{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:00:26Z","timestamp":1767319226380,"version":"3.48.0"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032128003","type":"print"},{"value":"9783032128010","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-12801-0_21","type":"book-chapter","created":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T01:57:51Z","timestamp":1767319071000},"page":"306-325","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Method for Evaluating Cyber Risk Management Frameworks"],"prefix":"10.1007","author":[{"given":"Matheus","family":"de Andrade","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Am\u00e2ndio Ferreira","family":"Balc\u00e3o Filho","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ferrucio","family":"de Franco Rosa","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2026,1,2]]},"reference":[{"key":"21_CR1","doi-asserted-by":"publisher","unstructured":"Alghaithi, S., Alkaabi, A., Al\u00a0Hamadi, H., Al-Dmour, N.A., Ghazal, T.M.: A study of risk management frameworks and security testing for secure software systems. In: 2022 International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), pp.\u00a01\u20134 (2022). https:\/\/doi.org\/10.1109\/ICECCME55909.2022.9988363","DOI":"10.1109\/ICECCME55909.2022.9988363"},{"key":"21_CR2","unstructured":"de\u00a0Andrade, M., Rosa, F.F., Balc\u00e3o\u00a0Filho, A.F.: e-CRF prototype repository (2025). https:\/\/github.com\/TeteuSensei\/avaliadorFramework"},{"key":"21_CR3","doi-asserted-by":"publisher","unstructured":"Ayati, S.A., Naji, H.R.: A novel it-based lightweight risk management framework for metering networks in smart grids. In: 2022 12th Smart Grid Conference (SGC), pp.\u00a01\u20135 (2022). https:\/\/doi.org\/10.1109\/SGC58052.2022.9998887","DOI":"10.1109\/SGC58052.2022.9998887"},{"key":"21_CR4","doi-asserted-by":"publisher","unstructured":"Billard, A.K.: Decision model for the security and utility risk evaluation (SURE) framework. In: Proceedings of the Australasian Computer Science Week Multiconference, ACSW \u201919. Association for Computing Machinery, New York, NY (2019). https:\/\/doi.org\/10.1145\/3290688.3290694. https:\/\/doi.org\/10.1145\/3290688.3290694","DOI":"10.1145\/3290688.3290694"},{"key":"21_CR5","doi-asserted-by":"publisher","unstructured":"Binyamini, H., Bitton, R., Inokuchi, M., Yagyu, T., Elovici, Y., Shabtai, A.: A framework for modeling cyber attack techniques from security vulnerability descriptions. In: Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD \u201921), pp. 2574\u20132583 (2021). https:\/\/doi.org\/10.1145\/3447548.3467159","DOI":"10.1145\/3447548.3467159"},{"key":"21_CR6","unstructured":"Brasil: Lei Geral de Prote\u00e7\u00e3o de Dados Pessoais (LGPD) \u2013 Lei no 13.709, de 14 de agosto de 2018 (2018). https:\/\/www.planalto.gov.br\/ccivil_03\/_ato2015-2018\/2018\/lei\/l13709.htm"},{"key":"21_CR7","doi-asserted-by":"publisher","unstructured":"Carmichael, L., Atmaca, U.I., Maple, C., Taylor, S., Pickering, B., Surridge, M., Epiphaniou, G., Le, A.T., Murakonda, S.K., Weller, S., Mcmahon, J., Hall, W., Boniface, M.: Towards a socio-technical approach for privacy requirements analysis for next-generation trusted research environments. In: Competitive Advantage in the Digital Economy (CADE 2022), vol.