Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework

Solis Leon; Brian Joel; Di Paola Jara; Renzo Giovanni; Copaja Cornejo; Richard Nivaldo

doi:10.1109/INTERCON59652.2023.10326098

Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework

Solis Leon
, Brian Joel
, Di Paola Jara
, Renzo Giovanni
, Copaja Cornejo
, Richard Nivaldo

Facultad de Ingeniería

Universidad Peruana de Ciencias Aplicadas

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

Resumen

Attacks on information security and data leaks in telecommunications companies in Peru cause considerable losses both financially and in terms of social reputation. For this reason, response protocols have been implemented to deal with these situations. However, the mere implementation and development of these protocols is not enough to effectively prevent or counter attacks. Therefore, a technological solution is proposed that combines a maturity assessment model for protocols and a reporting system that provides information on the current level and possible improvements that can be applied to the assessed protocols. The project aims to reduce attacks on companies in the telecommunications sector and at the same time enable them to assess the state of their protocols in terms of cybersecurity, giving them greater insight into possible situations that could result from protocol misuse. To validate the project, 4 cybersecurity experts were involved, who have used it for a given period to obtain sufficient information to offer their opinion. At the end of the period of use, a form was sent to them to evaluate the level of satisfaction with the project, using the indicators that were established. The final level of satisfaction obtained was 81.39%, which indicates that the project has been successful according to the evaluation of the security experts.

Idioma original	Inglés
Título de la publicación alojada	Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023
Editorial	Institute of Electrical and Electronics Engineers Inc.
ISBN (versión digital)	9798350315578
DOI	https://doi.org/10.1109/INTERCON59652.2023.10326098
Estado	Publicada - 2023
Evento	30th IEEE International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023 - Lima, Perú Duración: 2 nov. 2023 → 4 nov. 2023

Serie de la publicación

Nombre	Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023

Conferencia

Conferencia	30th IEEE International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023
País/Territorio	Perú
Ciudad	Lima
Período	2/11/23 → 4/11/23

ODS de las Naciones Unidas

Este resultado contribuye a los siguientes Objetivos de Desarrollo Sostenible

ODS 7: Energía asequible y no contaminante

Acceder al documento

10.1109/INTERCON59652.2023.10326098

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Leon, S., Joel, B., Jara, D. P., Giovanni, R., Cornejo, C., & Nivaldo, R. (2023). Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework. En Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023 (Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/INTERCON59652.2023.10326098

Leon, Solis ; Joel, Brian ; Jara, Di Paola et al. / Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework. Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023. Institute of Electrical and Electronics Engineers Inc., 2023. (Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023).

@inproceedings{69733e1839554fdbb0b6596b3d3f97b3,

title = "Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework",

abstract = "Attacks on information security and data leaks in telecommunications companies in Peru cause considerable losses both financially and in terms of social reputation. For this reason, response protocols have been implemented to deal with these situations. However, the mere implementation and development of these protocols is not enough to effectively prevent or counter attacks. Therefore, a technological solution is proposed that combines a maturity assessment model for protocols and a reporting system that provides information on the current level and possible improvements that can be applied to the assessed protocols. The project aims to reduce attacks on companies in the telecommunications sector and at the same time enable them to assess the state of their protocols in terms of cybersecurity, giving them greater insight into possible situations that could result from protocol misuse. To validate the project, 4 cybersecurity experts were involved, who have used it for a given period to obtain sufficient information to offer their opinion. At the end of the period of use, a form was sent to them to evaluate the level of satisfaction with the project, using the indicators that were established. The final level of satisfaction obtained was 81.39\%, which indicates that the project has been successful according to the evaluation of the security experts.",

keywords = "NIST, evaluation, maturity model, response protocols",

author = "Solis Leon and Brian Joel and Jara, \{Di Paola\} and Renzo Giovanni and Copaja Cornejo and Richard Nivaldo",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 30th IEEE International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023 ; Conference date: 02-11-2023 Through 04-11-2023",

year = "2023",

doi = "10.1109/INTERCON59652.2023.10326098",

language = "Ingl{\'e}s",

series = "Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023",

}

Leon, S, Joel, B, Jara, DP, Giovanni, R, Cornejo, C & Nivaldo, R 2023, Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework. En Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023. Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023, Institute of Electrical and Electronics Engineers Inc., 30th IEEE International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023, Lima, Perú, 2/11/23. https://doi.org/10.1109/INTERCON59652.2023.10326098

Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework. / Leon, Solis; Joel, Brian; Jara, Di Paola et al.
Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023. Institute of Electrical and Electronics Engineers Inc., 2023. (Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023).

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

TY - GEN

T1 - Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework

AU - Leon, Solis

AU - Joel, Brian

AU - Jara, Di Paola

AU - Giovanni, Renzo

AU - Cornejo, Copaja

AU - Nivaldo, Richard

PY - 2023

Y1 - 2023

N2 - Attacks on information security and data leaks in telecommunications companies in Peru cause considerable losses both financially and in terms of social reputation. For this reason, response protocols have been implemented to deal with these situations. However, the mere implementation and development of these protocols is not enough to effectively prevent or counter attacks. Therefore, a technological solution is proposed that combines a maturity assessment model for protocols and a reporting system that provides information on the current level and possible improvements that can be applied to the assessed protocols. The project aims to reduce attacks on companies in the telecommunications sector and at the same time enable them to assess the state of their protocols in terms of cybersecurity, giving them greater insight into possible situations that could result from protocol misuse. To validate the project, 4 cybersecurity experts were involved, who have used it for a given period to obtain sufficient information to offer their opinion. At the end of the period of use, a form was sent to them to evaluate the level of satisfaction with the project, using the indicators that were established. The final level of satisfaction obtained was 81.39%, which indicates that the project has been successful according to the evaluation of the security experts.

AB - Attacks on information security and data leaks in telecommunications companies in Peru cause considerable losses both financially and in terms of social reputation. For this reason, response protocols have been implemented to deal with these situations. However, the mere implementation and development of these protocols is not enough to effectively prevent or counter attacks. Therefore, a technological solution is proposed that combines a maturity assessment model for protocols and a reporting system that provides information on the current level and possible improvements that can be applied to the assessed protocols. The project aims to reduce attacks on companies in the telecommunications sector and at the same time enable them to assess the state of their protocols in terms of cybersecurity, giving them greater insight into possible situations that could result from protocol misuse. To validate the project, 4 cybersecurity experts were involved, who have used it for a given period to obtain sufficient information to offer their opinion. At the end of the period of use, a form was sent to them to evaluate the level of satisfaction with the project, using the indicators that were established. The final level of satisfaction obtained was 81.39%, which indicates that the project has been successful according to the evaluation of the security experts.

KW - NIST

KW - evaluation

KW - maturity model

KW - response protocols

UR - https://www.scopus.com/pages/publications/85179894342

U2 - 10.1109/INTERCON59652.2023.10326098

DO - 10.1109/INTERCON59652.2023.10326098

M3 - Contribución a la conferencia

AN - SCOPUS:85179894342

T3 - Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023

BT - Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 30th IEEE International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023

Y2 - 2 November 2023 through 4 November 2023

ER -

Leon S, Joel B, Jara DP, Giovanni R, Cornejo C, Nivaldo R. Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework. En Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023. Institute of Electrical and Electronics Engineers Inc. 2023. (Proceedings of the 2023 IEEE 30th International Conference on Electronics, Electrical Engineering and Computing, INTERCON 2023). doi: 10.1109/INTERCON59652.2023.10326098

Maturity model for data leakage security protocols in telecommunications companies applying the NIST framework

Resumen

Serie de la publicación

Conferencia

ODS de las Naciones Unidas

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto