Towards Automated Information Security Governance

Ariane Trammell, Benjamin Gehring, Marco Isele, Yvo Spielmann, Valentin Zahnd

2024

Abstract

Securing a company is not an easy task. Many organizations such as NIST, CIS, or ISO offer frameworks that offer comprehensive security measures. However, those frameworks are generally large and require expert knowledge to be tailored to a given organization. Since such experts are rare, we propose an automated solution that selects security controls and prioritizes them according to an organizations need. We performed initial steps towards the implementation of the proposed solution by evaluating how Natural Language Processing can be used to select security controls that are relevant for the assets of a company and by showing that we can prioritize the selected controls based on the current threat landscape. We expect the proposed solution to be a major benefit for all organizations that intend to improve their security posture but are limited in specialized personnel.

Download


Paper Citation


in Harvard Style

Trammell A., Gehring B., Isele M., Spielmann Y. and Zahnd V. (2024). Towards Automated Information Security Governance. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 120-127. DOI: 10.5220/0012357500003648


in Bibtex Style

@conference{icissp24,
author={Ariane Trammell and Benjamin Gehring and Marco Isele and Yvo Spielmann and Valentin Zahnd},
title={Towards Automated Information Security Governance},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={120-127},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012357500003648},
isbn={978-989-758-683-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Towards Automated Information Security Governance
SN - 978-989-758-683-5
AU - Trammell A.
AU - Gehring B.
AU - Isele M.
AU - Spielmann Y.
AU - Zahnd V.
PY - 2024
SP - 120
EP - 127
DO - 10.5220/0012357500003648
PB - SciTePress