Antonio Santos-Olmo ParraUniversity of Castilla-La Mancha
Antonio Santos-Olmo Parra
Doctor of Engineering
About
59
Publications
24,366
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
241
Citations
Publications
Publications (59)
In the context of the growing cybersecurity challenges for governments, this work presents a holistic cybersecu-rity framework specifically designed for e-Governments, distinguished by integrating recent advancements in risk management, regulatory compliance, and secure data exchange technologies, with a focus on strategic cybersecurity governance....
The information society depends increasingly on risk assessment and management systems as means to adequately protect its key information assets. The availability of these systems is now vital for the protection and evolution of companies. However, several factors have led to an increasing need for more accurate risk analysis approaches. These are:...
As the Internet of Things (IoT) becomes more integral across diverse sectors, including healthcare, energy provision and industrial automation, the exposure to cyber vulnerabilities and potential attacks increases accordingly. Facing these challenges, the essential function of an Information Security Management System (ISMS) in safeguarding vital i...
Increasing digitisation in the maritime domain and the intensive use of information technologies have become essential for the effective functioning of systems that manage navigation, communications, sensors and weapons throughout the maritime chain. In this context, the issuance and enforcement of international standards and policies are seeking t...
In recent decades, the production of information in studies and research papers on the subject of cybersecurity have addressed the convenience of developing cyberdefense capabilities regardless of whether the scope is industrial or military, corporate or State. However, despite the generation of policies to contribute to the synergy of protection,...
The Information Security Management Systems (ISMS) are global and risk-driven processes that allow companies to develop their cybersecurity strategy by defining security policies, valuable assets, controls, and technologies for protecting their systems and information from threats and vulnerabilities. Despite the implementation of such management i...
Information and communication technologies are fomenting a highly connected and modern society. This modernization is making innumerable improvements to our daily lives (e.g., transport, health, communications, business, efficiency, entertainment, and so on). However, it is also creating a complex and interconnected ecosystem of security risks that...
Cyber-physical systems (CPSs) are smart systems that include engineered interacting networks of physical and computational components. CPSs have an increasingly presence on critical infrastructures and an impact in almost every aspect of our daily life, including transportation, healthcare, electric power, and advanced manufacturing. However, CPSs...
The importance of data security is currently increasing owing to the number of data transactions that are continuously taking place. Large amounts of data are generated, stored, modified and transferred every second, signifying that databases require an appropriate capacity, control and protection that will enable them to maintain a secure environm...
Data is one of the most important assets for all types of companies, which have undoubtedly grown their quantity and the ways of exploiting them. Big Data appears in this context as a set of technologies that manage data to obtain information that supports decision-making. These systems were not conceived to be secure, resulting in significant risk...
Society is increasingly dependent on Information Security Management Systems (ISMS), and having these kind of systems has become vital for the development of Small and Medium-Sized Enterprises (SMEs). However, these companies require ISMS that have been adapted to their special features and have been optimized as regards the resources needed to dep...
The information society is increasingly more dependent on Information Security Management Systems (ISMSs), and the availability of these kinds of systems is now vital for the development of Small and Medium-Sized Enterprises (SMEs). However, these companies require ISMSs that have been adapted to their special features, and which are optimized as r...
During the reform of computer engineering degrees, the emergence of the concept of competence has not helped students better understand the extent to achieve the objectives of the different subjects, or to make better decisions about next steps in their careers. This article is intended to show the results obtained during the investigation, which h...
The information society is increasingly dependent Information Systems Security Management (ISMS) and knowledge of the security risks associated with its assets value. However, very few risk analysis methodologies have been raised as to create systems to analyze risks in a quick and economical, and which in turn can leave this system dynamically upd...
The concept of competence, which emerged during the reform of computer engineering degrees, has not brought benefits to companies when attempting to select the most suitable candidates for their jobs. This article aims to show some of the research that has been conducted to determine why companies have not found these skills useful and how both can...
