Abstract
Data has become the most important asset for the companies, and data protection against loss is fundamental for their success. Most of the companies are connected to internet for business reasons and this is potentially risky. Cyber-attacks, hacks and security breaches are no longer an exception Arora et al. (Empir Anal Inf Syst Front 8(5), 350–362, [1]). They can range from no or limited impact to Distributed Denial of Services (DDoS), stealing/manipulation of data, or even taking over control of systems and harm the physical world Andrew et al. (Decision Support Approaches for Cyber Security Investment, [2]). Some companies work on critical projects that contain documentation to be protected and not publicly disclosed. Data leakage or loss could lead to hazardous situations, so data confidentiality, integrity and protection should be conserved. To reach this goal, it is better to adopt an efficient data protection management, i.e. having effective processes and methodologies in place to enable prevention, detection and reaction to any threat that could occur. Companies should give importance to actions, plans, polices, and address the organizational aspect, and be aware and prepared to manage crisis situations, using the best technological solution for each stage of the cybersecurity management. In this paper, we present solutions and key steps to manage data protection inside Ansaldo STS Company from organizational and technological sides, by using an Information Security Management System that implements the cybersecurity strategy of the company through three phases (prevention, detection and reaction, and checks for compliance and improvement) and by adopting a defense-in-depth approach and maturity models to deploy control in a prioritized and effective way.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Arora, A., Nandkumar, A., Telang, R.: Does information security attack frequency increase with vulnerability disclosure? Empir. Anal. Inf. Syst. Front. 8(5), 350–362 (2006)
Andrew F., Emmanouil P., Pasquale M., Chris H., Fabrizio, S.: Decision Support Approaches for Cyber Security Investment (2016)
Elmaghraby, A.S., Losavio, M.M.: Cyber security challenges in smart cities: safety, security and privacy. J. Adv. Res. (2014)
Bennett, S.C.: Data Security Breaches: Problems And Solutions (2008)
The Importance of information security nowadays. https://pecb.com/pdf/articles/27-pecb_the-importance-of-information-security-nowadays.pdf
Balvir, S., Amarjeet S.: A Roadmap to Data Security of Automated University Examination System (2015)
Summers, G.: Data and databases. In: Koehne, H. (ed.) Developing Databases with Access, pp. 4–5. Nelson Australia Pty Limited (2004)
Annual Emerging Cyber Threats Report, Georgia Tech Information Security Center. http://www.gtisc.gatech.edu/,lastaccessed (2013)
Internet Security Threats Report. Symantec. http://www.symantec.com/threatreport/ (2013)
The CERT guide to insider threats: how to prevent, detect, and respond to theft of critical information, sabotage, and fraud. www.cert.org/archive/pdf/insidercross051105.pdf
Hunker, J., Probst, C.W.: Insiders and insider threats—An overview of definitions and mitigation techniques. J. Wirel. Mob. Netw. Ubiquitous Comput. Dependable Appl. 2(1), 4–27 (2011)
International standard ISO_IEC_27000 (2014)
International standard ISO_27001 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Mokalled, H., Debertol, D., Meda, E., Pragliola, C. (2017). The Importance to Manage Data Protection in the Right Way: Problems and Solutions. In: Sforza, A., Sterle, C. (eds) Optimization and Decision Science: Methodologies and Applications. ODS 2017. Springer Proceedings in Mathematics & Statistics, vol 217. Springer, Cham. https://doi.org/10.1007/978-3-319-67308-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-67308-0_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67307-3
Online ISBN: 978-3-319-67308-0
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)