|
|
Implementation of a tool for cyber security management
Strachová, Zuzana ; Josef,, Horáček (referee) ; Sedlák, Petr (advisor)
The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.
|
|
|
Information security as one of the performance indicators in energy company
Kubík, Lukáš ; Svoboda, Vlastimil (referee) ; Sodomka, Petr (advisor)
Master thesis is concerned with assessing the state of information security and its use as an indicator of corporate performance in energy company. Chapter analysis of the problem and current situation presents findings on the state of information security and implementation stage of ISMS. The practical part is focused on risk analysis and assessment the maturity level of processes, which are submitted as the basis for the proposed security measures and recommendations. There are also designed metrics to measure level of information security.
|
|
|
Implementation of standard ISO 27701 in the company using Gap analysis
Vicen, Šimon ; Konečný, Martin (referee) ; Sedlák, Petr (advisor)
This thesis analyses current state of the system for implementation of standard ISO 27701: 2019 extention. This standard extends already established standard ISO 27001. The thesis evaluates set of controls to the requirements of standard ISO 27701: 2019. Theoretical part contains information regarding the information security, describes a set of ISO 27000 standards as well as European and Czech legal acts related to information security. Following analysis of the company is performed with the application of security measures while implementing the extension standard ISO 27701. Contribution of this thesis is evaluation of the analysis which results from implementation of recommended standard to address the increased number of security threats and the protection of security information.
|
|
|
SQL Injection Technique - its Methods and Methods of Protection
Bahureková, Beáta ; Sedlák, Petr (referee) ; Kříž, Jiří (advisor)
SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.
|
|
| |
|
|
Methodology of law firm security
Veselý, Marek ; Mikuláš,, Vargic (referee) ; Sedlák, Petr (advisor)
The topic of the master‘s thesis is the creation of methodology and subsequent security of equipment including data protection for a law firm. The thesis contains theoretical background, analysis of the current state of the company, on which the proposed solution is based. The proposed solution includes risk analysis and proposal of appropriate security measures including implementational recommendations for the elimination or minimization of identified risks.
|
|
|
Cybersecurity and incident handling solutions on FBM VUT
Valtr, Jiří ; Vítězslav,, Pernica (referee) ; Sedlák, Petr (advisor)
The diploma thesis deals with design of cyber security solution in given organisation. The first part describes theoretical basis needed for basic understanding the security question in CZ and in the world. The following chapter then contains analysis outcome of current state of organisation, for which in the third part I compile a suitable framework, including needed tools and procedures, to settle a proper cyber security solution and its sustainability.
|
|
| |
|
|
Applicability of Deepfakes in the Field of Cyber Security
Firc, Anton ; Homoliak, Ivan (referee) ; Malinka, Kamil (advisor)
Deepfake technológia je v poslednej dobe na vzostupe. Vzniká mnoho techník a nástrojov pre tvorbu deepfake médií a začínajú sa používať ako pre nezákonné tak aj pre prospešné činnosti. Nezákonné použitie vedie k výskumu techník pre detekciu deepfake médií a ich neustálemu zlepšovaniu, takisto ako k potrebe vzdelávať širokú verejnosť o nástrahách, ktoré táto technológia prináša. Jedna z málo preskúmaných oblastí škodlivého použitia je používanie deepfake pre oklamanie systémov hlasovej autentifikácie. Názory spoločnosti na vykonateľnosť takýchto útokov sa líšia, no existuje len málo vedeckých dôkazov. Cieľom tejto práce je preskúmať aktuálnu pripravenosť systémov hlasovej biometrie čeliť deepfake nahrávkam. Vykonané experimenty ukazujú, že systémy hlasovej biometrie sú zraniteľné pomocou deepfake nahrávok. Napriek tomu, že skoro všetky verejne dostupné nástroje a modely sú určené pre syntézu anglického jazyka, v tejto práci ukazujem, že syntéza hlasu v akomkoľvek jazyku nie je veľmi náročná. Nakoniec navrhujem riešenie pre zníženie rizika ktoré deepfake nahrávky predstavujú pre systémy hlasovej biometrie, a to používať overenie hlasu závislé na texte, nakoľko som ukázal, že je odolnejšie proti deepfake nahrávkam.
|
|
|
Ethical Hacking and Cyber Security in Nigeria Telecommunication Industry: Issues and Solution
Akinyemi, Adetunji Akinfemiwa ; Střítecký, Vít (advisor) ; Špelda, Petr (referee)
Ethical hacking and cyber security are crucial topics in today's increasingly digital world. The Nigerian telecommunication industry is no exception and must take measures to secure its information systems. This study examined the issues and solutions related to ethical hacking and cyber security in the Nigerian telecommunication industry. A descriptive and inferential study design was adopted in this study. Data was collected from a primary source using a self- administered questionnaire. The study involved 62 participants from the Nigerian telecommunication industry. The study's findings revealed that the Nigerian telecommunication industry faces various issues related to ethical hacking and cyber security, such as lack of technical expertise, insufficient budget allocation, and inadequate cyber security policies. However, the industry addresses these issues by investing in employee cyber security training and certification, increasing budget allocation, and implementing strict cyber security policies and guidelines. In conclusion, the Nigerian telecommunication industry recognizes the importance of ethical hacking and cyber security and is addressing its challenges. The study highlights the need for the industry to continue investing in cybersecurity measures and to stay updated with the latest...
|
guest ::
