Towards a Cybersecurity Awareness Plan for Casinos: An Initial Review for Internal Workers

Vista sencilla de ítem
dc.contributor.affiliationDíaz, J., Depto. Cs. de la Computación e Informática, Universidad de La Frontera, Temuco, Chile
dc.contributor.affiliationGuzmán, R., Consultora Tecnológica RGIT, Temuco, Chile
dc.contributor.affiliationArango-López, J., Depto. de Ingeniería de Sistemas e Informática, Universidad de Caldas, Manizales, Colombia
dc.contributor.affiliationHochstetter, J., Depto. Cs. de la Computación e Informática, Universidad de La Frontera, Temuco, Chile
dc.contributor.affiliationV., G.M.R., Facultad de Ingenierías, Universidad de Medellín, Medellín, Colombia
dc.contributor.affiliationMoreira, F., REMIT, IJP, Universidade Portucalense and IEETA, Universidade de Aveiro, Aveiro, Portugal
dc.contributor.authorDíaz J
dc.contributor.authorGuzmán R
dc.contributor.authorArango-López J
dc.contributor.authorHochstetter J
dc.contributor.authorV. G.M.R
dc.contributor.authorMoreira F.
dc.contributor.conferencename11th World Conference on Information Systems and Technologies, WorldCIST 2023spa
dc.date.accessioned2024-07-31T21:07:07Z
dc.date.available2024-07-31T21:07:07Z
dc.date.issued2024
dc.descriptionPublic and private institutions have invested in IT to increase their information security. Along with investments, the human factor is dominant. In that sense, countries have also implemented their own Computer Security Incident Response Teams (CSIRTs), whose main objective is to minimize and control the damage in case of a security breach. In the case of the Chilean government, with its CSIRT, they propose new guidelines for IT standards related to cybersecurity in the country’s gaming casinos. This incorporation includes creating internal policies, procedures, protocols, and procurement. The objective of this article is to design a model for creating a cybersecurity awareness and education campaign based on the recommendations of the National Institute of Standards and Technology (NIST) and ISO 27001. The methodology consists of the evaluation of these alternatives and the declaration of 5 preliminary stages. On this occasion, we evaluated the first of them, evaluating all the internal workers of the company to form the subsequent initiatives. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
dc.identifier.doi10.1007/978-3-031-45642-8_13
dc.identifier.instnameinstname:Universidad de Medellínspa
dc.identifier.isbn9783031456411
dc.identifier.issn23673370
dc.identifier.reponamereponame:Repositorio Institucional Universidad de Medellínspa
dc.identifier.repourlrepourl:https://repository.udem.edu.co/
dc.identifier.urihttp://hdl.handle.net/11407/8476
dc.language.isoeng
dc.publisherSpringer Science and Business Media Deutschland GmbHspa
dc.publisher.facultyFacultad de Ingenieríasspa
dc.publisher.programIngeniería de Sistemasspa
dc.relation.citationendpage143
dc.relation.citationstartpage134
dc.relation.citationvolume799 LNNS
dc.relation.isversionofhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85187723184&doi=10.1007%2f978-3-031-45642-8_13&partnerID=40&md5=85cc3821385a3794be0e724baaf932c7
dc.relation.referencesWEF: The Global Risk Report 2022. World Economic Forum (2022). https://www3.weforum. org/docs/WEF_The_Global_Risks_Report_2022.pdf
dc.relation.referencesReason, J., Human error: Models and management (2000) BMJ, 320 (7237), pp. 768-770. , https://doi.org/10.1136/bmj.320.7237.768. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC 1117770/
dc.relation.referencesAlshammari, Z., Phishing attacks cybersecurity (2022) ISSA Journal
dc.relation.referencesAlkhalil, Z., Hewage, C., Nawaf, L., Khan, I., Phishing attacks: A recent comprehensive study and a new anatomy (2021) Front. Comput. Sci., 3 (320). , https://doi.org/10.3389/fcomp. 2021.563060
