{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T12:01:26Z","timestamp":1780574486494,"version":"3.54.1"},"reference-count":86,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2023,5,26]],"date-time":"2023-05-26T00:00:00Z","timestamp":1685059200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,5,26]],"date-time":"2023-05-26T00:00:00Z","timestamp":1685059200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100014440","name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades","doi-asserted-by":"publisher","award":["PID2020-112540RB-C42"],"award-info":[{"award-number":["PID2020-112540RB-C42"]}],"id":[{"id":"10.13039\/100014440","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100014440","name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades","doi-asserted-by":"publisher","award":["PID2020-112540RB-C42"],"award-info":[{"award-number":["PID2020-112540RB-C42"]}],"id":[{"id":"10.13039\/100014440","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100014440","name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades","doi-asserted-by":"publisher","award":["PID2020-112540RB-C42"],"award-info":[{"award-number":["PID2020-112540RB-C42"]}],"id":[{"id":"10.13039\/100014440","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100014440","name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades","doi-asserted-by":"publisher","award":["PID2020-112540RB-C42"],"award-info":[{"award-number":["PID2020-112540RB-C42"]}],"id":[{"id":"10.13039\/100014440","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100014440","name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades","doi-asserted-by":"publisher","award":["PID2020-112540RB-C42"],"award-info":[{"award-number":["PID2020-112540RB-C42"]}],"id":[{"id":"10.13039\/100014440","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100014440","name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades","doi-asserted-by":"publisher","award":["PID2020-112540RB-C42"],"award-info":[{"award-number":["PID2020-112540RB-C42"]}],"id":[{"id":"10.13039\/100014440","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100007480","name":"Universidad de Castilla la Mancha","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100007480","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Software Qual J"],"published-print":{"date-parts":[[2024,3]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>The Information Security Management Systems (ISMS) are global and risk-driven processes that allow companies to develop their cybersecurity strategy by defining security policies, valuable assets, controls, and technologies for protecting their systems and information from threats and vulnerabilities. Despite the implementation of such management infrastructures, incidents or security breaches happen. Each incident has associated a level of severity and a set of mitigation controls, so in order to restore the ISMS, the appropriate set of controls to mitigate their damage must be selected. The time in which the ISMS is restored is a critical aspect. In this sense, classic solutions are efficient in resolving scenarios with a moderate number of incidents in a reasonable time, but the response time increases exponentially as the number of incidents increases. This makes classical solutions unsuitable for real scenarios in which a large number of incidents are handled and even less appropriate for scenarios in which security management is offered as a service to several companies. This paper proposes a solution to the incident response problem that acts in a minimal amount of time for real scenarios in which a large number of incidents are handled. It applies quantum computing, as a novel approach that is being successfully applied to real problems, which allows us\u00a0to obtain solutions in a constant time regardless of the number of incidents handled. To validate the applicability and efficiency of our proposal, it has been applied to real cases using our framework (MARISMA).<\/jats:p>","DOI":"10.1007\/s11219-023-09632-6","type":"journal-article","created":{"date-parts":[[2023,5,26]],"date-time":"2023-05-26T06:02:11Z","timestamp":1685080931000},"page":"163-192","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":24,"title":["Minimizing incident response time in real-world scenarios using quantum computing"],"prefix":"10.1007","volume":"32","author":[{"given":"Manuel A.","family":"Serrano","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Luis E.","family":"S\u00e1nchez","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Antonio","family":"Santos-Olmo","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"David","family":"Garc\u00eda-Rosado","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Carlos","family":"Blanco","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Vita Santa","family":"Barletta","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Danilo","family":"Caivano","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Eduardo","family":"Fern\u00e1ndez-Medina","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2023,5,26]]},"reference":[{"key":"9632_CR1","unstructured":"Abhari, A. J., Faruque, A., Dousti, M. J., Svec, L., Catu, O., Chakrabati, A., Chiang, C. -F., Vanderwilt, S., Black, J., Chong, F., Martonosi, M., Suchara, M., Brown, K., Pedram, M., & Brun, T. (2012). Scaffold: Quantum Programming Language. Technical report, Princeton Univ NJ Dept of Computer Science."