|
|
The Influence of Cyber Terrorism Threat on the American Security Policy
Rezek, Tomáš ; Calda, Miloš (advisor) ; Mareš, Miroslav (referee) ; Cabada, Ladislav (referee) ; Polčák, Radim (referee)
(English) The aim of this dissertation is to answer the question of whether the U.S. security policy is influenced by the threat of cyber terrorism. The dissertation is divided into chapters that can be regarded as steps in a logical reasoning process. In the first chapter, cyber space is introduced and described to illustrate its importance and complexity. The next chapter analytically compares various definitions of terrorism, and partially rejects the initial hypothesis that cyber terrorism is not included in the general definition of terrorism. The following chapter statistically analyzes the available data on terrorist groups and terrorist attacks to empirically confirm the hypothesis that terrorism is still a real threat to American security. The analysis actually proves that the threat of terrorism has not decreased in relation to the number of terrorist groups. It also shows that the number of terrorist attacks against the U.S. targets has significantly decreased in the United States, while terrorist actions have been increasing constantly on a global level. The analysis shows that the success rate of terrorists attacks does not form a time series, and therefore each terrorist attack has to be examined individually to assess its success probability. The following analysis reviews the...
|
|
|
Information security as one of the performance indicators in energy company
Kubík, Lukáš ; Svoboda, Vlastimil (referee) ; Sodomka, Petr (advisor)
Master thesis is concerned with assessing the state of information security and its use as an indicator of corporate performance in energy company. Chapter analysis of the problem and current situation presents findings on the state of information security and implementation stage of ISMS. The practical part is focused on risk analysis and assessment the maturity level of processes, which are submitted as the basis for the proposed security measures and recommendations. There are also designed metrics to measure level of information security.
|
|
|
Cyber risks in banking
Vozáriková, Veronika ; Stádník, Bohumil (advisor) ; Fičura, Milan (referee)
The aim of this bachelor thesis is to determinate current issues of cyber risks in banking. The purpose of this work is to increase awareness of cyber risk and provide a theoretical base for further analysis of specific risks in the field. The thesis should also outline current situation in the Czech Republic. Part of the work analyses the security of Internet banking of concrete institutions in the Czech market and also contains questionnaire survey about the awareness of cyber risks in the Czech Republic.
|
|
|
The Implementation of ISMS in a Small Company
Svoboda, Milan ; Vlastimil,, Svoboda (referee) ; Sedlák, Petr (advisor)
The diploma thesis focuses on proposing an information security management system (ISMS) in a small company. This publication includes theoretical facts, which are needed to understand and design a ISMS. The design proposal of the ISMS itself is based on an analysis of the current status of the company's information security. The proposed security measures are based on the actual state of information security within the company, and on recommendations stemming from the ISO/IEC 27000 standard.
|
|
|
Assessment and a Proposal for Information Security in the Organization
Rybáková, Alena ; Šarbort, Jakub (referee) ; Ondrák, Viktor (advisor)
This diploma thesis deals with the issue of information security in the organization. Author's effort is to gain a broad overview of connections, which will then be evaluated in the final section, providing concrete recommendations. In this thesis it is discussed information security management system, service management system and cyber security, both in theory and in terms of real application in a particular organization. The aim is to provide own recommendations for improvement.
|
|
|
The Cyber Security Act and its impacts on obliged entities
Draganov, Vojtěch ; Čermák, Igor (advisor) ; Hájíček, David (referee)
The thesis looks into the act No. 181/2014 Coll. Cyber Security Act (hereinafter referred to as "CSA") and its impact on obliged entities with focus on the regional authorities of the Czech Republic. The thesis starts with introduction into the issue of the CSA and cybersecurity from the point of view of the state, subsequently it refocuses on the level of regulated organizations. The main pillar and contribution of the thesis is the CSA analysis with the aim to identify impact of the CSA in the obliged entities. Based on this analysis author designed the questionnaire survey of the CSA impact on the regional authorities. The survey relates to information security management system, kinds of burden stemmed from the CSA implementation, willingness to use funding from the European Regional Development Fund (ERDF) to implement the CSA, a possibility to outsource the cybersecurity and also opinions of the county council staff about the CSA. The survey shows that in spite of a pressure on standardization stemming from legal framework, county councils differs significantly in regard to information security management systems. On the other hand, respondents agreed on positive impact of the CSA on improvement of information and the cyber security although the CSA brings significant financial and organizational load to the organization. The survey also shows that some regional authorities only start to implement cybersecurity currently. The cybersecurity evolves in the researched organization quite dynamically and it would be beneficial to repeat the impact analyses again, after first wave of the CSA implementation will be finished.
