| Title |
Leveraging taxonomical engineering for security baseline compliance in international regulatory frameworks / |
| Authors |
Grigaliūnas, Šarūnas ; Schmidt, Michael ; Brūzgienė, Rasa ; Smyrli, Panayiota ; Bidikov, Vladislav |
| DOI |
10.3390/fi15100330 |
| Full Text |
|
| Is Part of |
Future internet.. Basel : MDPI. 2023, vol. 15, iss. 10, art. no. 330, p. 1-37.. ISSN 1999-5903 |
| Keywords [eng] |
information security management ; security maturity model ; research and education ; taxonomy ; security baseline |
| Abstract [eng] |
A surge in successful Information Security (IS) breaches targeting Research and Education (R&E) institutions highlights a pressing need for enhanced protection. Addressing this, a consortium of European National Research and Education Network (NREN) organizations has developed a unified IS framework. This paper aims to introduce the Security Baseline for NRENs and a security maturity model tailored for R&E entities, derived from established security best practices to meet the specific needs of NRENs, universities, and various research institutions. The models currently in existence do not possess a system to smoothly correlate varying requirement tiers with distinct user groups or scenarios, baseline standards, and existing legislative actions. This segmentation poses a significant hurdle to the community’s capacity to guarantee consistency, congruency, and thorough compliance with a cohesive array of security standards and regulations. By employing taxonomical engineering principles, a mapping of baseline requirements to other security frameworks and regulations has been established. This reveals a correlation across most regulations impacting R&E institutions and uncovers an overlap in the high-level requirements, which is beneficial for the implementation of multiple standards. Consequently, organizations can systematically compare diverse security requirements, pinpoint gaps in their strategy, and formulate a roadmap to bolster their security initiatives. |
| Published |
Basel : MDPI |
| Type |
Journal article |
| Language |
English |
| Publication date |
2023 |
| CC license |
|