},{"issue":"8","key":"9632_CR2","doi-asserted-by":"publisher","first-page":"939","DOI":"10.1002\/asi.24311","volume":"71","author":"A Ahmad","year":"2020","unstructured":"Ahmad, A., Desouza, K. C., Maynard, S. B., Naseer, H., & Baskerville, R. L. (2020). How integration of cyber security management and incident response enables organizational learning. Journal of the Association for Information Science and Technology, 71(8), 939\u2013953. https:\/\/doi.org\/10.1002\/asi.24311","journal-title":"Journal of the Association for Information Science and Technology"},{"issue":"5","key":"9632_CR3","doi-asserted-by":"publisher","first-page":"643","DOI":"10.1016\/j.cose.2012.04.001","volume":"31","author":"A Ahmad","year":"2012","unstructured":"Ahmad, A., Hadgkiss, J., & Ruighaver, A. B. (2012). Incident response teams - Challenges in supporting the organisational security function. Computers and Security, 31(5), 643\u2013652. https:\/\/doi.org\/10.1016\/j.cose.2012.04.001","journal-title":"Computers and Security"},{"key":"9632_CR4","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102122","volume":"101","author":"A Ahmad","year":"2021","unstructured":"Ahmad, A., Maynard, S. B., Desouza, K. C., Kotsias, J., Whitty, M. T., & Baskerville, R. L. (2021). How can organizations develop situation awareness for incident response: A case study of management practice. Computers & Security, 101,. https:\/\/doi.org\/10.1016\/j.cose.2020.102122","journal-title":"Computers & Security"},{"issue":"6","key":"9632_CR5","doi-asserted-by":"publisher","first-page":"717","DOI":"10.1016\/j.ijinfomgt.2015.08.001","volume":"35","author":"A Ahmad","year":"2015","unstructured":"Ahmad, A., Maynard, S. B., & Shanks, G. (2015). A case analysis of information systems and security incident responses. International Journal of Information Management, 35(6), 717\u2013723. https:\/\/doi.org\/10.1016\/j.ijinfomgt.2015.08.001","journal-title":"International Journal of Information Management"},{"key":"9632_CR6","doi-asserted-by":"publisher","first-page":"402","DOI":"10.1016\/j.cose.2019.07.001","volume":"86","author":"A Ahmad","year":"2019","unstructured":"Ahmad, A., Webb, J., Desouza, K. C., & Boorman, J. (2019). Strategically-motivated advanced persistent threat: Definition, process, tactics and a disinformation model of counterattack. Computers & Security, 86, 402\u2013418. https:\/\/doi.org\/10.1016\/j.cose.2019.07.001","journal-title":"Computers & Security"},{"key":"9632_CR7","doi-asserted-by":"publisher","unstructured":"Ahmed, B. S., & Nibouche, F. (2018). Using survey to estimate the effort of setting up an Information Security Management System: Case ITC Organizations. In: 2018 5th International Conference on Control, Decision and Information Technologies (CoDIT), pp. 803\u2013808. https:\/\/doi.org\/10.1109\/CoDIT.2018.8394907. IEEE, Thessaloniki, Greece.","DOI":"10.1109\/CoDIT.2018.8394907"},{"issue":"4","key":"9632_CR8","doi-asserted-by":"publisher","first-page":"1271","DOI":"10.4314\/njt.v36i4.38","volume":"36","author":"DA Akinwumi","year":"2018","unstructured":"Akinwumi, D. A., Iwasokun, G. B., Alese, B. K., & Oluwadare, S. A. (2018). A review of game theory approach to cyber security risk management. Nigerian Journal of Technology, 36(4), 1271. https:\/\/doi.org\/10.4314\/njt.v36i4.38","journal-title":"Nigerian Journal of Technology"},{"key":"9632_CR9","doi-asserted-by":"publisher","unstructured":"Aleksandrowicz, G., Alexander, T., Barkoutsos, P., Bello, L., Ben-Haim, Y., Bucher, D., Cabrera-Hern\u00e1ndez, F. J., Carballo-Franquis, J., Chen, A., Chen, C. -F., & Others. (2019). Qiskit: An open-source framework for quantum computing. https:\/\/doi.org\/10.5281\/zenodo.2562111. Accessed 16 Mar 2019.","DOI":"10.5281\/zenodo.2562111"},{"issue":"1","key":"9632_CR10","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1016\/j.ijinfomgt.2011.07.002","volume":"32","author":"S Alhawari","year":"2012","unstructured":"Alhawari, S., Karadsheh, L., Nehari Talet, A., & Mansour, E. (2012). Knowledge-Based Risk Management framework