El equipo formado por los investigadores Caballero, I., Sánchez, L.E., Freitas, A., Fernández Medina, E y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha publicado un artículo denominado HC+: Towards a framework for improving processes in health organizations by means of security and data quality management dentro de la revista  Journal of Universal Computer Science (JUC.S), Vol.18, Nº 9, Octubre 2012,  Pp. 1703-1720, ISSN: 0948-6968, IDSNumber: 006CD, DOI: 10.3217/jucs-018-12-1703, EID: 2-s2.0-84866243834, WOS: 000308796100007. Researchgate Journal Impact: 1.21.

Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABSTRACT

There is currently a need to optimize the levels of perceived quality in most public services. Some of the most critical services are those related to Health, since health and welfare are fundamental to the population as a whole. Both public and private Health organizations are therefore interested in quantifying how good their services are, and to what extent the population is satisfied with their usage. These services can be classified into two main groups: health management and clinical. The performance of both kinds of processes is being assessed through the development of certain indicators. However, as these processes are intended to be supported by Health Management Information Systems (HMIS), some legal and technical concerns must be addressed when an HMIS is developed. These HMIS commonly manage personal data which is highly sensitive, and some mechanisms to ensure both security and data quality should therefore be also implemented. But the assurance of security and data quality goes beyond the HMIS, to the overall processes. This paper introduces a framework, HC+, whose objective is to assess and improve the level of perceived quality for services by paying special attention to the way in which the processes manage the levels of security and data quality. This will be achieved by studying the dependence of indicators that are able to describe the levels of perceived quality from the levels of security and data quality. HC+ is composed of three main components: a common Information Model with which to better represent the elements of the processes involved in the study, a set of selected Indicators to measure the levels of quality, and a Methodology to assess and improve the processes so that they can obtain better values for the chosen indicators. In addition, all the changes and decisions made should be consistent with the Quality Management System (e.g. ISO 9000) of the Organization.

Más información:

URL Noticia 1:https://www.researchgate.net/publication/

URL Noticia 2: https://pdfs.semanticscholar.org

El equipo formado por los investigadores Sánchez, L.E., Santos-Olmo, A., Álvarez, E., Fernández Medina, E. y Piattini, M y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha publicado un artículo denominado LOPD Compliance and ISO27001 Legal Requirements in the Health Sector dentro de la revista  IEEE Transactions Latinoamerica – Special Issue, Vol 10 Issue 3, April 2012,  Pp. 1825-1837. ISSN: 1548-0992, IDSNumber: 966JD, DOI: 10.1109/TLA.2012.6222590, EID: 2-s2.0-84863003394, WOS: 000305833000025. Researchgate Journal Impact: 0.48.

Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABSTRACT

In a society based on information, the Safety Management Systems (ISMS) are increasingly critical for businesses. Within the Management of Information Security issues are very critical in certain sectors, such as the processing of personal data for the Health Sector, where a bad use of them can mean irreparable damage to their owners and organizations are obligation to protect them. This paper presents a real case of success that allowed to solve issues related to privacy of patient information at the time of making the quotation of these consultations, as well as compliance with the Organic Law for the protection of Personal Data (OLPD) in environments health and other benefits of the implemented solution.

Más información:

URL Noticia 1: https://www.researchgate.net

El equipo formado por los investigadores Mellado, D., Blanco, C., Sánchez, L.E., Fernández Medina, E y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha publicado un artículo denominado Systematic Review of Security Requirements Engineering dentro de la revista Computer Standards & Interface, Vol. 32, March 2010, Pp. 153-165, ISSN: 0920-5489, IDSNumber: 599ZW, DOI: 10.1016/j.csi.2010.01.006, EID: 2-s2.0-77950516969, WOS: 000277954100001. Researchgate Journal Impact: 2.82.

Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABSTRACT

Más información:

URL Noticia 1: https://www.sciencedirect.com

URL Noticia 2: https://www.researchgate.net

El equipo formado por los investigadores Sánchez, L.E., Santos-Olmo Parra, A y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha publicado un artículo denominado “Managing Security and its Maturity in Small and Medium-Sized Enterprises.” dentro de la revista “Journal of Universal Computer Science (J.UCS), Vol. 15, No. 15, December 2009, Pp. 3038-3058. ISSN: 0948-695X, IDSNumber: 538IP, DOI: 10.3217/jucs-015-15-3038, EID: 2-s2.0-73149084411, WOS: 000273178100008. Researchgate Journal Impact: 1.18.”

Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABSTRACT

Due to the growing dependence of information society on Information and Communication Technologies, the need to protect information is getting more and more important for enterprises. In this context, Information Security Management Systems (ISMSs), have arisen for supporting the processes and systems for effectively managing information security. The fact of having these systems available has become more and more vital for the evolution of Small and Medium-Sized Enterprises (SMEs), but however, this type of enterprises have special characteristics which make it difficult for them the correct deployment of ISMSs. In this article, we show the methodology that we have created for the development, implementation and maintenance of ISMSs, adapted for the needs and resources available for SMEs. This approach is being directly applied to real case studies and thus, we are obtaining a constant improvement in its application.

Más información:

URL Noticia 1: https://www.researchgate.net

URL Noticia 2: https://pdfs.semanticscholar.org

URL Noticia  3: https://link.springer.com

El equipo formado por los investigadores Rosado, D.G., Blanco, C., Mellado, D., Jürjens, J., Sánchez, L.E. y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha participado en la editorial de la publicación de prestigio internacional Foreword. Proceedings of the 11th International Workshop on Security in Information Systems, WOSIS 2014 – In Conjunction with ICEIS 2014, Page III. EID: 2-s2.0-84902346835.

Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABTRACT

Foreword The Eleventh International Workshop on Security in Information Systems – WOSIS 2014 was organized in conjunction with ICEIS 2014 in Lisbon, Portugal. As in previous years, this workshop is primarily focused on high quality and innovative research papers from different fields related to the most recent developments in Security in Information Systems. In this edition, the workshop has incorporated new topics related to security in Big Data. In this edition, we had the pleasure of count with Paolo Girgini as keynote speaker with a keynote entitled ” Socio-Technical Security Requirements Modeling and Analysis “. We would like to specially thank Paolo Giorgini for accepting our proposal and for his speech that was very interesting for WOSIS’s attenders. Papers presenting the most recent theoretical, and practical works in security for Information Systems were received, a total of 16 submissions. All the submissions were reviewed by at least two program committee members. Finally, 5 papers have been accepted and 3 short papers will also have the chance to be presented during the sessions due to the excellent quality of the research.

Más información:

URL Noticia 1: http://www.iceis.org

URL Noticia 2: https://www.researchgate.net

El equipo formado por los investigadores Rosado, D.G., Blanco, C., Mellado, D., Jürjens, J., Crespo, L.E.S y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha participado en la editorial de la publicación de prestigio internacional Foreword. Proceedings of WOSIS 2013: 10th International Workshop on Security in Information Systems – In Conjunction with the 15th International Conference on Enterprise Information Systems, ICEIS 2013, Pages III-IV. EID: 2-s2.0-84887595509.
Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABSTRACT 

Foreword The Tenth International Workshop on Security in Information Systems – WOSIS 2013 was organized in conjunction with ICEIS 2013 in Angers, France. As in previous years, this workshop is primarily focused on high quality and innovative research papers from different fields related to the most recent developments in Security in Information Systems. In this edition, the workshop has incorporated new topics related to security in Cloud computing and Mobile Computing. Traditionally the best papers are published in a reputable journal dealing with WOSIS topics. This year, authors will have the opportunity to have their work selected for publication in an extended version in the well recognized ISI ranked Publication Journal such as The Computer Journal. We especially want to thank Professor Fionn Murtagh for his outstanding support throughout the whole process in publishing the best WOSIS 2013 papers in The Computer Journal. Papers presenting the most recent theoretical, and practical works in security for Information Systems were received, a total of 19 submissions. All the submissions were reviewed by at least two program committee members. Finally, 8 papers have been accepted and 2 short papers will also have the chance to be presented during the sessions due to the excellent quality of the research.

Más información:

URL Noticia 1: http://www.iceis.org

URL Noticia 2: https://www.researchgate.net

El equipo formado por los investigadores Rosado, D.G., Sánchez, L.E., Jürjens, J. y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha participado en la editorial de la publicación de prestigio internacional Foreword. Proceedings of the 9th International Workshop on Security in Information Systems, WOSIS 2012, in Conjunction with ICEIS 2012, Pp. III-IV. EID: 2-s2.0-84865701127.

Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

Más información:

URL Noticia 1: http://www.iceis.org

El equipo formado por los investigadores Rosado, D.G., Sánchez, L.E., Jürjens, J. y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha participado en la editorial de la publicación de prestigio internacional “Foreword. Proceedings of the 8th International Workshop on Security in Information Systems, WOSIS 2011, in Conjunction with ICEIS 2011, Pp. iii-iv. EID: 2-s2.0-84865246541.”

Este documento forma parte de los avances e investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

Más información:

URL Noticia 1: http://www.iceis.org

El equipo formado por los investigadores Sánchez, L.E., Santos-Olmo Parra, A., Fernández-Medina, E., Piattini, M., y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha conseguido la públicación de un Capítulo de un Libro Internacional denominado ISMS Building for SMEs through the reuse of knowledge, Small and Medium Enterprises: Concepts, Methodologies, Tools, and Applications y publicado por IGI Global, April 2013, Pp. 394-418. ISBN: 978-1-4666-3886-0, DOI: 10.4018/978-1-4666-3886-0.ch022.

En este documento se muestran las últimas investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABSTRACT

The information society is increasingly more dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has become crucial to the evolution of Small and Medium-size Enterprises (SMEs). However, this type of companies requires ISMSs which have been adapted to their specific characteristics, and these systems must be optimized from the point of view of the resources necessary to deploy and maintain them. Over the last 10 years, the authors have obtained considerable experience in the establishment of ISMSs, and during this time, they have observed that the structure and characteristics of SMEs as regards security management are frequently very similar (since they can all be grouped by business size and sector), thus signifying that it is possible to construct patterns for ISMSs that can be reused and refined. In this chapter, the authors present the strategy that they have designed to manage and reuse security information in information system security management. This strategy is framed within a methodology designed for integral security management and its information systems maturity, denominated as “Methodology for Security Management and Maturity in Small and Medium-size Enterprises (MSM2-SME),” and it is defined in a reusable model called “Reusable Pattern for Security Management (RPSM),” which systematically defines, manages, and reuses the aforementioned methodology through a sub-process denominated as “Generation of Security Management Patterns (GSMP).” This model is currently being applied in real cases, and is thus constantly improving.

Más información:

URL Noticia 1: https://www.igi-global.com

URL Noticia 2: https://pdfs.semanticscholar.org

El equipo formado por los investigadores Sánchez, L.E., Santos-Olmo Parra, A., Fernández-Medina, E., Piattini, M. y con la colaboración de la división de ciberseguridad MARISMA del grupo Sicaman, ha conseguido la públicación de un “Capítulo de un Libro Internacional” denominado “ISMS Building for SMEs through the reuse of knowledge, Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions” y publicado por “IGI Global, April 2011, Pp. 90-116. ISBN: 978-1-4666-0197-0, DOI: 10.4018/978-1-4666-0197-0.ch006, EID: 2-s2.0-84898346068”.

En este documento se muestran las últimas investigaciones en el campo de la Ciberseguridad desarrolladas por el Grupo GSyA y la división de seguridad MARISMA del Grupo Sicaman.

ABSTRACT

The information society is increasingly more dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has become crucial to the evolution of Small and Medium-size Enterprises (SMEs). However, this type of companies requires ISMSs which have been adapted to their specific characteristics, and these systems must be optimized from the point of view of the resources necessary to deploy and maintain them. Over the last 10 years, the authors have obtained considerable experience in the establishment of ISMSs, and during this time, they have observed that the structure and characteristics of SMEs as regards security management are frequently very similar (since they can all be grouped by business size and sector), thus signifying that it is possible to construct patterns for ISMSs that can be reused and refined. In this chapter, the authors present the strategy that they have designed to manage and reuse security information in information system security management. This strategy is framed within a methodology designed for integral security management and its information systems maturity, denominated as “Methodology for Security Management and Maturity in Small and Medium-size Enterprises (MSM2-SME),” and it is defined in a reusable model called “Reusable Pattern for Security Management (RPSM),” which systematically defines, manages, and reuses the aforementioned methodology through a sub-process denominated as “Generation of Security Management Patterns (GSMP).” This model is currently being applied in real cases, and is thus constantly improving.

Más información:

URL Noticia 1: https://www.igi-global.com

URL Noticia 2: https://pdfs.semanticscholar.org