{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T06:08:00Z","timestamp":1726034880911},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030251086"},{"type":"electronic","value":"9783030251093"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-25109-3_13","type":"book-chapter","created":{"date-parts":[[2019,7,4]],"date-time":"2019-07-04T10:16:41Z","timestamp":1562235401000},"page":"240-260","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Survey and Guidelines for the Design and Deployment of a Cyber Security Label for SMEs"],"prefix":"10.1007","author":[{"given":"Christophe","family":"Ponsard","sequence":"first","affiliation":[]},{"given":"Jeremy","family":"Grandclaudon","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,7,5]]},"reference":[{"key":"13_CR1","unstructured":"Business Continuity Institute: BCI Horizon Scan Report 2018 (2018). \n                  https:\/\/www.bsigroup.com\/LocalFiles\/en-GB\/iso-22301\/case-studies\/BCI-Horizon-Scan-Report-2018-FINAL.pdf"},{"key":"13_CR2","unstructured":"Smith, M.: Huge rise in hack attacks as cyber-criminals target small businesses (2016). \n                  http:\/\/bit.do\/sme-attack-rise"},{"key":"13_CR3","unstructured":"Symantec: 2017 Internet Security Threat Report (2017). \n                  https:\/\/www.symantec.com\/security-center"},{"key":"13_CR4","first-page":"80","volume":"8","author":"J Hayes","year":"2013","unstructured":"Hayes, J., Bodhani, A.: Cyber security: small firms under fire [information technology professionalism]. Eng. Technol. 8, 80\u201383 (2013)","journal-title":"Eng. Technol."},{"key":"13_CR5","unstructured":"Osborn, E., Creese, S., Upton, D.: Business vs technology: sources of the perceived lack of cyber security in SMEs. In: Proceedings of the 1st International Conference on on Cyber Security for Sustainable Society (2015)"},{"key":"13_CR6","unstructured":"Donovan, S.: Annual Report to Congress, Federal Information Security Modernization Act. Office of Management and Budget (2016). \n                  http:\/\/bit.do\/fisma-report-15"},{"key":"13_CR7","unstructured":"Slye, J.: Federal Cybersecurity Incidents Continued Double-Digit Growth (2016). \n                  http:\/\/bit.do\/cybersecurity-incidents"},{"key":"13_CR8","unstructured":"Kaspersky Lab: Measuring Financial Impact of IT Security on Businesses (2016)"},{"key":"13_CR9","unstructured":"Muller, P., et al.: Annual Report on European SMEs 2014\/2015. European Commission (2015)"},{"key":"13_CR10","unstructured":"Leclair, J.: Testimony of Dr. Jane Leclair before the U.S. House of Representatives Committee on Small Business (2015). \n                  http:\/\/bit.do\/sme-leclair"},{"key":"13_CR11","unstructured":"CybSafe: Enterprise IT leaders demanding more stringent cyber security from suppliers (2017). \n                  http:\/\/bit.do\/cybsafe"},{"key":"13_CR12","unstructured":"ISO: ISO\/IEC 27000 Family - Information Security Management Systems (2013). \n                  https:\/\/www.iso.org\/isoiec-27001-information-security.html"},{"key":"13_CR13","unstructured":"UK Government: Cyber Essentials (2016). \n                  https:\/\/www.cyberaware.gov.uk\/cyberessentials"},{"key":"13_CR14","unstructured":"Whalen, A.: Digital Europe\u2019s views on cybersecurity certification and labelling schemes (2017). \n                  http:\/\/bit.ly\/2m3dyLV"},{"key":"13_CR15","doi-asserted-by":"crossref","unstructured":"Ponsard, C., Grandclaudon, J., Dallons, G.: Towards a cyber security label for SMEs: a European perspective. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy, ICISSP 2018, Funchal, Madeira, Portugal, 22\u201324 January 2018, pp. 426\u2013431 (2018)","DOI":"10.5220\/0006657604260431"},{"key":"13_CR16","unstructured":"Boateng, Y., Osei, E.: Cyber-Security Challenges with SMEs. Developing Economies: Issues of Confidentiality, Integrity & Availability. Aalborg University (2013)"},{"key":"13_CR17","unstructured":"Padfield, C.: Issues of IT Governance and Information Security from an SME & Social Enterprise Perspective. MSc Edinburgh Napier University (2015)"},{"key":"13_CR18","unstructured":"FFIEC: Federal Financial Institutions Examination Council. \n                  https:\/\/www.ffiec.gov"},{"key":"13_CR19","unstructured":"ENISA: Information security and privacy standards for SMEs (2015). \n                  https:\/\/www.enisa.europa.eu\/publications\/standardisation-for-smes"},{"key":"13_CR20","unstructured":"Digital SME Alliance: European Cybersecurity Strategy: Fostering the SME Ecosystem (2017). \n                  