for Information Technology project. International Journal of Information Management, 32(1), 50\u201365. https:\/\/doi.org\/10.1016\/j.ijinfomgt.2011.07.002","journal-title":"International Journal of Information Management"},{"key":"9632_CR11","doi-asserted-by":"publisher","unstructured":"Alshawabkeh, M., Li, X., & Sullabi, M. (2019). New Information Security Risk Management Framework as an Integral Part of Project Life Cycle. In: Proceedings of the 2019 5th International Conference on Humanities and Social Science Research (ICHSSR 2019). https:\/\/doi.org\/10.2991\/ichssr-19.2019.24. Atlantis Press, Paris, France.","DOI":"10.2991\/ichssr-19.2019.24"},{"key":"9632_CR12","doi-asserted-by":"publisher","unstructured":"Altenkirch, T., & Grattage, J. (2005). A Functional Quantum Programming Language. In: 20th Annual IEEE Symposium on Logic in Computer Science (LICS\u2019 05), pp. 249\u2013258. IEEE, Chicago, IL, USA. https:\/\/doi.org\/10.1109\/LICS.2005.1","DOI":"10.1109\/LICS.2005.1"},{"key":"9632_CR13","unstructured":"AndreSaraiva, D. (2022). How Should Quantum Computations Be Priced? Quantum Computing Report, GQI. https:\/\/quantumcomputingreport.com\/how-should-quantum-computations-be-priced\/"},{"key":"9632_CR14","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/978-3-030-37670-3_13","volume-title":"Critical Information Infrastructures Security","author":"T Aoyama","year":"2020","unstructured":"Aoyama, T., Sato, A., Lisi, G., & Watanabe, K. (2020). On the importance of agility, transparency, and positive reinforcement in cyber incident crisis communication. In S. Nadjm-Tehrani (Ed.), Critical Information Infrastructures Security (pp. 163\u2013168). Cham: Springer."},{"key":"9632_CR15","unstructured":"Asfaw, A., Corcoles, A., Bello, L., Ben-Haim, Y., Bozzo-Rey, M., Bravyi, S., Bronn, N., Capelluto, L., Vazquez, A.C., Ceroni, J., Chen, R., Frisch, A., Gambetta, J., Garion, S., Gil, L., Gonzalez, S. D. L. P., Harkins, F., Imamichi, T., Kang, H., h. Karamlou, A., Loredo, R., McKay, D., Mezzacapo, A., Minev, Z., Movassagh, R., Nannicini, G., Nation, P., Phan, A., Pistoia, M., Rattew, A., Schaefer, J., Shabani, J., Smolin, J., Stenger, J., Temme, K., Tod, M., Wood, S., & Wootton., J. (2020). Learn Quantum Computation Using Qiskit. http:\/\/community.qiskit.org\/textbook"},{"key":"9632_CR16","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-69174-5","author":"A Bhardwaj","year":"2021","unstructured":"Bhardwaj, A., & Sapra, V. (2021). Security Incidents & Response Against Cyber Attacks. Springer. https:\/\/doi.org\/10.1007\/978-3-030-69174-5","journal-title":"Springer"},{"key":"9632_CR17","doi-asserted-by":"publisher","first-page":"350","DOI":"10.1016\/j.cose.2019.07.003","volume":"86","author":"I Bongiovanni","year":"2019","unstructured":"Bongiovanni, I. (2019). The least secure places in the universe? A systematic literature review on information security management in higher education. Computers & Security, 86, 350\u2013357. https:\/\/doi.org\/10.1016\/j.cose.2019.07.003","journal-title":"Computers & Security"},{"key":"9632_CR18","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1103\/PhysRevA.48.116","volume":"48","author":"V \u010cern\u00fd","year":"1993","unstructured":"\u010cern\u00fd, V. (1993). Quantum computers and intractable (np-complete) computing problems. Physical Review A, 48, 116\u2013119. https:\/\/doi.org\/10.1103\/PhysRevA.48.116","journal-title":"Physical Review A"},{"key":"9632_CR19","doi-asserted-by":"crossref","unstructured":"Clairambault, P., DeVisme, M., & Winskel, G. (2019). Game semantics for quantum programming. Proceedings of the ACM on Programming Languages, 3(POPL), 1\u201329.","DOI":"10.1145\/3290345"},{"key":"9632_CR20","unstructured":"Cutress, I. (2021). Intel Core I7-10700 Vs Core i7-10700K Review: Is 65W Comet Lake an Option? Anand\u2019s Hardware Tech Page, Anandtech. https:\/\/www.anandtech.com\/show\/16343\/intel-core-i710700-vs-core-i710700k-review-is-65w-comet-lake-an-option\/2"},{"issue":"3","key":"9632_CR21","doi-asserted-by":"publisher","first-page":"1061","DOI":"10.1103\/RevModPhys.80.1061","volume":"80","author":"A Das","year":"2008","unstructured":"Das, A., & Chakrabarti, B. K. (2008). Colloquium: Quantum annealing and analog quantum computation. Reviews of Modern Physics, 80(3), 1061.","journal-title":"Reviews of Modern Physics"},{"key":"9632_CR22","doi-asserted-by":"publisher","unstructured":"Dashti, S., Giorgini, P., & Paja, E. (2017). Information Security Risk Management. In: Lecture Notes in Business Information Processing. FThe Practice of Enterprise Modeling, 305, 18\u201333. https:\/\/doi.org\/10.1007\/978-3-319-70241-4_2. Springer, Cham.","DOI":"10.1007\/978-3-319-70241-4_2"},{"key":"9632_CR23","doi-asserted-by":"publisher","unstructured":"Debnath, B., Alghazo, J. M., Latif, G., Roychoudhuri, R., & Ghosh, S. K. (2020). An