{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T13:40:03Z","timestamp":1755870003668,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":33,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,5,20]],"date-time":"2024-05-20T00:00:00Z","timestamp":1716163200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,5,20]]},"DOI":"10.1145\/3658321.3658363","type":"proceedings-article","created":{"date-parts":[[2024,5,23]],"date-time":"2024-05-23T10:26:23Z","timestamp":1716459983000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Information Security Investments: How to Prioritize?"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6313-6755","authenticated-orcid":false,"given":"Mariana Batista","family":"Oliveira","sequence":"first","affiliation":[{"name":"Instituto de Pesquisas Tecnol\u00f3gicas - IPT, Brazil"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5746-4154","authenticated-orcid":false,"given":"Alfredo","family":"Goldman","sequence":"additional","affiliation":[{"name":"Universidade de S\u00e3o Paulo, Brazil"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-9157-0050","authenticated-orcid":false,"given":"Joseph","family":"Yoder","sequence":"additional","affiliation":[{"name":"Universidade de S\u00e3o Paulo, Brazil"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,5,23]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.3390\/app12094102"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.3103\/S014768822004005X"},{"volume-title":"Emerging cyber threats and cognitive vulnerabilities","author":"Bada Maria","key":"e_1_3_2_1_3_1","unstructured":"Maria Bada and Jason\u00a0RC Nurse. 2020. The social and psychological impact of cyberattacks. In Emerging cyber threats and cognitive vulnerabilities. Elsevier, 73\u201392."},{"key":"e_1_3_2_1_4_1","volume-title":"Third-party induced cyber incidents\u2014much ado about nothing?Journal of Cybersecurity 7, 1","author":"Benaroch Michel","year":"2021","unstructured":"Michel Benaroch. 2021. Third-party induced cyber incidents\u2014much ado about nothing?Journal of Cybersecurity 7, 1 (2021), tyab020."},{"volume-title":"Lei n\u00ba 12.651, de 25 de maio de","year":"2012","key":"e_1_3_2_1_5_1","unstructured":"Brasil. 2012. Lei n\u00ba 12.651, de 25 de maio de 2012. Di\u00e1rio Oficial [da] Rep\u00fablica Federativa do Brasil (2012). http:\/\/www.planalto.gov.br\/ccivil_03\/_Ato2011-2014\/2012\/Lei\/L12651.htm"},{"key":"e_1_3_2_1_6_1","volume-title":"The international encyclopedia of communication theory and philosophy","author":"Brennen J\u00a0Scott","year":"2016","unstructured":"J\u00a0Scott Brennen and Daniel Kreiss. 2016. Digitalization. The international encyclopedia of communication theory and philosophy (2016), 1\u201311."},{"key":"e_1_3_2_1_7_1","unstructured":"Mike Chapple James\u00a0Michael Stewart and Darril Gibson. 2018. (ISC) 2 CISSP Certified Information Systems Security Professional Official Study Guide. John Wiley & Sons."},{"key":"e_1_3_2_1_8_1","unstructured":"Cisco. 2023. Cisco Cybersecurity Readiness Index. https:\/\/www.cisco.com\/c\/dam\/m\/en_us\/products\/security\/cybersecurity-reports\/cybersecurity-readiness-index\/2023\/cybersecurity-readiness-index-report.pdf"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1057\/s41303-017-0059-9"},{"volume-title":"Research on Enterprise Information Security Risk Assessment System Based on Bayesian Neural Network. In 2022 IEEE 2nd International Conference on Data Science and Computer Application (ICDSCA)","author":"Deng Zijie","key":"e_1_3_2_1_10_1","unstructured":"Zijie Deng, Guocong Feng, Qingshui Huang, Hong Zou, and Jiafa Zhang. 2022. Research on Enterprise Information Security Risk Assessment System Based on Bayesian Neural Network. In 2022 IEEE 2nd International Conference on Data Science and Computer Application (ICDSCA). IEEE, 938\u2013941."},{"key":"e_1_3_2_1_11_1","unstructured":"ENISA. 2023. INTEROPERABLE EU RISK MANAGEMENT FRAMEWORK. https:\/\/www.enisa.europa.eu\/publications\/interoperable-eu-risk-management-framework"},{"key":"e_1_3_2_1_12_1","unstructured":"European Commission. 2016. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95\/46\/EC (General Data Protection Regulation) (Text with EEA relevance). https:\/\/eur-lex.europa.eu\/eli\/reg\/2016\/679\/oj"},{"key":"e_1_3_2_1_13_1","unstructured":"Emilio\u00a0Granados Franco Richard Lukacs Marie\u00a0Sophie M\u00fcller Philip Shetler-Jones and Saadia Zahidi. 2020. COVID-19 risks outlook: A preliminary mapping and its implications. World Economic Forum."},{"key":"e_1_3_2_1_14_1","unstructured":"Gartner. 2023. Definition of Digitalization. https:\/\/www.gartner.com\/en\/information-technology\/glossary\/digitalization"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10796-019-09959-1"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.3390\/electronics10101168"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.3390\/su14031269"},{"key":"e_1_3_2_1_18_1","first-page":"4018","article-title":"Information Security Threats and Working from Home Culture: Taxonomy","volume":"23","author":"Kotak Jaidip","year":"2023","unstructured":"Jaidip Kotak, Edan Habler, Oleg Brodt, Asaf Shabtai, and Yuval Elovici. 