\u00a02022, pp. 169\u2013180 (2022). https:\/\/doi.org\/10.1049\/icp.2022.2061","DOI":"10.1049\/icp.2022.2061"},{"key":"21_CR8","doi-asserted-by":"publisher","unstructured":"Couretas, J.M.: Cyber Security\u2014An Introduction to Assessment and Maturity Frameworks, pp. 9\u201318 (2019). https:\/\/doi.org\/10.1002\/9781119420842.ch2","DOI":"10.1002\/9781119420842.ch2"},{"key":"21_CR9","doi-asserted-by":"publisher","unstructured":"Datta, S.K.: Draft\u2014a cybersecurity framework for IoT platforms. In: 2020 Zooming Innovation in Consumer Technologies Conference (ZINC), pp. 77\u201381 (2020). https:\/\/doi.org\/10.1109\/ZINC50678.2020.9161441","DOI":"10.1109\/ZINC50678.2020.9161441"},{"key":"21_CR10","doi-asserted-by":"publisher","first-page":"65407","DOI":"10.1109\/ACCESS.2023.3290911","volume":"11","author":"IU Din","year":"2023","unstructured":"Din, I.U., Awan, K.A., Almogren, A.: Secure and privacy-preserving trust management system for trustworthy communications in intelligent transportation systems. IEEE Access 11, 65407\u201365417 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3290911","journal-title":"IEEE Access"},{"key":"21_CR11","doi-asserted-by":"publisher","unstructured":"Feng, C., Wu, S., Liu, N.: A user-centric machine learning framework for cyber security operations center. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 173\u2013175 (2017). https:\/\/doi.org\/10.1109\/ISI.2017.8004902","DOI":"10.1109\/ISI.2017.8004902"},{"key":"21_CR12","doi-asserted-by":"publisher","unstructured":"Fitroh, Siregar, S., Rustamaji, E.: Determining evaluated domain process through problem identification using COBIT 5 framework. In: 2017 5th International Conference on Cyber and IT Service Management (CITSM), pp.\u00a01\u20136 (2017). https:\/\/doi.org\/10.1109\/CITSM.2017.8089281","DOI":"10.1109\/CITSM.2017.8089281"},{"key":"21_CR13","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-030-51992-6_20","volume-title":"Soft Computing Applications","author":"O Giuca","year":"2021","unstructured":"Giuca, O., Popescu, T.M., Popescu, A.M., Prostean, G., Popescu, D.E.: A survey of cybersecurity risk management frameworks. In: Balas, V.E., Jain, L.C., Balas, M.M., Shahbazova, S.N. (eds.) Soft Computing Applications, pp. 240\u2013272. Springer International Publishing, Cham (2021)"},{"key":"21_CR14","doi-asserted-by":"publisher","unstructured":"Jain, A.K., Misra, T., Tyagi, N., Suresh\u00a0Kumar, M.V., Pant, B.: A comparative study on cyber security technology in big data cloud computing environment. In: 2022 5th International Conference on Contemporary Computing and Informatics (IC3I), pp. 235\u2013241 (2022). https:\/\/doi.org\/10.1109\/IC3I56241.2022.10072552","DOI":"10.1109\/IC3I56241.2022.10072552"},{"key":"21_CR15","doi-asserted-by":"publisher","unstructured":"Khurana, S.K., Wassay, M.A., Verma, K.: A review on risk management framework for large scale scrum. In: 2022 International Conference on Computational Modelling, Simulation and Optimization (ICCMSO), pp. 394\u2013400 (2022). https:\/\/doi.org\/10.1109\/ICCMSO58359.2022.00082","DOI":"10.1109\/ICCMSO58359.2022.00082"},{"key":"21_CR16","doi-asserted-by":"publisher","unstructured":"Khuvis, S., You, Z.Q., Na, H., Brozell, S., Franz, E., Dockendorf, T., Gardiner, J., Tomko, K.: A continuous integration-based framework for software management. In: Proceedings of the PEARC \u201919, pp.