Vplyv regulácií ISO 27001 a SOX na riadenie bezpečnosti informácií podniku / Impact of regulations ISO 27001 and SOX on information security management in enterprises

Bystrianska, Lucia

January 2015

The master thesis has analytical character and focuses on information security issues in enterprises. The mail goal of this thesis is to evaluate the impact of implemented standard ISO/IEC 27001 and regulation by American law SOX to overall information security. In order to preform the analysis, two medium-sized companies from the segment of services were selected: the first one with ISO/IEC 27001 certification and the second one regulated by SOX. The structure of the thesis contributes gradually with its steps to meet the goal. The first three chapters provide a theoretical basis for the analysis of information security. They contain a summary of key processes and tools essential for ensuring the information security and are based on the best practices included within the latest standards and methodologies and on practical experience. These chapters provide the basis for an evaluation guidance including criteria groups and defined variants of implemented security, which is described in the fourth chapter. The analysis of information security and the impact of regulations is part of the fifth chapter of this document. The sixth chapter contains final assessment and comparison of the impact, which the regulations have on information security of the selected companies. The final chapter summarizes and evaluates the results achieved with regards to the goal.

Přiměřená ochrana informací / Adequate information security

Drtil, Jan

January 2009

Abstract 1) Goal of the thesis There is an assumption that companies are nowadays spending money on IT Security not according to the importance of the information for the company. In order to prove it or not, this thesis is about to check it. In case that this is true, the aim of this thesis will be to find out the methodology that can be used to verify, whether money are spent effective and efficiently or not. 2) Aiming of the thesis From the content point of view the focus of this work is information security methodics. From the research point of view the research was conducted on medium and small organisations in automotive, mainly due to the fact that automotive industry is an important part of our national economy (approx. 8% of GDP). 3) Outcomes of the thesis From the theory point of view the definition of "adequacy" of the information security was set. Adequacy consists of two parts -- the value of information, and the importance of information. The way how to determine both value and importance was found as well. From the reality point of view there was a finding that researched organisations do not undergo any systematic approach in the information security, what can negatively impact the frequency and importance of security incidents in the organisations. One of the main results of the research is the fact that in case there is a need to make effective and efficient information security based on the support of the management of the company. Finally, the next result is creating and verification of the "Adequate information security methodology", which can be used by managers in order to increase effectiveness and efficiency of the sources spent on information security. There is an extension of this Methodology covering the individuality of the decision maker and circumstances that influence him.

Measuring the Impact of email Headers on the Predictive Accuracy of Machine Learning Techniques

Tout, Hicham Refaat

01 January 2013

The majority of documented phishing attacks have been carried by email, yet few studies have measured the impact of email headers on the predictive accuracy of machine learning techniques in detecting email phishing attacks. Research has shown that the inclusion of a limited subset of email headers as features in training machine learning algorithms to detect phishing attack did increase the predictive accuracy of these learning algorithms. The same research also recommended further investigation of the impact of including an expanded set of email headers on the predictive accuracy of machine learning algorithms. In addition, research has shown that the cost of misclassifying legitimate emails as phishing attacks--false positives--was far higher than that of misclassifying phishing emails as legitimate--false negatives, while the opposite was true in the case of fraud detection. Consequently, they recommended that cost sensitive measures be taken in order to further improve the weighted predictive accuracy of machine learning algorithms. Motivated by the potentially high impact of the inclusion of email headers on the predictive accuracy of machines learning algorithms and the significance of enabling cost-sensitive measures as part of the learning process, the goal of this research was to quantify the impact of including an extended set of email headers and to investigate the impact of imposing penalty as part of the learning process on the number of false positives. It was believed that if email headers were included and cost-sensitive measures were taken as part of the learning process, than the overall weighted, predictive accuracy of the machine learning algorithm would be improved. The results showed that adding email headers as features did improve the overall predictive accuracy of machine learning algorithms and that cost-sensitive measure taken as part of the learning process did result in lower false positives.

email based attacks

information security

logistic regression

machine learning

phishing

privacy and security

Computer Sciences

A Domain Specific Language for Digital Forensics and Incident Response Analysis

Stelly, Christopher D

20 December 2019

One of the longstanding conceptual problems in digital forensics is the dichotomy between the need for verifiable and reproducible forensic investigations, and the lack of practical mechanisms to accomplish them. With nearly four decades of professional digital forensic practice, investigator notes are still the primary source of reproducibility information, and much of it is tied to the functions of specific, often proprietary, tools. The lack of a formal means of specification for digital forensic operations results in three major problems. Specifically, there is a critical lack of: a) standardized and automated means to scientifically verify accuracy of digital forensic tools; b) methods to reliably reproduce forensic computations (their results); and c) framework for inter-operability among forensic tools. Additionally, there is no standardized means for communicating software requirements between users, researchers and developers, resulting in a mismatch in expectations. Combined with the exponential growth in data volume and complexity of applications and systems to be investigated, all of these concerns result in major case backlogs and inherently reduce the reliability of the digital forensic analyses. This work proposes a new approach to the specification of forensic computations, such that the above concerns can be addressed on a scientific basis with a new domain specific language (DSL) called nugget. DSLs are specialized languages that aim to address the concerns of particular domains by providing practical abstractions. Successful DSLs, such as SQL, can transform an application domain by providing a standardized way for users to communicate what they need without specifying how the computation should be performed. This is the first effort to build a DSL for (digital) forensic computations with the following research goals: 1) provide an intuitive formal specification language that covers core types of forensic computations and common data types; 2) provide a mechanism to extend the language that can incorporate arbitrary computations; 3) provide a prototype execution environment that allows the fully automatic execution of the computation; 4) provide a complete, formal, and auditable log of computations that can be used to reproduce an investigation; 5) demonstrate cloud-ready processing that can match the growth in data volumes and complexity.