Analysis of Data Security and Potential Threat from IT Assets for Middle Card Players, Institutions and Individuals. In: Sustainable Waste Management: Policies and Case Studies. Sustainable Waste Management: Policies and Case Studies, pp. 403\u2013419. https:\/\/doi.org\/10.1007\/978-981-13-7071-7_36. Springer, Singapore.","DOI":"10.1007\/978-981-13-7071-7_36"},{"key":"9632_CR24","doi-asserted-by":"crossref","unstructured":"Dieterich, J. M., & Hartke, B. (2012). Empirical review of standard benchmark functions using evolutionary global optimization. arXiv preprint. arXiv:1207.4318","DOI":"10.4236\/am.2012.330215"},{"key":"9632_CR25","doi-asserted-by":"crossref","unstructured":"Dion, M. (2020). Cybersecurity policy and theory. In: Theoretical Foundations of Homeland Security, pp. 257\u2013284. Routledge, London.","DOI":"10.4324\/9780429259920-13"},{"issue":"3","key":"9632_CR26","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1080\/14778238.2019.1599495","volume":"17","author":"M Eslamkhah","year":"2019","unstructured":"Eslamkhah, M., & Hosseini Seno, S. A. (2019). Identifying and Ranking Knowledge Management Tools and Techniques Affecting Organizational Information Security Improvement. Knowledge Management Research & Practice, 17(3), 276\u2013305. https:\/\/doi.org\/10.1080\/14778238.2019.1599495","journal-title":"Knowledge Management Research & Practice"},{"key":"9632_CR27","unstructured":"EuroStat: Electricity Price Statistics. (2022). Statistics Explained, European Commission. https:\/\/ec.europa.eu\/eurostat\/statistics-explained\/index.php?title=Electricity_price_statistics"},{"issue":"5516","key":"9632_CR28","doi-asserted-by":"publisher","first-page":"472","DOI":"10.1126\/science.1057726","volume":"292","author":"E Farhi","year":"2001","unstructured":"Farhi, E., Goldstone, J., Gutmann, S., Lapan, J., Lundgren, A., & Preda, D. (2001). A quantum adiabatic evolution algorithm applied to random instances of an np-complete problem. Science, 292(5516), 472\u2013475.","journal-title":"Science"},{"key":"9632_CR29","unstructured":"Farhi, E., Goldstone, J., & Gutmann, S. (2014). A quantum approximate optimization algorithm. arXiv preprint. arXiv:1411.4028"},{"key":"9632_CR30","doi-asserted-by":"publisher","unstructured":"Glantz, C., Lenaeus, J., Landine, G., O\u2019Neil, L.R., Leitch, R., Johnson, C., Lewis, J., & Rodger, R. (2017). Chapter 9. In: Martellini, M., Malizia, A. (eds.) Implementing an Information Security Program. Terrorism, Security, and Computation, pp. 179\u2013197. https:\/\/doi.org\/10.1007\/978-3-319-62108-1_9. Springer, Cham.","DOI":"10.1007\/978-3-319-62108-1_9"},{"key":"9632_CR31","doi-asserted-by":"publisher","unstructured":"Green, A. S., Lumsdaine, P. L., Ross, N. J., Selinger, P., & Valiron, B. (2013). Quipper. In: ACM SIGPLAN Notices, 48, 333\u2013342. https:\/\/doi.org\/10.1145\/2499370.2462177. Association for Computing Machinery, New York, NY, USA.","DOI":"10.1145\/2499370.2462177"},{"key":"9632_CR32","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1016\/j.diin.2017.07.006","volume":"22","author":"G Grispos","year":"2017","unstructured":"Grispos, G., Glisson, W. B., & Storer, T. (2017). Enhancing security incident response follow-up efforts with lightweight agile retrospectives. Digital Investigation, 22, 62\u201373. https:\/\/doi.org\/10.1016\/j.diin.2017.07.006","journal-title":"Digital Investigation"},{"issue":"1","key":"9632_CR33","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3145905","volume":"51","author":"D Gritzalis","year":"2018","unstructured":"Gritzalis, D., Iseppi, G., Mylonas, A., & Stavrou, V. (2018). Exiting the Risk Assessment Maze. ACM Computing Surveys, 51(1), 1\u201330. https:\/\/doi.org\/10.1145\/3145905","journal-title":"ACM Computing Surveys"},{"issue":"2","key":"9632_CR34","doi-asserted-by":"publisher","first-page":"325","DOI":"10.1103\/PhysRevLett.79.325","volume":"79","author":"LK Grover","year":"1997","unstructured":"Grover, L. K. (1997). Quantum Mechanics Helps in Searching for a Needle in a Haystack. Physical Review Letters, 79(2), 325\u2013328. https:\/\/doi.org\/10.1103\/PhysRevLett.79.325","journal-title":"Physical Review Letters"},{"key":"9632_CR35","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1016\/j.cosrev.2018.11.002","volume":"31","author":"L Gyongyosi","year":"2019","unstructured":"Gyongyosi, L., & Imre, S. (2019). A Survey on quantum computing technology. Computer Science Review, 31, 51\u201371. https:\/\/doi.org\/10.1016\/j.cosrev.2018.11.002","journal-title":"Computer Science Review"},{"key":"9632_CR36","doi-asserted-by":"publisher","unstructured":"Hariyanti, E., Djunaidy, A., & Siahaan, D. O. (2018). A