2023. Information Security Threats and Working from Home Culture: Taxonomy, Risk Assessment and Solutions. Sensors 23, 8 (2023), 4018.","journal-title":"Risk Assessment and Solutions. Sensors"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.3390\/encyclopedia1030050"},{"key":"e_1_3_2_1_20_1","volume-title":"Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & security 105","author":"Lallie Harjinder\u00a0Singh","year":"2021","unstructured":"Harjinder\u00a0Singh Lallie, Lynsay\u00a0A Shepherd, Jason\u00a0RC Nurse, Arnau Erola, Gregory Epiphaniou, Carsten Maple, and Xavier Bellekens. 2021. Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & security 105 (2021), 102248."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.18280\/ijsse.100202"},{"key":"e_1_3_2_1_22_1","volume-title":"Helping defend against a 30000% increase in phishing attacks related to COVID-19 scams. CGI UK","author":"Nduva B","year":"2021","unstructured":"B Nduva. 2021. Helping defend against a 30000% increase in phishing attacks related to COVID-19 scams. CGI UK (2021)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1787\/entrepreneur_aag-2017-en"},{"key":"e_1_3_2_1_24_1","volume-title":"COVID-19 and the case for global development. World development 134","author":"Oldekop A","year":"2020","unstructured":"Johan\u00a0A Oldekop, Rory Horner, David Hulme, Roshan Adhikari, Bina Agarwal, Matthew Alford, Oliver Bakewell, Nicola Banks, Stephanie Barrientos, Tanja Bastia, 2020. COVID-19 and the case for global development. World development 134 (2020), 105044."},{"key":"e_1_3_2_1_25_1","volume-title":"International journal of information management 55","author":"Pandey Neena","year":"2020","unstructured":"Neena Pandey, Abhipsa Pal, 2020. Impact of digital surge during Covid-19 pandemic: A viewpoint on research and practice. International journal of information management 55 (2020), 102171."},{"volume-title":"Supply Chain Forum: An International Journal, Vol.\u00a023","author":"Pujawan I\u00a0Nyoman","key":"e_1_3_2_1_26_1","unstructured":"I\u00a0Nyoman Pujawan and Alpha\u00a0Umaru Bah. 2022. Supply chains under COVID-19 disruptions: literature review and research agenda. In Supply Chain Forum: An International Journal, Vol.\u00a023. Taylor & Francis, 81\u201395."},{"key":"e_1_3_2_1_27_1","volume-title":"Global Digital Trust Insights Survey","author":"C.","year":"2022","unstructured":"PwC. 2022. Global Digital Trust Insights Survey 2022. https:\/\/www.pwc.com.br\/pt\/estudos\/servicos\/consultoria-negocios\/2021\/global-digital-trust-insights-survey-2022.html"},{"key":"e_1_3_2_1_28_1","volume-title":"Sandra Camargo Pinto\u00a0Ferraz Fabbri, and Fabiano\u00a0Cutigi Ferrari","author":"Romero\u00a0Felizardo Scannavino Katia","year":"2017","unstructured":"Katia Romero\u00a0Felizardo Scannavino, Elisa\u00a0Yumi Nakagawa, Sandra Camargo Pinto\u00a0Ferraz Fabbri, and Fabiano\u00a0Cutigi Ferrari. 2017. Revis\u00e3o Sistem\u00e1tica da Literatura em Engenharia de Software: teoria e pr\u00e1tica. Elsevier."},{"key":"e_1_3_2_1_29_1","volume-title":"Modelling of Fuzzy Expert System for an Assessment of Security Information Management System UIS","author":"Sikman Ljilja","year":"2022","unstructured":"Ljilja Sikman, Nermin Sarajlic, 2022. Modelling of Fuzzy Expert System for an Assessment of Security Information Management System UIS (University Information System). Tehni\u010dki vjesnik 29, 1 (2022), 60\u201365."},{"key":"e_1_3_2_1_30_1","volume-title":"O software Atlas. ti como recurso para a an\u00e1lise de conte\u00fado: analisando a rob\u00f3tica no Ensino de Ci\u00eancias em teses brasileiras. Ci\u00eancia & Educa\u00e7\u00e3o 24, 3","author":"Silva\u00a0Junior Luiz\u00a0Alberto","year":"2018","unstructured":"Luiz\u00a0Alberto Silva\u00a0Junior and Marcelo Brito\u00a0Carneiro Le\u00e3o. 2018. O software Atlas. ti como recurso para a an\u00e1lise de conte\u00fado: analisando a rob\u00f3tica no Ensino de Ci\u00eancias em teses brasileiras. Ci\u00eancia & Educa\u00e7\u00e3o 24, 3 (2018), 715\u2013728."},{"key":"e_1_3_2_1_31_1","unstructured":"instituto de Pesquisa\u00a0Datafolha Tempest. 2022. 3a Pesquisa Tempest de Ciberseguran\u00e7a. https:\/\/www.tempest.com.br\/categoria_editoriais\/pesquisas-de-mercado\/"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.3905\/joi.2014.23.1.033"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.neucom.2017.05.106"}],"event":{"name":"SBSI '24: XX Brazilian Symposium on Information Systems","acronym":"SBSI '24","location":"Juiz de Fora Brazil"},"container-title":["Proceedings of the 20th Brazilian Symposium on Information Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658321.3658363","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658321.3658363","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T13:06:18Z","timestamp":1755867978000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658321.3658363"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,20]]},"references-count":33,"alternative-id":["10.1145\/3658321.3658363","10.1145\/3658271"],"URL":"https:\/\/doi.org\/10.1145\/3658321.3658363","relation":{},"subject":[],"published":{"date-parts":[[2024,5,20]]},"assertion":[{"value":"2024-05-23","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}