\u00a01\u20137 (2019). https:\/\/doi.org\/10.1145\/3332186.3332219","DOI":"10.1145\/3332186.3332219"},{"key":"21_CR17","unstructured":"Kitchenham, B.: Procedures for performing systematic literature reviews. Joint Technical Report, Keele University TR\/SE-0401 and NICTA TR-0400011T.1, vol. 33 (2004)"},{"key":"21_CR18","doi-asserted-by":"publisher","unstructured":"Levy, M.: A novel framework for data center risk assessment. In: 2020 11th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), pp. 0148\u20130154 (2020). https:\/\/doi.org\/10.1109\/UEMCON51285.2020.9298072","DOI":"10.1109\/UEMCON51285.2020.9298072"},{"key":"21_CR19","doi-asserted-by":"publisher","unstructured":"Li, X.: Research on network information security service model based on user requirements under artificial intelligence technology. In: 2023 IEEE 3rd International Conference on Power, Electronics and Computer Applications (ICPECA), pp. 1568\u20131572 (2023). https:\/\/doi.org\/10.1109\/ICPECA56706.2023.10075946","DOI":"10.1109\/ICPECA56706.2023.10075946"},{"key":"21_CR20","doi-asserted-by":"publisher","unstructured":"Maneerattanasak, U., Wongpinunwatana, N.: A proposed framework: an appropriation for principle and practice in information technology risk management. In: 2017 International Conference on Research and Innovation in Information Systems (ICRIIS), pp.\u00a01\u20136 (2017). https:\/\/doi.org\/10.1109\/ICRIIS.2017.8002513","DOI":"10.1109\/ICRIIS.2017.8002513"},{"key":"21_CR21","doi-asserted-by":"publisher","unstructured":"Manuja, P., Shekhawat, R.S.: It security frameworks: risk management analysis and solutions. In: Proceedings of the 4th International Conference on Information Management and Machine Intelligence (ICIMMI \u201922), pp.\u00a01\u20137 (2023). https:\/\/doi.org\/10.1145\/3590837.3590881","DOI":"10.1145\/3590837.3590881"},{"key":"21_CR22","doi-asserted-by":"publisher","unstructured":"Moreira, F.R., Da\u00a0Silva\u00a0Filho, D.A., Nze, G.D.A., de\u00a0Sousa\u00a0J\u00fanior, R.T., Nunes, R.R.: Evaluating the performance of NIST\u2019s framework cybersecurity controls through a constructivist multicriteria methodology. IEEE Access 9, 129605\u2013129618 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3113178","DOI":"10.1109\/ACCESS.2021.3113178"},{"key":"21_CR23","doi-asserted-by":"publisher","unstructured":"Naumov, S., Kabanov, I.: Dynamic framework for assessing cyber security risks in a changing environment. In: 2016 International Conference on Information Science and Communications Technologies (ICISCT), pp.\u00a01\u20134 (2016). https:\/\/doi.org\/10.1109\/ICISCT.2016.7777406","DOI":"10.1109\/ICISCT.2016.7777406"},{"key":"21_CR24","doi-asserted-by":"publisher","unstructured":"Palia, A., Devlin, C., Yelorda, M., Morrison, A.: Program controls effectiveness measurement framework and metrics. In: 2021 2nd International Conference on Computation, Automation and Knowledge Management (ICCAKM), pp. 369\u2013373 (2021). https:\/\/doi.org\/10.1109\/ICCAKM50778.2021.9357724","DOI":"10.1109\/ICCAKM50778.2021.9357724"},{"key":"21_CR25","doi-asserted-by":"publisher","unstructured":"Pandurang\u00a0Gaikwad, A., Balram\u00a0Kakpure, K., Ambadas\u00a0Landge, A., Gunderao\u00a0Kulkarni, S., PramodJadhav, M., Tiwari, M.: Cybersecurity risk management: a complete framework for it enterprises. In: Proceedings of the 10th IEEE UPCON, pp. 602\u2013607 (2023). https:\/\/doi.org\/10.1109\/UPCON59197.2023.10434767","DOI":"10.1109\/UPCON59197.2023.10434767"},{"key":"21_CR26","doi-asserted-by":"publisher","unstructured":"Purkait, S., Damle, M.: Cyber security and frameworks: a study of cyber attacks and methods of prevention of cyber attacks. In: 2023 International Conference on Sustainable Computing and Data Communication Systems (ICSCDS), pp. 1310\u20131315 (2023). https:\/\/doi.org\/10.1109\/ICSCDS56580.2023.10104823","DOI":"10.1109\/ICSCDS56580.2023.10104823"},{"key":"21_CR27","doi-asserted-by":"publisher","unstructured":"Radu, R., S\u0103ndescu, C., Grigorescu, O., Rughini\u015f, R.: Analyzing risk evaluation frameworks and risk assessment methods. In: 2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet), pp.