TY - JOUR
T1 - Enterprise information security risks
T2 - a systematic review of the literature
AU - Sandoval, Jenner Lavalle
AU - Andrade-Arenas, Laberiano
AU - Hernandez Celis, Domingo
AU - Cabanillas-Carbonell, Michael
N1 - Publisher Copyright:
© 2023 Institute of Advanced Engineering and Science. All rights reserved.
PY - 2023/9
Y1 - 2023/9
N2 - Currently, computer security or cybersecurity is a relevant aspect in the area of networks and communications of a company, therefore, it is important to know the risks and computer security policies that allow a unified management of cyber threats that only seek to affect the reputation or profit from the confidential information of organizations in the business sector. The objective of the research is to conduct a systematic review of the literature through articles published in databases such as Scopus and Dimension. Thus, in order to perform a complete documentary analysis, inclusion and exclusion criteria were applied to evaluate the quality of each article. Then, using a quantitative scale, articles were filtered according to author, period and country of publication, leaving a total of 86 articles from both databases. The methodology used was the one proposed by Kitchenham, and the conclusion reached was that the vast majority of companies do not make a major investment in the purchase of equipment and improvement of information technology (IT) infrastructure, exposing themselves to cyber-attacks that continue to grow every day. This research provides an opportunity for researchers, companies and entrepreneurs to consult so that they can protect their organization's most important assets.
AB - Currently, computer security or cybersecurity is a relevant aspect in the area of networks and communications of a company, therefore, it is important to know the risks and computer security policies that allow a unified management of cyber threats that only seek to affect the reputation or profit from the confidential information of organizations in the business sector. The objective of the research is to conduct a systematic review of the literature through articles published in databases such as Scopus and Dimension. Thus, in order to perform a complete documentary analysis, inclusion and exclusion criteria were applied to evaluate the quality of each article. Then, using a quantitative scale, articles were filtered according to author, period and country of publication, leaving a total of 86 articles from both databases. The methodology used was the one proposed by Kitchenham, and the conclusion reached was that the vast majority of companies do not make a major investment in the purchase of equipment and improvement of information technology (IT) infrastructure, exposing themselves to cyber-attacks that continue to grow every day. This research provides an opportunity for researchers, companies and entrepreneurs to consult so that they can protect their organization's most important assets.
KW - Companies
KW - Computer security
KW - Cybersecurity
KW - Information
KW - Information technology infrastructure
UR - http://www.scopus.com/inward/record.url?scp=85168937793&partnerID=8YFLogxK
U2 - 10.11591/ijeecs.v31.i3.pp1589-1604
DO - 10.11591/ijeecs.v31.i3.pp1589-1604
M3 - Article
AN - SCOPUS:85168937793
SN - 2502-4752
VL - 31
SP - 1589
EP - 1604
JO - Indonesian Journal of Electrical Engineering and Computer Science
JF - Indonesian Journal of Electrical Engineering and Computer Science
IS - 3
ER -