loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Ariane Trammell 1 ; Benjamin Gehring 1 ; Marco Isele 2 ; Yvo Spielmann 3 and Valentin Zahnd 4

Affiliations: 1 Zurich University of Applied Sciences ZHAW, Winterthur, Switzerland ; 2 Stadt Winterthur, Winterthur, Switzerland ; 3 StepStone Group, Zurich, Switzerland ; 4 Secuteer GmbH, Zurich, Switzerland

Keyword(s): Security Management, Security Controls, Governance Risk and Compliance (GRC), Automation.

Abstract: Securing a company is not an easy task. Many organizations such as NIST, CIS, or ISO offer frameworks that offer comprehensive security measures. However, those frameworks are generally large and require expert knowledge to be tailored to a given organization. Since such experts are rare, we propose an automated solution that selects security controls and prioritizes them according to an organizations need. We performed initial steps towards the implementation of the proposed solution by evaluating how Natural Language Processing can be used to select security controls that are relevant for the assets of a company and by showing that we can prioritize the selected controls based on the current threat landscape. We expect the proposed solution to be a major benefit for all organizations that intend to improve their security posture but are limited in specialized personnel.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.117.94.20

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Trammell, A.; Gehring, B.; Isele, M.; Spielmann, Y. and Zahnd, V. (2024). Towards Automated Information Security Governance. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-683-5; ISSN 2184-4356, SciTePress, pages 120-127. DOI: 10.5220/0012357500003648

@conference{icissp24,
author={Ariane Trammell. and Benjamin Gehring. and Marco Isele. and Yvo Spielmann. and Valentin Zahnd.},
title={Towards Automated Information Security Governance},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP},
year={2024},
pages={120-127},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012357500003648},
isbn={978-989-758-683-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP
TI - Towards Automated Information Security Governance
SN - 978-989-758-683-5
IS - 2184-4356
AU - Trammell, A.
AU - Gehring, B.
AU - Isele, M.
AU - Spielmann, Y.
AU - Zahnd, V.
PY - 2024
SP - 120
EP - 127
DO - 10.5220/0012357500003648
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic