Security level evaluation with F4SLE
Název česky | Hodnocení úrovně zabezpečení s F4LSE |
---|---|
Autoři | |
Rok publikování | 2023 |
Druh | Článek ve sborníku |
Konference | ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security |
Fakulta / Pracoviště MU | |
Citace | |
Doi | http://dx.doi.org/10.1145/3600160.3605045 |
Klíčová slova | security; cybersecurity; certification and standardisation; security evaluation |
Popis | In the realm of security measurements, extensive efforts have been made to evaluate and compare security levels at the country level, resulting in various indices. However, there has been a dearth of evaluations focusing on the information security posture of individual organizations and simultaneously on state-level status evaluation. Such evaluations hold significant potential for providing valuable feedback on the security status of organizations and facilitating assessments and supportive data-driven focused interventions at a national level. This study leverages the Framework for Security Level Evaluation (F4SLE) and the developed tool, Measurement Application for Self-assessing Security (MASS), to collect data for the evaluation. The paper presents diverse options for interpreting the collected data and establishes the foundation for an ongoing cross-country study. The results encompass the analysis of organization-level data and offer insights into overall approaches to security across organizations. This study is a preliminary step toward a more comprehensive information security examination. |
Související projekty: |