Conceptual Model for Information Security Risk Considering Business Process Perspective. In: 2018 4th International Conference on Science and Technology (ICST), pp. 1\u20136. https:\/\/doi.org\/10.1109\/ICSTC.2018.8528678. IEEE, Yogyakarta, Indonesia.","DOI":"10.1109\/ICSTC.2018.8528678"},{"key":"9632_CR37","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2021.102435","volume":"62","author":"Y He","year":"2022","unstructured":"He, Y., Zamani, E. D., Lloyd, S., & Luo, C. (2022). Agile incident response (air): Improving the incident response process in healthcare. International Journal of Information Management, 62,. https:\/\/doi.org\/10.1016\/j.ijinfomgt.2021.102435","journal-title":"International Journal of Information Management"},{"issue":"12","key":"9632_CR38","doi-asserted-by":"publisher","first-page":"709","DOI":"10.1038\/s42254-020-00245-7","volume":"2","author":"B Heim","year":"2020","unstructured":"Heim, B., Soeken, M., Marshall, S., Granade, C., Roetteler, M., Geller, A., Troyer, M., & Svore, K. (2020). Quantum programming languages. Nature Reviews. Physics, 2(12), 709\u2013722. https:\/\/doi.org\/10.1038\/s42254-020-00245-7","journal-title":"Physics"},{"key":"9632_CR39","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-23922-0","volume-title":"Quantum Computing: An Applied Approach","author":"JD Hidary","year":"2019","unstructured":"Hidary, J. D. (2019). Quantum Computing: An Applied Approach. Cham: Springer."},{"key":"9632_CR40","unstructured":"IBM: The Quantum Decade. (2021). A Playbook for Achieving Awareness, Readiness, and Advantage. https:\/\/www.ibm.com\/downloads\/cas\/J25G35OK"},{"key":"9632_CR41","volume-title":"Programming Quantum Computers: Essential Algorithms and Code Samples","author":"ER Johnston","year":"2019","unstructured":"Johnston, E. R., Harrigan, N., & Gimeno-Segovia, M. (2019). Programming Quantum Computers: Essential Algorithms and Code Samples. Gravenstein Highway North, USA: O\u2019Reilly Media."},{"issue":"4598","key":"9632_CR42","first-page":"671","volume":"220","author":"S Kirkpatrick","year":"1983","unstructured":"Kirkpatrick, S., Gelatt, C. D., Jr, & Vecchi, M. P. (1983). Optimization by simulated annealing. science, 220(4598), 671\u2013680.","journal-title":"Optimization by simulated annealing. science"},{"key":"9632_CR43","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102036","volume":"99","author":"R Knight","year":"2020","unstructured":"Knight, R., & Nurse, J. R. C. (2020). A framework for effective corporate communication after cyber security incidents. Computers & Security, 99,. https:\/\/doi.org\/10.1016\/j.cose.2020.102036","journal-title":"Computers & Security"},{"key":"9632_CR44","unstructured":"Knill, E. (1996). Conventions for quantum pseudocode. Technical Report LAUR-96-2724, Los Alamos National Lab, NM (United States)"},{"key":"9632_CR45","doi-asserted-by":"publisher","unstructured":"Liu, S., Wang, X., Zhou, L., Guan, J., Li, Y., He, Y., Duan, R., & Ying, M. (2018). Qsi$$>$$: A quantum programming environment. In: Lecture Notes in Computer Science (including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11180(LNCS), 133\u2013164. https:\/\/doi.org\/10.1007\/978-3-030-01461-2_8. Springer.","DOI":"10.1007\/978-3-030-01461-2_8"},{"key":"9632_CR46","doi-asserted-by":"publisher","first-page":"5","DOI":"10.3389\/fphy.2014.00005","volume":"2","author":"A Lucas","year":"2014","unstructured":"Lucas, A. (2014). Ising formulations of many np problems. Frontiers in physics, 2, 5. https:\/\/doi.org\/10.3389\/fphy.2014.00005","journal-title":"Frontiers in physics"},{"key":"9632_CR47","doi-asserted-by":"publisher","unstructured":"Mahima, D. (2021). Cyber threat in public sector: Modeling an incident response framework. In: 2021 International Conference on Innovative Practices in Technology and Management (ICIPTM), pp. 55\u201360. https:\/\/doi.org\/10.1109\/ICIPTM52218.2021.9388333","DOI":"10.1109\/ICIPTM52218.2021.9388333"},{"issue":"5","key":"9632_CR48","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/MITP.2016.77","volume":"18","author":"LO Mailloux","year":"2016","unstructured":"Mailloux, L. O., Lewis, C. D., II, Riggs, C., & Grimaila, M. R. (2016). Post-quantum cryptography: what advancements in quantum computing mean for it professionals. IT Professional, 18(5), 42\u201347.","journal-title":"IT Professional"},{"key":"9632_CR49","unstructured":"Maymin, P. (1996). Extending the Lambda Calculus to Express Randomized and Quantumized Algorithms. arXiv preprint quant-ph\/9612052. arXiv:9612052. [quant-ph]."