DocumentCode :
1831583
Title :
Information Security Automation: How Far Can We Go?
Author :
Montesino, Raydel ; Fenz, Stefan
Author_Institution :
Inf. Security Dept., Univ. of Inf. Sci. (UCI), Havana, Cuba
fYear :
2011
fDate :
22-26 Aug. 2011
Firstpage :
280
Lastpage :
285
Abstract :
Information security management is a very complex task which involves the implementation and monitoring of more than 130 security controls. To achieve greater efficiency in this process it is necessary to automate as many controls as possible. This paper provides an analysis of how many controls can be automated, based on the standards ISO 27001 and NIST SP800-53. Furthermore, we take the automation potential of controls included in the Consensus Audit Guidelines into account. Finally, we provide an overview of security applications that support automation in the operation of information security controls to increase the efficiency of information security management.
Keywords :
ISO standards; security of data; ISO 27001 standard; NIST SP800-53 standard; consensus audit guidelines; information security automation; information security control; information security management; Automation; Guidelines; Information security; Monitoring; NIST;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location :
Vienna
Print_ISBN :
978-1-4577-0979-1
Electronic_ISBN :
978-0-7695-4485-4
Type :
conf
DOI :
10.1109/ARES.2011.48
Filename :
6045951
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1831583
بازگشت