\u00a01\u20136 (2020). https:\/\/doi.org\/10.1109\/RoEduNet51892.2020.9324879","DOI":"10.1109\/RoEduNet51892.2020.9324879"},{"key":"21_CR28","doi-asserted-by":"publisher","unstructured":"Rehman, S., Allgaier, C., Gruhn, V.: Security requirements engineering: a framework for cyber-physical systems. In: 2018 International Conference on Frontiers of Information Technology (FIT), pp. 315\u2013320 (2018). https:\/\/doi.org\/10.1109\/FIT.2018.00062","DOI":"10.1109\/FIT.2018.00062"},{"key":"21_CR29","doi-asserted-by":"publisher","unstructured":"Romansky, B., Mazzuchi, T., Sarkani, S.: Extending the update framework (TUF) for industrial control system applications. In: SoutheastCon 2024, pp. 1571\u20131576 (2024). https:\/\/doi.org\/10.1109\/SoutheastCon52093.2024.10500028","DOI":"10.1109\/SoutheastCon52093.2024.10500028"},{"key":"21_CR30","doi-asserted-by":"publisher","unstructured":"Savold, R., Dagher, N., Frazier, P., McCallam, D.: Architecting cyber defense: a survey of the leading cyber reference architectures and frameworks. In: Proceedings of the IEEE CSCloud, pp. 127\u2013138 (2017). https:\/\/doi.org\/10.1109\/CSCloud.2017.37","DOI":"10.1109\/CSCloud.2017.37"},{"key":"21_CR31","doi-asserted-by":"publisher","unstructured":"Wang, Y., Qi, B., Zou, H.X., Li, J.X.: Framework of raising cyber security awareness. In: 2018 IEEE 18th International Conference on Communication Technology (ICCT), pp. 865\u2013869 (2018). https:\/\/doi.org\/10.1109\/ICCT.2018.8599967","DOI":"10.1109\/ICCT.2018.8599967"},{"key":"21_CR32","doi-asserted-by":"publisher","unstructured":"Waqdan, M., Louafi, H., Mouhoub, M.: An IoT security risk assessment framework for healthcare environment. In: 2023 International Symposium on Networks, Computers and Communications (ISNCC), pp. 01\u201308 (2023). https:\/\/doi.org\/10.1109\/ISNCC58260.2023.10324002","DOI":"10.1109\/ISNCC58260.2023.10324002"},{"key":"21_CR33","doi-asserted-by":"publisher","unstructured":"Wu, Z., Wang, J., Shi, Q., Zhang, J., Liu, J., Zhang, X.: An attack-aware shipping enterprise cybersecurity framework based on deep learning. In: Proceedings of the 11th International Conference on Information Systems and Computing Technology (ISCTech), pp. 115\u2013119 (2023). https:\/\/doi.org\/10.1109\/ISCTech60480.2023.00028","DOI":"10.1109\/ISCTech60480.2023.00028"}],"container-title":["Lecture Notes in Computer Science","HCI International 2025 \u2013 Late Breaking Papers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-12801-0_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T01:57:52Z","timestamp":1767319072000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-12801-0_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032128003","9783032128010"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-12801-0_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"2 January 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"HCII","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Human-Computer Interaction","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Gothenburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sweden","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 June 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 June 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"hcii2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2025.hci.international\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}