cyber

security

incident

response

digital

forensics

Information Security

Programming Languages and Compilers

Evaluation of Two-Dimensional Codes for Digital Information Security in Physical Documents

Chen, Shuai

17 July 2015

Nowadays, paper documents are still frequently used and exchanged in our daily life. To safely manage confidential paper information such as medical and financial records has increasingly become a challenge. If a patient's medical diagnosis get stolen or dumped without shredding, his or her private information would be leaked. Some companies and organizations do not pay enough attention to the problem, letting their customers suffer the loss. In the thesis, I designed a hybrid system to solve this problem effectively and economically. This hybrid system integrates physical document properties with digital security technology, which brings in a revolutionary idea for processing sensitive paper information in modern world. Based on that, I focus on different QR code sizes and versions, compare their attributes and relations, and find the best QR code size and version according to data amount in a given area. Finally I implement them in CryptoPaper word plugin, using several test cases to test the functionality of it.

CryptoPaper

Information security

QR codes

Paper documents

Evaluation

word add-in

Digital Communications and Networking

A study on the internal security of companies : Internal practices regarding risks in digitised working environments and employees relation to information security / En studie om företags interna säkerhet

Södereng, Rebecca, Gallon, Clara

January 2021

Internal practices are fundamental to companies information security, as organisations become digitised. This study investigates how four companies work with internal security, as well as the external impact factors that can affect the security. For example, the general information security awareness among employees is studied, as is the impact of the COVID-19 pandemic. By conducting interviews with one representative at each company, and by studying literature, the study aims to enlighten differences and similarities as well as strengths and weaknesses in the companies security work. In conclusion, the study showed that the four companies had a similar view on the prioritisation of security and the importance of it, although they differed a lot in the applied practices and use of policies. The two larger companies had a more profound security work, regulated by documents and policies. In contrary, the two smaller companies for the most part used common sense as their approach to employees security mindset. The COVID-19 pandemic did not seem to affect the companies security work to a large extent. Although, they did see an increase in the amount of IT attacks and therefore the security could be argued to be in need of further assessment.

Information security

internal security

organisations

threats and risks

covid-19

Computer and Information Sciences

Data- och informationsvetenskap

The Performance Cost of Security

Bowen, Lucy R

01 June 2019

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon. To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. This suite was run on a series of virtual machines that tested both Ubuntu 16 and Ubuntu 18. These tests investigated the performance change across version updates and the performance impact of CPU core number vs. default microarchitectural mitigations. The testing proved that the performance impact of the microarchitectural mitigations is non-trivial, as the percent difference in performance can be as high as 200%.

Security

Microarchitecture Attack

Cache Attack

Timing Attack

Meltdown

Spectre

Information Security

Risk Analysis

Systems Architecture

Návrh bezpečnostního řešení perimetru organizace / The Design of a Perimeter Security Solution of an Organization

Dupač, Viktor

January 2017

This thesis describes the design of a perimeter security solution of an organisation. In the first part of this thesis I am describing some theoretical basics and since chapter six I start describing the main topic of this thesis. In the first logical part of the main topic part I am describing a present situation of an organisation and starting the planning of the solution. In the second logical part of the main topic part I am describing the router Turris Omnia. In that part I am describing this device from different angles. Then next logical part describes the final solution of a perimeter security solution of an organisation. And finally after that there is the part of the evaluation and benefits of this thesis and the conclusion of this thesis.

Posouzení informačního systému firmy a návrh změn / Information System Assessment and Proposal of ICT Modification

Kašpárek, David

January 2018

The Master's thesis is aimed at the analysis of the information system of VOŠ a SPŠ Žďár nad Sázavou and improvement proposal in the sphere of communication. The focus is on the processes related to the e-mail communication management and communication in general, be it outside or inside the organization. The thesis contains communication means proposal which should help to define appropriate IT support for the processes related to communication. Means of information security are mentioned on a basic level, risk assessment is included as well.

Návrh zavedení bezpečnostních opatření v souladu s ISMS pro společnost / Implementation of ISMS security countermeasures proposal for a company

Vyhňák, Petr

January 2019

The master thesis deals with the proposal of introduction security countermeasures in accordance with the information security management system for the company. The theoretical part is defined in the first part of the thesis. The next part introduces the company, describes the current state of security and analysis security countermeasures with the help of supporting material. The last part includes the proposal to introduce new security countermeasures. The thesis includes risk analysis, design of selected security countermeasures including the implementation procedure with a time schedule and economic evaluation.