Publicación de Libros

El equipo formado por los investigadores Sánchez, L.E., Santos-Olmo Parra, A., Fernández-Medina, E., Piattini, M. y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha conseguido la públicación de un “Capítulo de un Libro Internacional” denominado “ISMS Building for SMEs through the reuse of knowledge, Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions” y publicado por “IGI Global, April 2011, Pp. 90-116. ISBN: 978-1-4666-0197-0, DOI: 10.4018/978-1-4666-0197-0.ch006, EID: 2-s2.0-84898346068”.

En este documento se muestran las últimas investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.


The information society is increasingly more dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has become crucial to the evolution of Small and Medium-size Enterprises (SMEs). However, this type of companies requires ISMSs which have been adapted to their specific characteristics, and these systems must be optimized from the point of view of the resources necessary to deploy and maintain them. Over the last 10 years, the authors have obtained considerable experience in the establishment of ISMSs, and during this time, they have observed that the structure and characteristics of SMEs as regards security management are frequently very similar (since they can all be grouped by business size and sector), thus signifying that it is possible to construct patterns for ISMSs that can be reused and refined. In this chapter, the authors present the strategy that they have designed to manage and reuse security information in information system security management. This strategy is framed within a methodology designed for integral security management and its information systems maturity, denominated as “Methodology for Security Management and Maturity in Small and Medium-size Enterprises (MSM2-SME),” and it is defined in a reusable model called “Reusable Pattern for Security Management (RPSM),” which systematically defines, manages, and reuses the aforementioned methodology through a sub-process denominated as “Generation of Security Management Patterns (GSMP).” This model is currently being applied in real cases, and is thus constantly improving.


Más información:

URL Noticia 1:

URL Noticia 2: