masterThesis
Integración de la gestión de seguridad cibernética a la gestión de riesgo empresarial
Fecha
2021Registro en:
658.478 R766
Autor
Romo Arango, Eliana Patricia
Institución
Resumen
With technological advances come new forms of crime associated with cyberspace, which increases the need to manage the associated cyber risks. This research pursued to delve into aspects that contribute to the integration of cybersecurity with the already well-established business risk management. To do this, a literature review about Cybersecurity Management, Cyber Risks and Business Risk Management was carried out; additionally, the case analysis method was used, with a sample composed by four companies from Financial Sector, with presence in Latin-America. It was observed that the integration largely depends on the support from senior management profiles for enabling strategies and resources; additionally, on the knowledge that companies absorb from the environment to implement good methodological and operational practices; and from behavior of people against threats and risks. It was concluded to have a proper integration between Cybersecurity Management and Business Risk Management, initiatives supported from the highest management profiles of the organization are required, which need to be implemented at all levels, including topics such as culture, knowledge, methodologies, tools, roles and responsibilities.