En una sociedad gobernada por la información, las empresas y en particular las PYMES, dependen cada vez más de la capacidad de poder asegurar la información, no sólo internamente, sino a través de terceros que estén dispuestos a establecer pólizas de seguros sobre dicha información. Pero cuando estamos hablando de activos intangibles, las asegurado...
Desarrollando una metodología de análisis de riesgos para que el sector asegurador pueda tasar los riesgos en las PYMES Resumen—En una sociedad gobernada por la información , las empresas y en particular las PYMES, dependen cada vez más de la capacidad de poder asegurar la información , no solo internamente, sino con terceros que estén dispuestos a...
In some sectors, where common business processes are run, quality and security of data play a paramount role. In order to better estimate if levels of quality and security of data are properly achieved, some process-focused methodological artifacts are required. Given the very nature of each sector, such artifacts should be conveniently adapted and...
En una sociedad basada en la información, los Sistemas de Gestión de Seguridad (SGSIs) son cada vez más críticos para las empresas, pero no sólo estos sistemas, sino también la posibilidad de poder conocer con exactitud los riesgos a los que están sometidos los activos de información y el valor objetivo que tienen estos activos. El presente artícul...
In a globalised and competitive business environment like that of the present, companies are increasingly more dependent upon their information systems, since these systems have proved to be a highly important factor in increasing their level of competitiveness. Companies have therefore become aware that the information and the processes that suppo...
The information society is increasingly more dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has become crucial to the evolution of Small and Medium-size Enterprises (SMEs). However, this type of companies requires ISMSs which have been adapted to their specific characteristics, and these system...
La sociedad de la información cada vez depende más de los Sistemas de Gestión y Análisis del Riesgo al que se encuentran sometidos sus principales activos de información, y poder disponer de estos sistemas ha llegado a ser vital para la evolución de las PYMES. Sin embargo, este tipo de compañías requiere que estos sistemas estén adaptados a sus esp...
The process of writing honours theses is based on a set of general and specific competences which, in the majority of cases, entail a high level of abstraction and ambiguity. What is more, the apparition of these competences has not helped students towards a better understanding of the extent to which they attain the objectives of their various sub...
As a result of the growing dependence of information society on ICTs, the need to know the risks that can affect information is enormously increasing with the purpose of protecting it. This article shows advances in the identification and management of risks in ICTs, particularly in the case of SMEs, along with the first proposal of a methodology f...
In a society based on information, the Safety Management Systems (ISMS) are increasingly critical for businesses. Within the Management of Information Security issues are very critical in certain sectors, such as the processing of personal data for the Health Sector, where a bad use of them can mean irreparable damage to their owners and organizati...
La sociedad de la información cada vez depende más de los Sistemas de Gestión de la Seguridad de la Información (SGSI), y poder disponer de estos sistemas ha llegado a ser vital para la evolución de las PYMES. Sin embargo, este tipo de compañías requiere de SGSIs adaptados a sus especiales características, y que estén optimizados desde el punto de...
The information society is ever-increasingly dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has come to be vital to the evolution of SMEs. However, this type of companies requires ISMSs which have been adapted to their particular characteristics, and which are optimised from the point of view o...
In a society based on information, the Information Security Management Systems (ISMSs) are increasingly critical for businesses. Within the Management of Information Security issues are very critical in certain sectors, such as processing of personal data for the Health Sector where the misuse of them can mean irreparable damage to their owners and...
El proceso de elaboración de las memorias de grado (en concreto en el caso del Grado en Ingeniería Informática), se ha basado en un conjunto de competencias generales y específicas, que en la mayoría de los casos entrañan un alto nivel de abstracción y ambigüedad. Este hecho ha dificultado considerablemente la forma de asociar asignaturas con compe...
The information society is ever-increasingly dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has come to be vital to the evolution of SMEs. However, this type of companies requires ISMSs which have been adapted to their particular characteristics, and which are optimised from the point of view o...
