{"id":"https://openalex.org/W4396918590","doi":"https://doi.org/10.1109/isdfs60797.2024.10527256","title":"Using ITIL as part of the NIST Cybersecurity Framework","display_name":"Using ITIL as part of the NIST Cybersecurity Framework","publication_year":2024,"publication_date":"2024-04-29","ids":{"openalex":"https://openalex.org/W4396918590","doi":"https://doi.org/10.1109/isdfs60797.2024.10527256"},"language":"en","primary_location":{"id":"doi:10.1109/isdfs60797.2024.10527256","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isdfs60797.2024.10527256","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 12th International Symposium on Digital Forensics and Security (ISDFS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5045684371","display_name":"S\u00e9rgio Ivan Lopes","orcid":"https://orcid.org/0000-0001-6944-7757"},"institutions":[{"id":"https://openalex.org/I185808892","display_name":"Polytechnic Institute of C\u00e1vado and Ave","ror":"https://ror.org/0448qsq10","country_code":"PT","type":"education","lineage":["https://openalex.org/I185808892"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"S\u00e9rgio Lopes","raw_affiliation_strings":["School of Technology, Polythecnic University of Cavado and Ave,Barcelos,Portugal","School of Technology, Polythecnic University of Cavado and Ave, Barcelos, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Technology, Polythecnic University of Cavado and Ave,Barcelos,Portugal","institution_ids":["https://openalex.org/I185808892"]},{"raw_affiliation_string":"School of Technology, Polythecnic University of Cavado and Ave, Barcelos, Portugal","institution_ids":["https://openalex.org/I185808892"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011114222","display_name":"Patr\u00edcia Leite","orcid":"https://orcid.org/0000-0002-6678-3912"},"institutions":[{"id":"https://openalex.org/I185808892","display_name":"Polytechnic Institute of C\u00e1vado and Ave","ror":"https://ror.org/0448qsq10","country_code":"PT","type":"education","lineage":["https://openalex.org/I185808892"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Patr\u00edcia Leite","raw_affiliation_strings":["2Ai &#x2013; School of Technology, IPCA,Barcelos,Portugal","LIACC - Artificial Intelligence and Computer Science Lab., Porto, Portugal"],"raw_orcid":"https://orcid.org/0000-0002-6678-3912","affiliations":[{"raw_affiliation_string":"2Ai &#x2013; School of Technology, IPCA,Barcelos,Portugal","institution_ids":["https://openalex.org/I185808892"]},{"raw_affiliation_string":"LIACC - Artificial Intelligence and Computer Science Lab., Porto, Portugal","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047601720","display_name":"Sandro Carvalho","orcid":"https://orcid.org/0000-0003-4470-4993"},"institutions":[{"id":"https://openalex.org/I185808892","display_name":"Polytechnic Institute of C\u00e1vado and Ave","ror":"https://ror.org/0448qsq10","country_code":"PT","type":"education","lineage":["https://openalex.org/I185808892"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Sandro Carvalho","raw_affiliation_strings":["Polythecnic University of Cavado and Ave.,Barcelos,Portugal","Polythecnic University of Cavado and Ave., Barcelos, Portugal","LIACC - Artificial Intelligence and Computer Science Lab., Porto, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Polythecnic University of Cavado and Ave.,Barcelos,Portugal","institution_ids":["https://openalex.org/I185808892"]},{"raw_affiliation_string":"Polythecnic University of Cavado and Ave., Barcelos, Portugal","institution_ids":["https://openalex.org/I185808892"]},{"raw_affiliation_string":"LIACC - Artificial Intelligence and Computer Science Lab., Porto, Portugal","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109716377","display_name":"Paulo Teixeira","orcid":null},"institutions":[{"id":"https://openalex.org/I185808892","display_name":"Polytechnic Institute of C\u00e1vado and Ave","ror":"https://ror.org/0448qsq10","country_code":"PT","type":"education","lineage":["https://openalex.org/I185808892"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Paulo Teixeira","raw_affiliation_strings":["Polythecnic University of Cavado and Ave.,Barcelos,Portugal","Polythecnic University of Cavado and Ave., Barcelos, Portugal","LIACC - Artificial Intelligence and Computer Science Lab., Porto, Portugal"],"raw_orcid":"https://orcid.org/0000-0002-7301-3211","affiliations":[{"raw_affiliation_string":"Polythecnic University of Cavado and Ave.,Barcelos,Portugal","institution_ids":["https://openalex.org/I185808892"]},{"raw_affiliation_string":"Polythecnic