@article{10902/32701, year = {2024}, month = {3}, url = {https://hdl.handle.net/10902/32701}, abstract = {The Information Security Management Systems (ISMS) are global and risk-driven processes that allow companies to develop their cybersecurity strategy by defining security policies, valuable assets, controls, and technologies for protecting their systems and information from threats and vulnerabilities. Despite the implementation of such management infrastructures, incidents or security breaches happen. Each incident has associated a level of severity and a set of mitigation controls, so in order to restore the ISMS, the appropriate set of controls to mitigate their damage must be selected. The time in which the ISMS is restored is a critical aspect. In this sense, classic solutions are efficient in resolving scenarios with a moderate number of incidents in a reasonable time, but the response time increases exponentially as the number of incidents increases. This makes classical solutions unsuitable for real scenarios in which a large number of incidents are handled and even less appropriate for scenarios in which security management is offered as a service to several companies. This paper proposes a solution to the incident response problem that acts in a minimal amount of time for real scenarios in which a large number of incidents are handled. It applies quantum computing, as a novel approach that is being successfully applied to real problems, which allows us to obtain solutions in a constant time regardless of the number of incidents handled. To validate the applicability and efficiency of our proposal, it has been applied to real cases using our framework (MARISMA).}, organization = {Open Access funding provided thanks to the CRUE-CSIC agreement with Springer Nature. This work has been developed within the AETHER-UCLM (PID2020-112540RB-C42) funded by MCIN/AEI/10.13039/501100011033, ALBA-UCLM (TED2021-130355B-C31, id.4809130355-130355-28-521), ALBA-UC (TED2021-130355B-C33, id.3611130630-130630-28-521) funded by "Ministerio de Ciencia e Innovación", and supported by the European Union’s Horizon 2020 Project "CyberSANE" under Grant Agreement No. 833683.}, publisher = {Springer New York LLC}, publisher = {Software Quality Journal, 2024, 32(1), 163-192}, title = {Minimizing incident response time in real-world scenarios using quantum computing}, author = {Serrano, Manuel A. and Sánchez Crespo, Luis Enrique and Santos Olmo, Antonio and Rosado, David A. and Blanco Bueno, Carlos and Barletta, Vita Santa and Caivano, Danilo and Fernández Medina, Eduardo}, }