The information society is increasingly more dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has become crucial to the evolution of Small and Medium-size Enterprises (SMEs). However, this type of companies requires ISMSs which have been adapted to their specific characteristics, and these system...
A menudo, la llamada a los pacientes para consulta, en los hospitales o centros sanitarios, se realiza de viva voz (Difusión de datos). Sin embargo, tanto la difusión como la publicación de los nombres de los pacientes que acuden a una consulta vulnera el artículo 10 de la actual Ley Orgánica de Protección de Datos (LOPD), lo cual, constituye una f...
Information Society depends more and more on Information Security Management Systems (ISMSs) and the availability of these systems has become vital for SMEs’ evolution. However, this kind of companies need that ISMSs are adapted to their special characteristics as well as optimized from the viewpoint of the necessary resources to implement and main...
La sociedad de la información cada vez depende más de los Sistemas de Gestión de la Seguridad de la Información (SGSI), y poder disponer de estos sistemas ha llegado a ser vital para la evolución de las PYMES. Sin embargo, este tipo de compañías requiere de SGSIs adaptados a sus especiales características, y que estén optimizados desde el punto de...
The information society depends ever-increasingly on Information Security Management Systems (ISMSs), and these systems have become vital to SMEs. However, ISMSs must be adapted to SME’s specific characteristics, and they must be optimised from the point of view of the resources which are necessary to install and maintain them. Furthermore, when in...
La sociedad de la información cada vez depende más de los Sistemas de Gestión y Análisis del Riesgo al que se encuentran sometidos sus principales activos de información, y poder disponer de estos sistemas ha llegado a ser vital para la evolución de las PYMES. Sin embargo, este tipo de compañías requiere que estos sistemas estén adaptados a sus esp...
La sociedad de la información cada vez depende más de los Sistemas de Gestión de la Seguridad de la Información (SGSI), y poder disponer de estos sistemas ha llegado a ser vital para la evolución de las PYMES. Sin embargo, este tipo de compañías requiere de SGSIs adaptados a sus especiales características, y que estén optimizados desde el punto de...
The information society is increasingly more dependent upon Information Security Management Systems (ISMSs), and the availability of these systems has become crucial to the evolution of Small and Medium-size Enterprises (SMEs). However, this type of Companies requires ISMSs which have been adapted to their specific characteristics. In this paper we...
Due to the growing dependence of information society on Information and Communication Technologies, the need to protect information is getting more and more important for enterprises. In this context, Information Security Management Systems (ISMSs), have arisen for supporting the processes and systems for effectively managing information security....
Due to the growing dependence of information society on Information and Communication Technologies (ICTs), the need to protect information is getting more and more important for enterprises. In this context, Information Security Management Systems (ISMSs), that are very important for the stability of the information systems of enterprises, have ari...
En un entorno empresarial globalizado y competitivo como el existente en la actualidad, las compañías dependen cada vez más de sus sistemas de información, pues se ha demostrado que tienen una enorme influencia para aumentar su nivel de competitividad. Pero sin una adecuada gestión de la seguridad estos sistemas de información carecen de valor real...
Para garantizar la subsistencia de las empresas y la evolución de sus modelos empresariales, éstas deben poder garantizar la seguridad de sus sistemas de información, pero esto requiere que las empresas conozcan en todo momento el nivel de madurez de su seguridad y hasta qué punto esta debe evolucionar para ser adecuada. Actualmente las empresas re...
Para garantizar la subsistencia de las empresas y la evolución de sus modelos empresariales, éstas deben poder garantizar la seguridad de sus sistemas de información, pero ésto requiere que las empresas conozcan en todo momento el nivel de madurez de su seguridad y hasta qué punto debe evolucionar la seguridad de su sistema de información. En las p...
Para que las empresas puedan utilizar las tecnologías de la información y las comunicaciones con garantías, es necesario disponer de un sistema de gestión de seguridad adecuado y herramientas que permitan gestionarlo. En las pequeñas y medianas empresas, la aplicación de normativas de seguridad cuenta con el problema adicional de no tener recursos...