عرض بسيط للتسجيلة

المؤلفAL-Dosari, Khalifa
المؤلفFetais, Noora
تاريخ الإتاحة2024-03-10T05:42:09Z
تاريخ النشر2023
اسم المنشورElectronics (Switzerland)
المصدرScopus
الرقم المعياري الدولي للكتاب20799292
معرّف المصادر الموحدhttp://dx.doi.org/10.3390/electronics12173629
معرّف المصادر الموحدhttp://hdl.handle.net/10576/52817
الملخصInformation-technology (IT) security standards are regularly updated in a rapidly changing technological world to maintain pace with advanced technologies. This study was motivated by the realization that established IT risk-management frameworks might provide an adequate defence for small- and medium-sized enterprises (SMEs), especially those actively adopting new technologies. We reviewed that a dynamic IT risk-management framework, updated to reflect emerging technological changes, would offer improved security and privacy for SMEs. To evaluate this, we conducted a systematic literature review spanning 2016 to 2021, focusing on IT risk-management research in various application areas. This study revealed that, while established frameworks like NIST have their benefits, they need to be better suited to the unique needs of SMEs due to their high degree of abstractness, vague guidelines, and lack of adaptability to technological advancements. The findings suggest a pressing need to evolve IT risk-management frameworks, particularly by incorporating advanced methods such as system dynamics, machine learning, and technoeconomic and sociotechnological models. These innovative approaches provide a more dynamic, responsive, and holistic approach to risk management, thereby significantly improving the IT security of SMEs. The study's implications underscore the urgency of developing flexible, dynamic, and technology-informed IT risk-management strategies, offering novel insights into a more practical approach to IT risk management.
راعي المشروعFor now, this research has received no external funding. However, it may be funded by the QNLP.
اللغةen
الناشرMultidisciplinary Digital Publishing Institute (MDPI)
الموضوعcybersecurity
information security
risk assessment
risk management
العنوانRisk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach
النوعArticle
رقم العدد17
رقم المجلد12
dc.accessType Open Access


الملفات في هذه التسجيلة

Thumbnail

هذه التسجيلة تظهر في المجموعات التالية

عرض بسيط للتسجيلة