Please use this identifier to cite or link to this item:
https://doi.org/10.21256/zhaw-30377Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Trammell, Ariane | - |
| dc.contributor.author | Gehring, Benjamin | - |
| dc.contributor.author | Isele, Marco | - |
| dc.contributor.author | Spielmann, Yvo | - |
| dc.contributor.author | Zahnd, Valentin | - |
| dc.date.accessioned | 2024-03-27T12:25:57Z | - |
| dc.date.available | 2024-03-27T12:25:57Z | - |
| dc.date.issued | 2024 | - |
| dc.identifier.isbn | 978-989-758-683-5 | de_CH |
| dc.identifier.uri | https://digitalcollection.zhaw.ch/handle/11475/30377 | - |
| dc.description.abstract | Securing a company is not an easy task. Many organizations such as NIST, CIS, or ISO offer frameworks that offer comprehensive security measures. However, those frameworks are generally large and require expert knowledge to be tailored to a given organization. Since such experts are rare, we propose an automated solution that selects security controls and prioritizes them according to an organizations need. We performed initial steps towards the implementation of the proposed solution by evaluating how Natural Language Processing can be used to select security controls that are relevant for the assets of a company and by showing that we can prioritize the selected controls based on the current threat landscape. We expect the proposed solution to be a major benefit for all organizations that intend to improve their security posture but are limited in specialized personnel. | de_CH |
| dc.language.iso | en | de_CH |
| dc.publisher | SciTePress | de_CH |
| dc.rights | http://creativecommons.org/licenses/by-nc-nd/4.0/ | de_CH |
| dc.subject | Security management | de_CH |
| dc.subject | Security control | de_CH |
| dc.subject | Governance risk and compliance (GRC) | de_CH |
| dc.subject | Automation | de_CH |
| dc.subject.ddc | 005: Computerprogrammierung, Programme und Daten | de_CH |
| dc.subject.ddc | 658: Allgemeines Management | de_CH |
| dc.title | Towards automated information security governance | de_CH |
| dc.type | Konferenz: Paper | de_CH |
| dcterms.type | Text | de_CH |
| zhaw.departement | School of Engineering | de_CH |
| zhaw.organisationalunit | Institut für Informatik (InIT) | de_CH |
| dc.identifier.doi | 10.5220/0012357500003648 | de_CH |
| dc.identifier.doi | 10.21256/zhaw-30377 | - |
| zhaw.conference.details | 10th International Conference on Information Systems Security and Privacy (ICISSP), Rome, Italy, 26-28 February 2024 | de_CH |
| zhaw.funding.eu | No | de_CH |
| zhaw.originated.zhaw | Yes | de_CH |
| zhaw.pages.end | 127 | de_CH |
| zhaw.pages.start | 120 | de_CH |
| zhaw.publication.status | publishedVersion | de_CH |
| zhaw.publication.review | Peer review (Publikation) | de_CH |
| zhaw.title.proceedings | Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP | de_CH |
| zhaw.webfeed | Information Security | de_CH |
| zhaw.funding.zhaw | Automated Information Security Governance and Risk Management | de_CH |
| zhaw.author.additional | No | de_CH |
| zhaw.display.portrait | Yes | de_CH |
| Appears in collections: | Publikationen School of Engineering | |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 2024_Trammell-etal_Towards-automated-information-security-governance.pdf | 493.42 kB | Adobe PDF |  View/Open |
Show simple item record
Trammell, A., Gehring, B., Isele, M., Spielmann, Y., & Zahnd, V. (2024). Towards automated information security governance [Conference paper]. Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP, 120–127. https://doi.org/10.5220/0012357500003648
Trammell, A. et al. (2024) ‘Towards automated information security governance’, in Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP. SciTePress, pp. 120–127. Available at: https://doi.org/10.5220/0012357500003648.
A. Trammell, B. Gehring, M. Isele, Y. Spielmann, and V. Zahnd, “Towards automated information security governance,” in Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP, 2024, pp. 120–127. doi: 10.5220/0012357500003648.
TRAMMELL, Ariane, Benjamin GEHRING, Marco ISELE, Yvo SPIELMANN und Valentin ZAHND, 2024. Towards automated information security governance. In: Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP. Conference paper. SciTePress. 2024. S. 120–127. ISBN 978-989-758-683-5
Trammell, Ariane, Benjamin Gehring, Marco Isele, Yvo Spielmann, and Valentin Zahnd. 2024. “Towards Automated Information Security Governance.” Conference paper. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP, 120–27. SciTePress. https://doi.org/10.5220/0012357500003648.
Trammell, Ariane, et al. “Towards Automated Information Security Governance.” Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP, SciTePress, 2024, pp. 120–27, https://doi.org/10.5220/0012357500003648.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.