{"title":"Evaluation of the cyber security models implemented across common attack vectors: A review of literature","authors":"Afra Ansaria","doi":"10.30574/wjaets.2024.11.1.0023","DOIUrl":null,"url":null,"abstract":"Cybersecurity is an organizational issue that should be looked at through the lens of various stakeholders. However, it is often treated as a siloed issue in which more is always seen as better. The CISOs, CIOs, and the key decision-makers struggle to understand how much security is enough. Cybersecurity solutions, referred to as controls, more often than not result in a residual risk. To assess this risk better, the security controls should be studied in further detail. The objective of this paper is to educate the audience with the various cyber security controls being used in the academia and in the industry. In order to circumvent the security issues faced by large organization, the tradeoffs of each controls should be studied further. The paper is meant to provide a balanced view providing the positive and the critical aspect of implementing some of the known security solutions. There is no one perfect formula when it comes to selecting security controls. However, picking a security control that are in line with the users’ needs will help reduce some of the risks associated with implementing the controls. An optimal solution requires a balanced approach towards the risk, cost, and benefit of the solution. The aim of the paper is to help the reader assess some of risks and the tradeoff associated with the security controls being practiced in the industry today.","PeriodicalId":275182,"journal":{"name":"World Journal of Advanced Engineering Technology and Sciences","volume":"3 5","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"World Journal of Advanced Engineering Technology and Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.30574/wjaets.2024.11.1.0023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Cybersecurity is an organizational issue that should be looked at through the lens of various stakeholders. However, it is often treated as a siloed issue in which more is always seen as better. The CISOs, CIOs, and the key decision-makers struggle to understand how much security is enough. Cybersecurity solutions, referred to as controls, more often than not result in a residual risk. To assess this risk better, the security controls should be studied in further detail. The objective of this paper is to educate the audience with the various cyber security controls being used in the academia and in the industry. In order to circumvent the security issues faced by large organization, the tradeoffs of each controls should be studied further. The paper is meant to provide a balanced view providing the positive and the critical aspect of implementing some of the known security solutions. There is no one perfect formula when it comes to selecting security controls. However, picking a security control that are in line with the users’ needs will help reduce some of the risks associated with implementing the controls. An optimal solution requires a balanced approach towards the risk, cost, and benefit of the solution. The aim of the paper is to help the reader assess some of risks and the tradeoff associated with the security controls being practiced in the industry today.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
