A Systematic Review on Guidelines to Enhancing Organizational Preparation Readiness in Cybersecurity
Article Sidebar
Main Article Content
Abstract
Nowadays, Information Technology and Internet networking have changed and developed rapidly. These changes can lead organizational workflows are in risks of the new types of threats. This literature study reviews conceptual frameworks, theories, models, research work and situations related to Cybersecurity. The paper discusses about guidelines to enhancing organizational readiness in Cybersecurity. Five elements of the guidelines include 1) Appling a recognized security framework 2) Appointing managers or corporate cybersecurity committee 3) Developing cybersecurity plan 4) Improving the awareness of personnel in cybersecurity 5) Providing knowledge and skills about using technology to maintain cyber security.
Article Details
References
T. Sirikunakronkun. Cyber Security: Work from Home Model. An Independent Study Submitted in Partial Fulfillment of the requirement for the Joint Advanced Course, Joint War College, National Defense Studies Institute, 2020.
A. Prateapusanond, and T. Kalyanamitra. “Thai Military Development Guideline on Cyber Security”. National Defense Studies Institute Journal, Vol. 8, No. 3, pp. 11-23, September-December, 2017.
A. Kaewsa-ard, and N. Utakrit. “Cyber Security Risk Management Guidance for Enterprise”. National Defense Studies Institute Journal, Vol. 12, No. 1, pp. 6-20, January-April, 2017.
P. Wuttidittachotti, K. Chanloi, and S. Kijtongpool. CYBER SECURITY Don’t ever let somebody use your personal information. Bangkok: Amarin Printing and Publishing Public Company Limited, 2022.
Office of the Council of State, Cybersecurity Act, B.E. 2562 (2019). Available online at https://bit. ly/41Gz7oG, accessed on 3 March 2023.
Thai Government Gazette, Notifications of National Cyber Security Committee B.E.2564 (2021). Available online at https://bit.ly/3J6jNKP, accessed on 3 March 2023.
National Cyber Security Agency (NCSA). The Result of the Cybersecurity Readiness Assessment Survey for Critical Information Infrastructure (CII), Regulators and Government Agencies. Bangkok: National Cyber Security Agency (NCSA), 2022.
N. Utakrit, and N. Utakrit. “Similarity and Dissimilarity between Information Security and Assurance”. Information Technology Journal, Vol. 17, No. 2, pp. 46-56, July-December, 2021.
H. Liang, and Y. Xue. “Avoidance of Information Technology Threats: A Theoretical Perspective”. MIS Quarterly, Vol. 33, No. 1, pp. 71–90, 2009.
D. E. Stern, C. W. Lamb, and D. L. MacLachlan. “Perceived Risk: A Synthesis”. European Journal of Marketing, Vol. 11, No. 4, pp. 312-319, 1977. https://doi.org/10.1108/EUM0000000005017
D. Littler, and D. Melanthiou. “Consumer perceptions of risk and uncertainty and the implications for behavior towards innovative retail services: The case of Internet Banking”. Journal of Retailing and Consumer Services, Vol. 13, No. 6, pp. 431-443, November, 2006.
M. Lee. “Factors influencing the adoption of Internet banking: An integration of TAM and TPB with perceived risk and perceived benefit”. Electronic Commerce Research and Applications, Vol. 8, No. 3, pp. 130-141, May, 2009.
H. Liang, and Y. Xue. “Understanding Security Behaviors in Personal Computer Usage: A Threat Avoidance Perspective”. Journal of the Association for Information Systems, Vol. 11, No. 7, pp. 394-413, July, 2010.
D. Q. Chen, and H. Liang. “Wishful Thinking and IT Threat Avoidance: An Extension to the Technology Threat Avoidance Theory”. IEEE Transactions on Engineering Management, Vol. 66, No. 4, pp. 552-567, November, 2019.
T. Daengsi, P.Pornpongtechavanich, andn P. Wuttidittachotti. “Cybersecurity Awareness Enhancement: A Study of the Effects of Age and Gender of Thai Employees Associated with Phishing Attacks”. Education and Information Technologies, Vol. 27, No. 4, pp. 4729-4752, May, 2022.
NIST, Cyber Security Framework Version 1.1 Framework for Improving Critical Infrastructure Cybersecurity. Available Online at https://www.nist.gov/cyberframework, accessed on 29 October 2022.
S. Malisuwan. Cyber Security Strategy A Guideline and Recommendation. Available Online at https://bit. ly/3lF2KpT, accessed on 29 October 2022.
THE WHITE HOUSE Office of the Press Secretary, President Policy Practice: Critical Infrastructure Security and Resilience (PPD-21). Available online at https://bit.ly/3k9c05w, accessed on 29 October 2022.
P. Hom-anek. Strategy to Cyber Security 4.0. Bangkok: WACHARIN P.P. PRINTING CO., LTD., 2017.
National Initiative for Cybersecurity Careers and Studies (NICSS), Workforce Framework for Cybersecurity (NICE Framework). Available online at https://niccs.cisa.gov/workforce-development/nice-framework, accessed on 29 October 2022.
National Initiative for Cybersecurity Education (NICE) Applied Cybersecurity Division Information Technology Laboratory, NIST Special Publication 800-181 Workforce Framework for Cybersecurity. Available Online at https://bit.ly/3IbDsYm, accessed on 29 October 2022.
United States Government Accountability Office (GAO), Report to Congressional Committee: Cyber Security Workforce (2019). Available Online at https://www.gao.gov/products/gao-19-144, accessed on 29 October 2022.
SANS, C yber Security Skills Roadmap. Available online at https://bit.ly/3xeVyU2,accessed on 29 October 2022.
SANS, Security Awareness Maturity Model. Available online at https://www.sans.org/cybersecurity-leadership/, accessed on 29 October 2022.
Health Technical Office, “Recommendation for Author.” Journal of Health Science, Vol. 11, No. 4, July-August, 2002.