University of Cavado and Ave., Barcelos, Portugal","institution_ids":["https://openalex.org/I185808892"]},{"raw_affiliation_string":"LIACC - Artificial Intelligence and Computer Science Lab., Porto, Portugal","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I185808892"],"apc_list":null,"apc_paid":null,"fwci":0.6755,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.73041462,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9868999719619751,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9693999886512756,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-technology-infrastructure-library","display_name":"Information Technology Infrastructure Library","score":0.9689410924911499},{"id":"https://openalex.org/keywords/financial-management-for-it-services","display_name":"Financial management for IT services","score":0.7167690992355347},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.6650363206863403},{"id":"https://openalex.org/keywords/itil-security-management","display_name":"ITIL security management","score":0.6221071481704712},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.5545927286148071},{"id":"https://openalex.org/keywords/it-service-management","display_name":"IT service management","score":0.5417571067810059},{"id":"https://openalex.org/keywords/best-practice","display_name":"Best practice","score":0.5035528540611267},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.46299371123313904},{"id":"https://openalex.org/keywords/incident-management","display_name":"Incident management","score":0.4524296224117279},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.44916045665740967},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.43567195534706116},{"id":"https://openalex.org/keywords/information-security-management-system","display_name":"Information security management system","score":0.43379783630371094},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.43247413635253906},{"id":"https://openalex.org/keywords/service-management","display_name":"Service management","score":0.4201025664806366},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.3807353377342224},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.37131184339523315},{"id":"https://openalex.org/keywords/information-technology","display_name":"Information technology","score":0.32741665840148926},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3230060935020447},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.21358725428581238},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.1627417504787445},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.13730791211128235},{"id":"https://openalex.org/keywords/management","display_name":"Management","score":0.08924335241317749},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.0867772102355957},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.08039698004722595}],"concepts":[{"id":"https://openalex.org/C201359696","wikidata":"https://www.wikidata.org/wiki/Q152361","display_name":"Information Technology Infrastructure Library","level":3,"score":0.9689410924911499},{"id":"https://openalex.org/C64060820","wikidata":"https://www.wikidata.org/wiki/Q5449727","display_name":"Financial management for IT services","level":5,"score":0.7167690992355347},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.6650363206863403},{"id":"https://openalex.org/C114351632","wikidata":"https://www.wikidata.org/wiki/Q5974820","display_name":"ITIL security management","level":5,"score":0.6221071481704712},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.5545927286148071},{"id":"https://openalex.org/C2776664667","wikidata":"https://www.wikidata.org/wiki/Q1481411","display_name":"IT service management","level":4,"score":0.5417571067810059},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.5035528540611267},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.46299371123313904},{"id":"https://openalex.org/C2780952636","wikidata":"https://www.wikidata.org/wiki/Q13479512","display_name":"Incident management","level":2,"score":0.4524296224117279},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44916045665740967},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.43567195534706116},{"id":"https://openalex.org/C111153917","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management system","level":5,"score":0.43379783630371094},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.43247413635253906},{"id":"https://openalex.org/C48840187","wikidata":"https://www.wikidata.org/wiki/Q689042","display_name":"Service