},{"issue":"3","key":"9632_CR50","doi-asserted-by":"publisher","first-page":"517","DOI":"10.1007\/s41870-019-00302-0","volume":"11","author":"SAR Mortazavi","year":"2019","unstructured":"Mortazavi, S. A. R., & Safi-Esfahani, F. (2019). A checklist based evaluation framework to measure risk of information security management systems. International Journal of Information Technology (Singapore), 11(3), 517\u2013534. https:\/\/doi.org\/10.1007\/s41870-019-00302-0","journal-title":"International Journal of Information Technology (Singapore)"},{"issue":"7671","key":"9632_CR51","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1038\/549171a","volume":"549","author":"L Mueck","year":"2017","unstructured":"Mueck, L. (2017). Quantum software. Nature, 549(7671), 171\u2013171.","journal-title":"Nature"},{"key":"9632_CR52","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2021.102334","volume":"59","author":"A Naseer","year":"2021","unstructured":"Naseer, A., Naseer, H., Ahmad, A., Maynard, S. B., & Masood Siddiqui, A. (2021). Real-time analytics, incident response process agility and enterprise cybersecurity performance: A contingent resource-based analysis. International Journal of Information Management, 59,. https:\/\/doi.org\/10.1016\/j.ijinfomgt.2021.102334","journal-title":"International Journal of Information Management"},{"key":"9632_CR53","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1016\/j.jlp.2017.03.023","volume":"49","author":"N Paltrinieri","year":"2017","unstructured":"Paltrinieri, N., & Reniers, G. (2017). Dynamic risk analysis for Seveso sites. Journal of Loss Prevention in the Process Industries, 49, 111\u2013119. https:\/\/doi.org\/10.1016\/j.jlp.2017.03.023","journal-title":"Journal of Loss Prevention in the Process Industries"},{"key":"9632_CR54","doi-asserted-by":"publisher","unstructured":"Pakin, S. (2016). A quantum macro assembler. In: 2016 IEEE High Performance Extreme Computing Conference (HPEC), pp. 1\u20138. https:\/\/doi.org\/10.1109\/HPEC.2016.7761637","DOI":"10.1109\/HPEC.2016.7761637"},{"issue":"1","key":"9632_CR55","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1109\/MITP.2020.3019522","volume":"23","author":"M Piattini","year":"2021","unstructured":"Piattini, M., Serrano, M., Perez-Castillo, R., Petersen, G., & Hevia, J. L. (2021). Toward a Quantum Software Engineering. IT Professional, 23(1), 62\u201366. https:\/\/doi.org\/10.1109\/MITP.2020.3019522","journal-title":"IT Professional"},{"issue":"2","key":"9632_CR56","doi-asserted-by":"publisher","first-page":"538","DOI":"10.9770\/IRD.2020.2.2(3)","volume":"2","author":"T Pleta","year":"2020","unstructured":"Pleta, T., Tvaronavi\u010diene, M., & Della Casa, S. (2020). Cyber effect and security management aspects in critical energy infrastructures. Insights into Regional Development, 2(2), 538\u2013548. https:\/\/doi.org\/10.9770\/IRD.2020.2.2(3)","journal-title":"Insights into Regional Development"},{"key":"9632_CR57","doi-asserted-by":"publisher","unstructured":"Prasad, R., & Rohokale, V. (2020). Secure Incident Handling, pp. 203\u2013216. Springer, Cham. https:\/\/doi.org\/10.1007\/978-3-030-31703-4_14","DOI":"10.1007\/978-3-030-31703-4_14"},{"key":"9632_CR58","doi-asserted-by":"publisher","unstructured":"Proen\u00e7a, D., & Borbinha, J. (2018). Information Security Management Systems - A Maturity Model Based on ISO\/IEC 27001. In: Lecture Notes in Business Information Processing. Business Information Systems, 320, 102\u2013114. https:\/\/doi.org\/10.1007\/978-3-319-93931-5_8. Springer, Cham.","DOI":"10.1007\/978-3-319-93931-5_8"},{"issue":"449","key":"9632_CR59","doi-asserted-by":"publisher","first-page":"347","DOI":"10.2307\/2669583","volume":"95","author":"D Rocke","year":"2000","unstructured":"Rocke, D. (2000). Genetic algorithms+ data structures= evolution programs (3rd. Journal of the American Statistical Association, 95(449), 347.","journal-title":"Journal of the American Statistical Association"},{"key":"9632_CR60","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102155","volume":"102","author":"DG Rosado","year":"2021","unstructured":"Rosado, D. G., Moreno, J., S\u00e1nchez, L. E., Santos-Olmo, A., Serrano, M. A., & Fern\u00e1ndez-Medina, E. (2021). Marisma-bida pattern: Integrated risk analysis for big data. Computers & Security, 102,. https:\/\/doi.org\/10.1016\/j.cose.2020.102155","journal-title":"Computers & Security"},{"key":"9632_CR61","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-160v2","volume-title":"Developing cyber resilient systems: a systems security engineering approach","author":"R Ross","year":"2019","unstructured":"Ross, R., Pillitteri, V., Graubart, R., Bodeau, D., & McQuaid, R. (2019). Developing cyber resilient systems: a systems security engineering approach. National Institute of Standards and Technology: Technical report."