http:\/\/bit.do\/digital-europe"},{"key":"13_CR21","unstructured":"EU: Strengthening Europe\u2019s Cyber Resilience System and Fostering a Competitive and Innovative Cybersecurity Industry (2016). \n                  http:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=COM%3A2016%3A410%3AFIN"},{"key":"13_CR22","unstructured":"ECSO: State of the Art - Overview of existing Cybersecurity standards and certification schemes v2 (2017). \n                  https:\/\/www.ecs-org.eu\/documents\/publications\/5a31129ea8e97.pdf"},{"key":"13_CR23","unstructured":"ECSO: European Cyber Security Certification: A Meta - Scheme Approach v1.0 (2017). \n                  https:\/\/www.ecs-org.eu\/documents\/publications\/5a3112ec2c891.pdf"},{"key":"13_CR24","unstructured":"EU: General data protection regulation (2016). \n                  http:\/\/eur-lex.europa.eu\/eli\/reg\/2016\/679\/oj"},{"key":"13_CR25","unstructured":"Certification Europe: Cyber essentials self assessment (2018). \n                  https:\/\/www.cyberessentials.ie\/self-assessment"},{"key":"13_CR26","unstructured":"Vertrauen durch Siecherhiet: A Brief Assessment for SMEs - Quick Check for Cyber Security (2017). \n                  http:\/\/vds-quick-check.de"},{"key":"13_CR27","unstructured":"ISO\/IEC: 15408\u20131:2009 Common Criteria for Information Technology Security Evaluation (2009). \n                  https:\/\/www.commoncriteriaportal.org"},{"key":"13_CR28","unstructured":"Ponsard, C., Massonet, P., Molderez, J.F.: Bringing the Common Critera to Business Enterprise. ERCIM News, Special Issue on Security and Trust Management (2005)"},{"key":"13_CR29","unstructured":"ANSSI: Charte d\u2019utilisation des moyens informatiques et des outils num\u00e9riques - guide d\u2019\u00e9laboration en 9 points cl\u00e9s pour PME et ETI (2017). \n                  https:\/\/www.ssi.gouv.fr\/uploads\/2017\/06\/guide-charte-utilisation-moyens-informatiques-outils-numeriques_anssi.pdf"},{"key":"13_CR30","unstructured":"ANSSI: MOOC SecNumacad\u00e9mie (2018). \n                  https:\/\/www.secnumacademie.gouv.fr"},{"key":"13_CR31","unstructured":"ANSSI: France Cybersecurity Label (2014). \n                  https:\/\/www.francecybersecurity.fr"},{"key":"13_CR32","unstructured":"Lieberman, D.: Practical advice for SMBS to use ISO 27001 (2011). \n                  http:\/\/www.infosecisland.com"},{"key":"13_CR33","unstructured":"NIST: Cybersecurity Framework (2014). \n                  https:\/\/www.nist.gov\/cyberframework"},{"key":"13_CR34","unstructured":"Sage, O.: Every Small Business Should Use the NIST CSF (2015). \n                  https:\/\/cyber-rx.com"},{"key":"13_CR35","unstructured":"Eubanks, R.: A Small Business No Budget Implementation of the SANS 20 Security Controls. SANS Institute InfoSec Reading Room (2011)"},{"key":"13_CR36","unstructured":"CIS: CIS Controls V6.1 (2016). \n                  https:\/\/www.cisecurity.org\/controls"},{"key":"13_CR37","unstructured":"ISSA: 5173 Security Standard for SMEs (2011). \n                  http:\/\/www.wlan-defence.com\/wp\/ISSA-UK.pdf"},{"key":"13_CR38","unstructured":"Schmitz, C., Chenu, D., et al.: Lime survey (2003). \n                  https:\/\/www.limesurvey.org"}],"container-title":["Communications in Computer and Information Science","Information Systems Security and Privacy"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-25109-3_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,7,4]],"date-time":"2019-07-04T10:24:36Z","timestamp":1562235876000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-25109-3_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030251086","9783030251093"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-25109-3_13","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"5 July 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICISSP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Systems Security and Privacy","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Funchal-Madeira","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 January 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 January 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icissp0","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.icissp.org\/?y=2018","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"PRIMORIS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"71","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"24","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"-","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}