management","level":4,"score":0.4201025664806366},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3807353377342224},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.37131184339523315},{"id":"https://openalex.org/C121017731","wikidata":"https://www.wikidata.org/wiki/Q11661","display_name":"Information technology","level":2,"score":0.32741665840148926},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3230060935020447},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.21358725428581238},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.1627417504787445},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.13730791211128235},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.08924335241317749},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0867772102355957},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.08039698004722595},{"id":"https://openalex.org/C108713360","wikidata":"https://www.wikidata.org/wiki/Q1824206","display_name":"Supply chain","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C44104985","wikidata":"https://www.wikidata.org/wiki/Q492886","display_name":"Supply chain management","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/isdfs60797.2024.10527256","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isdfs60797.2024.10527256","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 12th International Symposium on Digital Forensics and Security (ISDFS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W133616359","https://openalex.org/W1494928303","https://openalex.org/W2540919429","https://openalex.org/W2564606625","https://openalex.org/W2767386741","https://openalex.org/W3036171501","https://openalex.org/W4206104241","https://openalex.org/W4238994256","https://openalex.org/W4240090692","https://openalex.org/W6629632281","https://openalex.org/W6999567573"],"related_works":["https://openalex.org/W2095516943","https://openalex.org/W2477103519","https://openalex.org/W2273313785","https://openalex.org/W4248952427","https://openalex.org/W2370448826","https://openalex.org/W2979662640","https://openalex.org/W2797426096","https://openalex.org/W36935566","https://openalex.org/W2181961211","https://openalex.org/W2603003242"],"abstract_inverted_index":{"Modern":[0],"organizations":[1,132,176],"face":[2],"increasing":[3],"challenges":[4],"in":[5,158],"managing":[6,119],"IT":[7,30,59,120,143,159],"services":[8,121],"while":[9],"maintaining":[10],"robust":[11,183],"information":[12],"security.":[13,124],"This":[14,104,149],"study":[15,150],"explores":[16],"the":[17,45,127,152,168],"potential":[18,77],"of":[19,44,49,55,129,142,154,171],"combining":[20],"two":[21],"established":[22],"frameworks,":[23,131],"ITIL":[24,92],"and":[25,33,47,62,94,101,115,122,140,162,182],"NIST":[26,63,95],"CSF,":[27,64],"to":[28,118],"optimize":[29],"service":[31,60,160],"management":[32,161],"strengthen":[34],"cybersecurity":[35,66],"practices.":[36],"The":[37],"analysis":[38,105],"commences":[39],"with":[40],"an":[41],"individual":[42],"examination":[43],"characteristics":[46],"benefits":[48],"both":[50,130,174],"frameworks.":[51],"ITIL,":[52],"a":[53,65,83,88,112,135,155],"set":[54],"best":[56],"practices":[57,93,172],"for":[58],"management,":[61],"framework,":[67],"offer":[68],"valuable":[69],"insights":[70],"when":[71],"used":[72],"independently.":[73],"However,":[74],"their":[75,108],"combined":[76,109],"is":[78],"particularly":[79],"promising.":[80],"By":[81,125],"employing":[82],"methodical":[84],"approach,":[85],"we":[86],"establish":[87],"clear":[89],"correlation":[90],"between":[91],"CSF":[96],"subcategories,":[97],"revealing":[98],"significant":[99],"similarities":[100],"complementary":[102],"aspects.":[103],"highlights":[106],"how":[107],"application":[110],"fosters":[111],"more":[113],"integrated":[114],"effective":[116],"approach":[117],"enhancing":[123],"leveraging":[126],"strengths":[128],"can":[133,177],"achieve":[134,178],"dual":[136],"benefit:":[137],"improved":[138],"quality":[139],"efficiency":[141],"services,":[144],"alongside":[145],"strengthened":[146],"cyber":[147,186],"defenses.":[148],"emphasizes":[151],"value":[153],"holistic":[156],"perspective":[157],"cybersecurity.":[163],"It":[164],"suggests":[165],"that":[166],"through":[167],"strategic":[169],"integration":[170],"from":[173],"fields,":[175],"sustainable":[179],"operational":[180],"excellence":[181],"protection":[184],"against":[185],"threats.":[187]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}
