Systematic approach to cyber resilience operationalization in SMEs
The constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. M...
| Autores: | , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2020 |
| País: | España |
| Institución: | Universidad de Navarra |
| Repositorio: | Dadun. Depósito Académico Digital de la Universidad de Navarra |
| Idioma: | inglés |
| OAI Identifier: | oai:dadun.unav.edu:10171/66448 |
| Acceso en línea: | https://hdl.handle.net/10171/66448 |
| Access Level: | acceso abierto |
| Palabra clave: | Cyber resilience Design science research (DSR) Framework Grounded theory Guidelines SMEs |
| id |
ES_89229221553f85cd78939e8aadb9e00a |
|---|---|
| oai_identifier_str |
oai:dadun.unav.edu:10171/66448 |
| network_acronym_str |
ES |
| network_name_str |
España |
| repository_id_str |
|
| spelling |
Systematic approach to cyber resilience operationalization in SMEsCarías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088dArrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98eHernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77Cyber resilienceDesign science research (DSR)FrameworkGrounded theoryGuidelinesSMEsThe constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. Moreover, the traditional cybersecurity approach of protecting against known threats cannot withstand the rapidly evolving technologies and threats used by cybercriminals. This study claims that cyber resilience, a more holistic approach to cybersecurity, could help SMEs anticipate, detect, withstand, recover from and evolve after cyber incidents. However, to operationalize cyber resilience is not an easy task, and thus, the study presents a framework with a corresponding implementation order for SMEs that could help them implement cyber resilience practices. The framework is the result of using a variation of Design Science Research in which Grounded Theory was used to induce the most important actions required to implement cyber resilience and an iterative evaluation from experts to validate the actions and put them in a logical order. Therefore, this study proposes that the framework could benefit SME managers to understand cyber resilience, as well as help them start implementing it with concrete actions and an order dictated by the experience of experts. This could potentially ease cyber resilience implementation for SMEs by making them aware of what cyber resilience implies, which dimensions it includes and what actions can be implemented to increase their cyber resilience.IEEEDadun. Depósito Académico Digital Universidad de Navarra20232023-05-2920202020-01-0120202020-01-01journal articlehttp://purl.org/coar/resource_type/c_6501info:eu-repo/semantics/articleapplication/pdfhttps://hdl.handle.net/10171/66448reponame:Dadun. Depósito Académico Digital de la Universidad de Navarrainstname:Universidad de NavarraInglésengopen accesshttp://purl.org/coar/access_right/c_abf2info:eu-repo/semantics/openAccessoai:dadun.unav.edu:10171/664482026-06-21T12:47:57Z |
| dc.title.none.fl_str_mv |
Systematic approach to cyber resilience operationalization in SMEs |
| title |
Systematic approach to cyber resilience operationalization in SMEs |
| spellingShingle |
Systematic approach to cyber resilience operationalization in SMEs Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78 Cyber resilience Design science research (DSR) Framework Grounded theory Guidelines SMEs |
| title_short |
Systematic approach to cyber resilience operationalization in SMEs |
| title_full |
Systematic approach to cyber resilience operationalization in SMEs |
| title_fullStr |
Systematic approach to cyber resilience operationalization in SMEs |
| title_full_unstemmed |
Systematic approach to cyber resilience operationalization in SMEs |
| title_sort |
Systematic approach to cyber resilience operationalization in SMEs |
| dc.creator.none.fl_str_mv |
Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78 Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05 Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088d Arrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98e Hernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77 |
| author |
Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78 |
| author_facet |
Carías-Alvarez, J.F. (Juan Francisco)|||/items/4ba75557-0b40-4237-a510-3062777c6e78 Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05 Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088d Arrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98e Hernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77 |
| author_role |
author |
| author2 |
Borges, M.R.S. (Marcos R. S.)|||/items/cb3ba8b0-849e-40ce-8bab-0ae610c73a05 Labaka-Zubieta, L. (Leire)|||/items/9b426903-0c71-40d7-8d23-d3361f18088d Arrizabalaga-Juaristi, S. (Saioa)|||/items/8fd585fc-4135-44f8-803d-ddeb0605d98e Hernantes-Apezetxea, J. (Josune)|||/items/f325c658-dca3-4e00-ab34-9afbcf2e3c77 |
| author2_role |
author author author author |
| dc.contributor.none.fl_str_mv |
Dadun. Depósito Académico Digital Universidad de Navarra |
| dc.subject.none.fl_str_mv |
Cyber resilience Design science research (DSR) Framework Grounded theory Guidelines SMEs |
| topic |
Cyber resilience Design science research (DSR) Framework Grounded theory Guidelines SMEs |
| description |
The constantly evolving cyber threat landscape is a latent problem for today’s companies. This is especially true for the Small and Medium-sized Enterprises (SMEs) because they have limited resources to face the threats but, as a group, represent an extensive payload for cybercriminals to exploit. Moreover, the traditional cybersecurity approach of protecting against known threats cannot withstand the rapidly evolving technologies and threats used by cybercriminals. This study claims that cyber resilience, a more holistic approach to cybersecurity, could help SMEs anticipate, detect, withstand, recover from and evolve after cyber incidents. However, to operationalize cyber resilience is not an easy task, and thus, the study presents a framework with a corresponding implementation order for SMEs that could help them implement cyber resilience practices. The framework is the result of using a variation of Design Science Research in which Grounded Theory was used to induce the most important actions required to implement cyber resilience and an iterative evaluation from experts to validate the actions and put them in a logical order. Therefore, this study proposes that the framework could benefit SME managers to understand cyber resilience, as well as help them start implementing it with concrete actions and an order dictated by the experience of experts. This could potentially ease cyber resilience implementation for SMEs by making them aware of what cyber resilience implies, which dimensions it includes and what actions can be implemented to increase their cyber resilience. |
| publishDate |
2020 |
| dc.date.none.fl_str_mv |
2020 2020-01-01 2020 2020-01-01 2023 2023-05-29 |
| dc.type.none.fl_str_mv |
journal article http://purl.org/coar/resource_type/c_6501 |
| dc.type.openaire.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| dc.identifier.none.fl_str_mv |
https://hdl.handle.net/10171/66448 |
| url |
https://hdl.handle.net/10171/66448 |
| dc.language.none.fl_str_mv |
Inglés eng |
| language_invalid_str_mv |
Inglés |
| language |
eng |
| dc.rights.none.fl_str_mv |
open access http://purl.org/coar/access_right/c_abf2 |
| dc.rights.openaire.fl_str_mv |
info:eu-repo/semantics/openAccess |
| rights_invalid_str_mv |
open access http://purl.org/coar/access_right/c_abf2 |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
IEEE |
| publisher.none.fl_str_mv |
IEEE |
| dc.source.none.fl_str_mv |
reponame:Dadun. Depósito Académico Digital de la Universidad de Navarra instname:Universidad de Navarra |
| instname_str |
Universidad de Navarra |
| reponame_str |
Dadun. Depósito Académico Digital de la Universidad de Navarra |
| collection |
Dadun. Depósito Académico Digital de la Universidad de Navarra |
| repository.name.fl_str_mv |
|
| repository.mail.fl_str_mv |
|
| _version_ |
1869412603714863104 |
| score |
15,301603 |