|
|
|
Framework for on-line service security risk management
Mészáros, Jan ; Buchalcevová, Alena (advisor) ; Čermák, Igor (referee) ; Doucek, Petr (referee) ; Jirovský, Václav (referee)
This dissertation thesis is dedicated to on-line services security management from service provider's and service consumer's viewpoints. The main goal is to propose a framework for on-line services security risk management, to develop a supporting software tool prototype and to validate them through a case study performed in a real-world environment. The key components of the proposed framework are a threat model and a risk model. These models are designed to fit specific features of on-line services and the surrounding environment. A risk management process is an integral part of the framework. The process is suitable for frequent and recurrent risk assessments. The process comprises of eight steps, related roles and responsibilities are defined for each step. The process execution results in identification and execution of proper tasks which contribute to treatment of identified security risks and deficiencies. Documentation and reporting of an overall level of on-line services security over time is possible if the process is executed on a regular basis. The proposed framework was validated through a case study performed in a large enterprise environment.
|
|
|
Web application security
Matušek, Václav ; Palovský, Radomír (advisor) ; Pinkas, Otakar (referee)
The Bachelor thesis deals with the security of web applications. The main aim is to create complex view of most frequent attacks in practice and also to describe possibilities in prevention of the attacks. The prevention is described for both, user's and developer's side. Thesis contains also information about their origin and reminds the attacks from the past. It includes review of the standards and Czech legislation, which affect the security or define proper way how to develop the application. Important output of this thesis is also list of rules, which helps the developer to design secure application.
|
|
|
CERT / CSIRT teams and cyber security
Rezníčková, Dominika ; Klíma, Tomáš (advisor) ; Veber, Jaromír (referee)
The main goal of this bachelor thesis is to provide brief description of contemporary situation in the field of cyber security and the role of national CERT team in it according to the newly adopted Law no. 181/2014 Coll., on Cyber Security and to make comparison of theoretical principles with their applying in praxis. Thesis is divided into two main parts. First one, a theoretical part, comprehends basic information on cyber security, cybercrime and security incidents and consequently focuses on roles of CERT / CSIRT teams in a perspective of security incidents and cyber security in general, reasons for a formation of the first CERT team and following development, its functions and responsibilities nowadays and finally the thesis presents possible opportunities of collaboration between CERT teams within international organisations and platforms. The second part of the thesis is practical and consists of content analysis of The Law on Cyber Security and its consequences and impacts. The main focus of the thesis is set up on explaining a role of a national team and its sphere of authority in the Czech Republic after the law has entered into force. To provide information about practical operation directly from the source, I will interview two cyber security specialists working in The National CSIRT Team of the Czech Republic called CSIRT.CZ, which is currently operated by the association CZ.NIC. Among other information, I will include a specific example of coordinating activity happened under the auspices of the team during the security incident. As a conclusion of this work is a summary of the achievements and benefits of work depending on the previous foreground and the comparison.
|
|
|
Cyber security and legislation of the Czech Republic
Kratochvíl, David ; Doucek, Petr (advisor) ; Veber, Jaromír (referee)
Contemporary society is increasingly influenced by computers and internet environment and it meets with issues related to cybercrime. There are already a number of laws, whether at EU or national governments, which are trying to reduce or prevent risks associated with hackers, cyber terrorism or any other illegal activities in cyberspace. Thesis "Cyber security and legislation of the Czech Republic", is divided into two main parts. In the first theoretical part, the reader apprise with cybercrime in general. You can read about methods of investigation, types of illegal activities and how to prevent such practices. The second part consists of an analysis of the current legislation of the Czech Republic, EU and Legislative intent of the law on cyber security. I will describe the bill, analyze and appraise its benefits to society. In conclusion of this thesis, I will summarize the achievement of results and objectives of the work.
|
guest ::
