Definition
Cybersecurity involves the application and management of techniques with the aim of protecting the confidentiality, integrity, and availability of information and information assets in cyberspace.
Introduction
The widespread use of electronic information processing coupled with the emergence of business conducted through the Internet has fueled the need for organizations to protect proprietary and customer information from malicious cyber actors and nations (Grispos et al. 2017). As a result, many organizations have recognized the importance of implementing effective cybersecurity practices. According to the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC), cybersecurity encompasses the preservation of confidentiality, integrity, and availability of information in cyberspace (International Organization for Standardization/International Electrotechnical Commission 2012). Confidentiality refers to “the protection of sensitive...
This is a preview of subscription content, log in via an institution to check access.
References
Eloff, J. H., & Eloff, M. (2003). Information security management: A new paradigm. Paper presented at the Proceedings of the 2003 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology.
Grispos, G., Glisson, W. B., & Storer, T. (2013). Cloud security challenges: Investigating policies, standards, and guidelines in a fortune 500 organization. Paper presented at the 21st European Conference on Information Systems, Utrecht.
Grispos, G., Jesús, G-G., Liliana, P., & Bashar N. (2017). Are you ready? Towards the engineering of forensic-ready systems. In 2017 11th International Conference on Research Challenges in Information Science (RCIS), pp. 328–333. IEEE.
International Organization for Standardization/International Electrotechnical Commission (2012). Information technology – Security techniques – Guidelines for cybersecurity. Retrieved from https://www.iso.org/obp/ui/#iso:std:iso-iec:27032:ed-1:v1:en
International Organization for Standardization/International Electrotechnical Commission (2013). Information technology – Security techniques – Code of practice for information security controls.
International Organization for Standardization/International Electrotechnical Commission (2014). ISO/IEC 27000 – Information security management systems – Overview and vocabulary.
National Institute of Standards and Technology (2018). Framework for improving critical infrastructure cybersecurity.
PCI Security Standards Council (2018). Payment Card Industry (PCI) Data Security Standard (DSS), version 3.2.1.
Peltier, T. R. (2013). Information security fundamentals. Boca Raton: CRC Press.
Ross, R. (2007). Managing enterprise security risk with NIST standards. IEEE Computer, 40(8), 88–91.
Siponen, M. (2006). Information security standards focus on the existence of process, not its content. Communications of the ACM, 49(8), 97–100.
Siponen, M., & Willison, R. (2009). Information security management standards: Problems and solutions. Information & Management, 46(5), 267–270.
The House of Representatives of the State of Washington (2010). Financial information security breaches – Credit and debit cards, chapter 151, laws of 2010 – House Bill 1149.
Von Solms, B. (2000). Information security – The third wave? Computers & Security, 19(7), 615–615.
Von Solms, B. (2006). Information security – The fourth wave. Computers & Security, 25(3), 165–168.
Wiander, T. (2007). Implementing the ISO/IEC 17799 standard in practice-findings from small and medium sized software organisations. Paper presented at the 5th International Conference on Standardization and Innovation in Information Technology, 2007. SIIT 2007.
Further Reading
Christou, G. (2016). Cybersecurity in the European Union: Resilience and adaptability in governance policy. Springer. Basingstoke, United Kingdom.
Donaldson, S. E., Siegel, S. G., Williams, C. K., & Aslam, A. (2015). Enterprise cybersecurity – How to build a successful cyberdefense program against advanced threats. New York: Apress.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this entry
Cite this entry
Grispos, G. (2019). Cybersecurity: Practice. In: Shapiro, L., Maras, MH. (eds) Encyclopedia of Security and Emergency Management. Springer, Cham. https://doi.org/10.1007/978-3-319-69891-5_81-1
Download citation
DOI: https://doi.org/10.1007/978-3-319-69891-5_81-1
Received:
Accepted:
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69891-5
Online ISBN: 978-3-319-69891-5
eBook Packages: Springer Reference Law and CriminologyReference Module Humanities and Social SciencesReference Module Business, Economics and Social Sciences