Towards Automated Modelling of Large-scale Cybersecurity Transformations: Potential Model and Methodology

Artur Rot, Bartosz Blaicke

2019

Abstract

The purpose of this paper is to propose a proprietary methodology and model to generate a “cybersecurity transformation workplan” for large organizations that can improve their cybersecurity posture. The key input is based on risk-based assessment or maturity-based questionnaires depending on existing governance processes and available information. The original scoring can be then used to prioritize a portfolio of all possible initiatives by selecting the ones that are missing from typical foundation elements or would have high potential impact in relation to required investment and effort. Additional constraints such as budget limitation and FTE availability, logical sequencing and time requirements could be added to ensure effective use of company resources and actionability of the recommendations. The Gantt-like output would ease the burden on the security teams by providing an individualized set of activities to be implemented to improve risk posture.

Download


Paper Citation


in Harvard Style

Rot A. and Blaicke B. (2019). Towards Automated Modelling of Large-scale Cybersecurity Transformations: Potential Model and Methodology.In Proceedings of the 21st International Conference on Enterprise Information Systems - Volume 2: ICEIS, ISBN 978-989-758-372-8, pages 345-350. DOI: 10.5220/0007763703450350


in Bibtex Style

@conference{iceis19,
author={Artur Rot and Bartosz Blaicke},
title={Towards Automated Modelling of Large-scale Cybersecurity Transformations: Potential Model and Methodology},
booktitle={Proceedings of the 21st International Conference on Enterprise Information Systems - Volume 2: ICEIS,},
year={2019},
pages={345-350},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007763703450350},
isbn={978-989-758-372-8},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 21st International Conference on Enterprise Information Systems - Volume 2: ICEIS,
TI - Towards Automated Modelling of Large-scale Cybersecurity Transformations: Potential Model and Methodology
SN - 978-989-758-372-8
AU - Rot A.
AU - Blaicke B.
PY - 2019
SP - 345
EP - 350
DO - 10.5220/0007763703450350