|
| |
|
|
Information security management of small business
Nguyen, Hoai Nam ; Tran,, Manh Hung (referee) ; Ondrák, Viktor (advisor)
The aim of this bachelor's thesis is to analyse the company's ISMS and to propose certain measures based on the found shortcomings. The introductory part of the thesis focuses on a summary of the theoretical foundations in the field of information security, with the key element being the set of standards ISO/IEC 27000. The analytical part describes the current state of ISMS in a specific company. In the practical part, appropriate measures are selected according to the result of the analysis.
|
|
|
Deployment of a DLP solution in an energy company
Přikryl, Adam ; Veselý Jindřich, Ing., MBA (referee) ; Sedlák, Petr (advisor)
The diploma thesis deals with the assessment of the deployment of DLP solutions in an energy company with the consideration of transition to another supplier. The first part summarizes the theoretical background needed to understand the issues of data protection and DLP systems. The second part provides an analysis of the current state of the company. The third part presents a proposed solution, which is based on the theoretical background and analysis of the current state, includes a description of the systems, a proposal for switching to another supplier and an economic evaluation.
|
|
|
Mapping Cyber Security Measures: From Legislation to Technical Implementation
Hopp, Jiří ; MSc, Mezera Michal, (referee) ; Sedlák, Petr (advisor)
In my thesis, I focused on creating a systematic tool for mapping technical measures and mitigations to national legislative cybersecurity requirements. I conducted an analysis of the addressed issue, which revealed opportunities for developing the tool and revealed forthcoming changes in legislative requirements based on the EU directive NIS2. In the following part of the thesis, I described the design and development of the mentioned tool in the form of a table. The tool met the client's requirements and mapped relevant technical measures to individual points of the current and NIS2-derived legislative requirements. Based on consultations with the client, I determined that the objectives outlined in the thesis were successfully met and that the developed tool will be utilized in a real-world environment.
|
|
|
ISMS Implementation in the Enterprise
Pawlik, Jan ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
This master thesis deals with the implementation of the information security management system according to the standard ISO/IEC 27 001 in the environment of a small company. In the first part, it focuses on the theoretical background of the information security. The second part deals with the analysis of the company and concept of a company's measures to increase the security of information within the selected company.
|
|
|
Information Security Management in Healthcare Organization
Hajný, Jiří ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
The diploma thesis focuses on implementation and deployment of information security management system (ISMS) into healthcare organizations. Specifies what is required to include in this process and what not to forget. It includes a risk analysis of a branch of the selected company, and for it is written a safety guide. Safety guide provides advice and recommendations regarding security in terms of human resources, physical security, ICT security and other aspects that should be included in the ISMS deployment in healthcare organizations. The work also reflects the newly emerging law on cyber security. It is expected that the law will also address cyber security in healthcare.
|
|
|
Solution of Internal Threats in the Information Security Management System
Trčka, Martin ; Sopuch, Zbyněk (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with internal threats in the organization and their restriction with the assistance of DLP system. The first part of the thesis discusses the information security management system and describes requirements for the introduction of the ISO/IEC 27000 standards series. Next chapters detail internal threats and technical description of the DLP system. The second part of the thesis analyzes the organization and describes the process of implementation of DLP solution, which aims to reduce internal threats. The conclusion of the thesis describes acceptance agreement and financial evaluation of the implementation.
|
|
| |
|
|
Acquisition of email communication security service according to ISMS
Foltýn, Adam ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
The diploma thesis focuses on a proposal of acquisition of email communication security service according to ISMS for a company which provides trading services on financial markets. The thesis is divided into three parts. In the theoretical part, necessary terms and theoretical essentials are explained in order to ensure understanding of the following parts of the thesis. The following analytical part describes the company's current security status of information. As a solution in the final part of the thesis, partial risk analyses are conducted. Based on these, suitable options for email communication security measures are proposed as well as their the economical evaluation.
|
|
|
Design for ITSM implementation with the use of the ITIL framework focusing on security
Antalík, Dominik ; Foss, Stanislav (referee) ; Sedlák, Petr (advisor)
The diploma thesis solves proposals for improving the quality of providing IT services and their optimization in the interest of the company and its business goals. For the needs of user-friendly IT services with optimized cost, the processes, functions, roles of employees and technology need to be a benefit for the business. By adopting and adapting the ITIL framework, it will be possible to increase the efficiency and effectiveness of providing IT services, to clearly define the IT service management and to define the main processes with the relevant objectives. The ITIL framework uses best practices that have been successfully used in other organizations. Practically proven processes, improved service quality and long-term optimization with continuous improvement offer cost-cutting potential. ISO/IEC 27013:2015 provides guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 200001 will be helpful in maintaining the integrity of the current information security management system with the design of IT services management.
|
guest ::