},{"key":"9632_CR62","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1016\/j.cose.2016.10.009","volume":"65","author":"K Ruan","year":"2017","unstructured":"Ruan, K. (2017). Introducing cybernomics: A unifying economic framework for measuring cyber risk. Computers & Security, 65, 77\u201389. https:\/\/doi.org\/10.1016\/j.cose.2016.10.009","journal-title":"Computers & Security"},{"key":"9632_CR63","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102507","volume":"112","author":"A Salvi","year":"2022","unstructured":"Salvi, A., Spagnoletti, P., & Noori, N. S. (2022). Cyber-resilience of critical cyber infrastructures: Integrating digital twins in the electric power ecosystem. Computers & Security, 112,. https:\/\/doi.org\/10.1016\/j.cose.2021.102507","journal-title":"Computers & Security"},{"issue":"13","key":"9632_CR64","doi-asserted-by":"publisher","first-page":"5843","DOI":"10.3390\/app11135843","volume":"11","author":"P S\u00e1nchez","year":"2021","unstructured":"S\u00e1nchez, P., & Alonso, D. (2021). On the Definition of Quantum Programming Modules. Applied Sciences, 11(13), 5843.","journal-title":"Applied Sciences"},{"key":"9632_CR65","doi-asserted-by":"publisher","unstructured":"Sardjono, W., & Cholik, M. I. (2018). Information Systems Risk Analysis Using Octave Allegro Method Based at Deutsche Bank. In: 2018 International Conference on Information Management and Technology (ICIMTech), pp. 38\u201342. https:\/\/doi.org\/10.1109\/ICIMTech.2018.8528108. IEEE, Jakarta, Indonesia.","DOI":"10.1109\/ICIMTech.2018.8528108"},{"key":"9632_CR66","doi-asserted-by":"publisher","unstructured":"Shor, P. W. (2002). Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings 35th Annual Symposium on Foundations of Computer Science, pp. 124\u2013134. IEEE Comput. Soc. Press, Santa Fe, NM, USA. https:\/\/doi.org\/10.1109\/SFCS.1994.365700. IEEE.","DOI":"10.1109\/SFCS.1994.365700"},{"key":"9632_CR67","unstructured":"Smith, R. S., Curtis, M. J., & Zeng, W. J. (2016). A Practical Quantum Instruction Set Architecture. arXiv preprint. arXiv:1608.03355, arXiv:1608.03355"},{"key":"9632_CR68","doi-asserted-by":"publisher","first-page":"178","DOI":"10.1016\/j.future.2018.09.063","volume":"92","author":"J Srinivas","year":"2019","unstructured":"Srinivas, J., Das, A. K., & Kumar, N. (2019). Government regulations in cyber security: Framework, standards and recommendations. Future Generation Computer Systems, 92, 178\u2013188. https:\/\/doi.org\/10.1016\/j.future.2018.09.063","journal-title":"Future Generation Computer Systems"},{"key":"9632_CR69","doi-asserted-by":"publisher","unstructured":"Steiger, D. S., H\u00e4ner, T., & Troyer, M. (2018). ProjectQ: an open source software framework for quantum computing. Quantum, 2, 49. arXiv:1612.08091, https:\/\/doi.org\/10.22331\/q-2018-01-31-49","DOI":"10.22331\/q-2018-01-31-49"},{"key":"9632_CR70","doi-asserted-by":"publisher","unstructured":"Sun, H., & Xie, X. (2019). Threat evaluation method of warships formation air defense based on AR(p)-DITOPSIS. Journal of Systems Engineering and Electronics, 30(2), 297. https:\/\/doi.org\/10.21629\/JSEE.2019.02.09","DOI":"10.21629\/JSEE.2019.02.09"},{"key":"9632_CR71","volume-title":"Dancing with Qubits","author":"R Sutor","year":"2019","unstructured":"Sutor, R. (2019). Dancing with Qubits. Birmingham, UK: Packt Publishing."},{"key":"9632_CR72","doi-asserted-by":"publisher","unstructured":"Svore, K., Roetteler, M., Geller, A., Troyer, M., Azariah, J., Granade, C., Heim, B., Kliuchnikov, V., Mykhailova, M., & Paz, A. (2018). Q#. In: Proceedings of the Real World Domain Specific Languages Workshop 2018. RWDSL2018, pp. 1\u201310. https:\/\/doi.org\/10.1145\/3183895.3183901. ACM Press, New York, New York, USA.","DOI":"10.1145\/3183895.3183901"},{"key":"9632_CR73","doi-asserted-by":"publisher","unstructured":"Szwaczyk, S., Wrona, K., & Amanowicz, M. (2018). Applicability of risk analysis methods to risk-aware routing in software-defined networks. In: 2018 International Conference on Military Communications and Information Systems (ICMCIS), pp. 1\u20137. https:\/\/doi.org\/10.1109\/ICMCIS.2018.8398688. IEEE, Warsaw, Poland.","DOI":"10.1109\/ICMCIS.2018.8398688"},{"key":"9632_CR74","doi-asserted-by":"publisher","unstructured":"Szab\u00f3, Z. (2017). The Information Security and IT Security Questions of Pension Payment. In: Key Engineering Materials, 755, 322\u2013327. https:\/\/doi.org\/10.4028\/www.scientific.net\/KEM.755.322. Trans Tech Publ, Cham.","DOI":"10.4028\/www.scientific.net\/KEM.755.322"},{"key":"9632_CR75","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102385","volume":"109","author":"T Tam","year":"2021","unstructured":"Tam, T., Rao, A., & Hall, J. (2021). The good, the bad and the missing: A narrative review of cyber-security implications for australian small