dc.relation.referencesJiménez, F., (2019) Handbook of Intelligence and Counterintelligence, , Third Edition. Seville, Spain: CISDE Editorial
dc.relation.referencesFrauenstein, E.D., von Solms, R., An enterprise anti-phishing framework (2013) Information Assurance and Security Education and Training. WISE WISE 2013 2013 2011 2009. IFIP Advances in Information and Communication Technology, Vol, p. 406. , https://doi.org/10.1007/978-3-642-39377-8_22, Dodge, R.C., Futcher, L, Springer, Berlin, Heidelberg
dc.relation.referencesYu, W.D., Nargundkar, S., Tiruthani, N.: A phishing vulnerability analysis of web based systems. In: Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC 2008), pp. 326–331. IEEE, Marrakech, Morocco (2008). https://doi.org/10.1109/ISCC. 2008.4625681
dc.relation.referencesBlankenship, J., O’Malley, C., (2019) Best Practices: Phishing Prevention. Protect against Email-Borne Threats with Forrester’s Layered Approach, , https://www. proofpoint.com/au/resources/threat-reports/forrester-best-practices-phishing-prevention, Forrester Research
dc.relation.referencesKletz, T., (2001) Learning from Accidents in Industry, , Gulf Professional Publishing, Oxford, UK
dc.relation.referencesde la Torre, S., (2004) Learning from Mistakes. El Tratamiento didáctico De Los Errores Como Estrategia De innovación. Buenos Aires, , Argentina: Editorial Magisterio del Río de la Plata
dc.relation.referencesReason, J., (1997) Managing the Risks of Organizational Accidents. Ashgate, , Aldershot, england
dc.relation.referencesSteves, M., Greene, K., Theofanos, M., Categorizing human phishing difficulty: A phish scale (2020) J. Cybersecurity., 6 (1), p. tyaa009. , https://doi.org/10.1093/cybsec/tyaa009
dc.relation.referencesEdmondson, A., Strategies for learning from failure (2011) Harvard Business Review, , https://hbr.org/2011/04/strategies-for-learning-from-failure
dc.relation.referencesStalling, W., (2019) Effective Cybersecurity. a Guide to Using Best Practices and Standards, , USA: Addisson Wesley
dc.relation.referencesCarpenter, P., Roer, K., (2022) The Security Culture Playbook. an Executive Guide to Reducing Risk and Developing Your Human Defense Layer, , Wiley, Hoboken, NJ. USA
dc.relation.referencesBrumfield, C., A medical model for reducing cybersecurity risk behavior (2022) CSO Computer-World, , https://cso.computerworld.es/tendencias/un-modelo-medico-para-reducir-el-comportamiento-de-riesgo-en-ciberseguridad
dc.relation.referencesBarojan, D., Building digital resilience ahead of elections and beyond (2021) Disinformation and Fake News, pp. 61-73. , https://doi.org/10.1007/978-981-15-5876-4_5, Jayakumar, S., Ang, B., Anwar, N.D. (eds.) , Springer, Singapore
dc.rights.accessrightsinfo:eu-repo/semantics/restrictedAccess
dc.sourceLecture Notes in Networks and Systems
dc.sourceLect. Notes Networks Syst.
dc.sourceScopus
dc.subjectCybersecurity awarenesseng
dc.subjectEducationeng
dc.subjectElectronic commerceeng
dc.subjectPolicy developmenteng
dc.subjectE-learningeng
dc.subjectElectronic commerceeng
dc.subjectCyber securityeng
dc.subjectCybersecurity awarenesseng
dc.subjectIncident responseeng
dc.subjectIT standardseng
dc.subjectPolicy developmenteng
dc.subjectPrivate institutionseng
dc.subjectPublic institutioneng
dc.subjectSecurity breacheseng
dc.subjectSecurity incidenteng
dc.subjectWorkers'eng
dc.subjectCybersecurityeng
dc.titleTowards a Cybersecurity Awareness Plan for Casinos: An Initial Review for Internal Workerseng
dc.typeconference paper
dc.type.localDocumento de conferenciaspa
dc.type.versioninfo:eu-repo/semantics/publishedVersion

Archivos

Colecciones

Indexados Scopus