl.org/coar/resource_type/c_6501info:eu-repo/semantics/articleapplication/pdfhttps://hdl.handle.net/10171/66448reponame:Dadun. Depósito Académico Digital de la Universidad de Navarrainstname:Universidad de NavarraInglésengopen accesshttp://purl.org/coar/access_right/c_abf2info:eu-repo/semantics/openAccessoai:dadun.unav.edu:10171/664482026-06-21T12:47:57Z
dc.title.none.fl_str_mv Systematic approach to cyber resilience operationalization in SMEs
title Systematic approach to cyber resilience operationalization in SMEs
spellingShingle Systematic approach to cyber resilience operationalization in SMEs
Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78
Cyber resilience
Design science research (DSR)
Framework
Grounded theory
Guidelines
SMEs
title_short Systematic approach to cyber resilience operationalization in SMEs
title_full Systematic approach to cyber resilience operationalization in SMEs
title_fullStr Systematic approach to cyber resilience operationalization in SMEs
title_full_unstemmed Systematic approach to cyber resilience operationalization in SMEs
title_sort Systematic approach to cyber resilience operationalization in SMEs
dc.creator.none.fl_str_mv Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78
Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05
Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088d
Arrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98e
Hernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77
author Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78
author_facet Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78
Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05
Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088d
Arrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98e
Hernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77
author_role author
author2 Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05
Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088d
Arrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98e
Hernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77
author2_role author
author
author
author
dc.contributor.none.fl_str_mv Dadun. Depósito Académico Digital Universidad de Navarra
dc.subject.none.fl_str_mv Cyber resilience
Design science research (DSR)
Framework
Grounded theory
Guidelines
SMEs
topic Cyber resilience
Design science research (DSR)
Framework
Grounded theory
Guidelines
SMEs
description The constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. Moreover, the traditional cybersecurity approach of protecting against known threats cannot withstand the rapidly evolving technologies and threats used by cybercriminals. This study claims that cyber resilience, a more holistic approach to cybersecurity, could help SMEs anticipate, detect, withstand, recover from and evolve after cyber incidents. However, to operationalize cyber resilience is not an easy task, and thus, the study presents a framework with a corresponding implementation order for SMEs that could help them implement cyber resilience practices. The framework is the result of using a variation of Design Science Research in which Grounded Theory was used to induce the most important actions required to implement cyber resilience and an iterative evaluation from experts to validate the actions and put them in a logical order. Therefore, this study proposes that the framework could benefit SME managers to understand cyber resilience, as well as help them start implementing it with concrete actions and an order dictated by the experience of experts. This could potentially ease cyber resilience implementation for SMEs by making them aware of what cyber resilience implies, which dimensions it includes and what actions can be implemented to increase their cyber resilience.
publishDate 2020
dc.date.none.fl_str_mv 2020
2020-01-01
2020
2020-01-01
2023
2023-05-29
dc.type.none.fl_str_mv journal article
http://purl.org/coar/resource_type/c_6501
dc.type.openaire.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.none.fl_str_mv https://hdl.handle.net/10171/66448
url https://hdl.handle.net/10171/66448
dc.language.none.fl_str_mv Inglés
eng
language_invalid_str_mv Inglés
language eng
dc.rights.none.fl_str_mv open access
http://purl.org/coar/access_right/c_abf2
dc.rights.openaire.fl_str_mv info:eu-repo/semantics/openAccess
rights_invalid_str_mv open access
http://purl.org/coar/access_right/c_abf2
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv IEEE
publisher.none.fl_str_mv IEEE
dc.source.none.fl_str_mv reponame:Dadun. Depósito Académico Digital de la Universidad de Navarra
instname:Universidad de Navarra
instname_str Universidad de Navarra
reponame_str Dadun. Depósito Académico Digital de la Universidad de Navarra
collection Dadun. Depósito Académico Digital de la Universidad de Navarra
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1869412603714863104
score 15,301603