businesses. Computers & Security, 109,. https:\/\/doi.org\/10.1016\/j.cose.2021.102385","journal-title":"Computers & Security"},{"issue":"S3","key":"9632_CR76","doi-asserted-by":"publisher","first-page":"60","DOI":"10.1111\/1758-5899.12625","volume":"9","author":"LM Tanczer","year":"2018","unstructured":"Tanczer, L. M., Brass, I., & Carr, M. (2018). Csirts and global cybersecurity: How technical experts support science diplomacy. Global Policy, 9(S3), 60\u201366. https:\/\/doi.org\/10.1111\/1758-5899.12625","journal-title":"Global Policy"},{"key":"9632_CR77","doi-asserted-by":"publisher","unstructured":"Thakur, K., Qiu, M., Gai, K., & Ali, M. L. (2015). An Investigation on Cyber Security Threats and Security Models. In: 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing, pp. 307\u2013311. https:\/\/doi.org\/10.1109\/CSCloud.2015.71. IEEE, New York, NY, USA.","DOI":"10.1109\/CSCloud.2015.71"},{"issue":"4","key":"9632_CR78","doi-asserted-by":"publisher","first-page":"1178","DOI":"10.3390\/su11041178","volume":"11","author":"B Tiganoaia","year":"2019","unstructured":"Tiganoaia, B., Niculescu, A., Negoita, O., & Popescu, M. (2019). A New Sustainable Model for Risk Management-RiMM. Sustainability, 11(4), 1178. https:\/\/doi.org\/10.3390\/su11041178","journal-title":"Sustainability"},{"key":"9632_CR79","doi-asserted-by":"publisher","unstructured":"Turskis, Z., Goranin, N., Nurusheva, A., & Boranbayev, S. (2019). Information Security Risk Assessment in Critical Infrastructure: A Hybrid MCDM Approach. Informatica, 30(1), 187\u2013211. https:\/\/doi.org\/10.15388\/Informatica.2019.203","DOI":"10.15388\/Informatica.2019.203"},{"key":"9632_CR80","doi-asserted-by":"publisher","unstructured":"van der Kleij, R., Schraagen, J. M., Cadet, B., & Young, H. (2021). Developing decision support for cybersecurity threat and incident managers. Computers & Security, 102535. https:\/\/doi.org\/10.1016\/j.cose.2021.102535.","DOI":"10.1016\/j.cose.2021.102535."},{"key":"9632_CR81","doi-asserted-by":"publisher","first-page":"552","DOI":"10.1016\/j.jclepro.2018.09.127","volume":"205","author":"T Wang","year":"2018","unstructured":"Wang, T., Gao, S., Li, X., & Ning, X. (2018). A meta-network-based risk evaluation and control method for industrialized building construction projects. Journal of Cleaner Production, 205, 552\u2013564. https:\/\/doi.org\/10.1016\/j.jclepro.2018.09.127","journal-title":"Journal of Cleaner Production"},{"key":"9632_CR82","unstructured":"Wecker, D., & Svore, K. M. (2014). LIQUi>: A Software Design Architecture and Domain-Specific Language for Quantum Computing. http:\/\/arxiv.org\/abs\/1402.4467"},{"key":"9632_CR83","volume-title":"Quantum Machine Learning: What Quantum Computing Means to Data Mining","author":"P Wittek","year":"2014","unstructured":"Wittek, P. (2014). Quantum Machine Learning: What Quantum Computing Means to Data Mining. Elsevier: Academic Press."},{"key":"9632_CR84","doi-asserted-by":"publisher","unstructured":"Wolf, M., & Serpanos, D. (2020). Chapter 3. Threats and Threat Analysis, pp. 35\u201345. https:\/\/doi.org\/10.1007\/978-3-030-25808-5_3. Springer, Cham.","DOI":"10.1007\/978-3-030-25808-5_3"},{"key":"9632_CR85","doi-asserted-by":"publisher","unstructured":"Yoseviano, H. F., & Retnowardhani, A. (2018). The use of ISO\/IEC 27001: 2009 to analyze the risk and security of information system assets: case study in xyz, ltd. In: 2018 International Conference on Information Management and Technology (ICIMTech), pp. 21\u201326. https:\/\/doi.org\/10.1109\/ICIMTech.2018.8528096. IEEE, Jakarta, Indonesia.","DOI":"10.1109\/ICIMTech.2018.8528096"},{"key":"9632_CR86","unstructured":"Zhao, J. (2020). Quantum Software Engineering: Landscapes and Horizons. http:\/\/arxiv.org\/abs\/2007.07047"}],"container-title":["Software Quality Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-023-09632-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11219-023-09632-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-023-09632-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,12]],"date-time":"2024-02-12T13:19:15Z","timestamp":1707743955000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11219-023-09632-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,26]]},"references-count":86,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,3]]}},"alternative-id":["9632"],"URL":"https:\/\/doi.org\/10.1007\/s11219-023-09632-6","relation":{},"ISSN":["0963-9314","1573-1367"],"issn-type":[{"value":"0963-9314","type":"print"},{"value":"1573-1367","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,5,26]]},"assertion":[{"value":"19 April 2023","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 May 2023","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}