|
|
Building security awareness at the Faculty of Business and Management
Volfová, Jana ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.
|
|
|
The Design of the Maturity Model for Measuring Effectivity of the SIEM System in the Organisation
Kosková, Zdeňka ; Lukáš,, KUBÍK (referee) ; Ondrák, Viktor (advisor)
The bachelor‘s thesis addresses the issue of evaluating the effectiveness of the SIEM system in an industrial environment. The goal was to propose a methodology that uses a MITRE ATT&CK matrix for ICS for evaluation. The thesis first analyses existing solutions and their potential applications, followed by a description of monitoring evaluation in an energy company, which together with the matrix form the basis of the proposed solution. The main output of the thesis is a proposal for quantitative evaluation of individual techniques of the matrix, such as graphical interpretation and the possibility to share results securely with other CERT teams.
|
|
|
Industry 4.0 in according Design and Application of Production Machines
Serykh, Pavel ; Szabari, Mikuláš (referee) ; Knoflíček, Radek (advisor)
This Bachelor thesis is focused on the theme of CNC manufacturing machines and their use in accordance with the principles of Industry 4.0. The first part is a search of the current state in the field of the most frequently used CNC production machines in engineering according to their design and application. In the second part described principles, basic attributes and key technologies of Industry 4.0, defined concept. The last part is on top of the project conceptual workplace with CNC manufacturing machines in the premises of the technical high school VUTBR in accordance with the principles and tenets of Industry 4.0 and the evaluation of the results achieved.
|
|
| |
|
|
Capturing cyber-threats of industrial systems
Dobrík, Andrej ; Pospíšil, Ondřej (referee) ; Fujdiak, Radek (advisor)
S vedomím že kybernetické útoky stoja korporácie každoročne miliardy, počínajúc neoprávnenými útokmi, distribuovanými útokmi odmietnutia služieb (DDOS) až po vírusy a počítačové červy atď., prichádza problém s nástrojmi, ktoré majú k dispozícii správcovia systému. Táto diplomová práca sa venuje skúmaniu jedného z takýchto nástrojov, Honeypot. Presnejšie, Honeypot zariadeniam pre priemyselné riadiace systémy. Od historicky počiatočných implementácií takýchto systémov, cez analýzu súčasných riešení až po vytvorenie nového riešenia Honeypot, s vysokou mierou interakcie a následným nasadením na nový virtuálny súkromný server, po ktorom nasleduje analýza narušení, ktoré sa vyskytnú počas obdobia nasadenia.
|
|
|
Conversion between Formats for Sharing of Network Security Alerts
Eis, Pavel ; Wrona, Jan (referee) ; Žádník, Martin (advisor)
There are many platforms and systems designed for sharing cyber security incidents and events, which often use different security formats. This way it gets harder or even not possible to share security incidents and events between organizations, which are using these platforms. Solution of this problem may be creation of converters, which are capable of converting used security formats between each other. This work solves conversion between security formats IDEA, MISP and STIX. In the process of conversion, it is important to care about conversion flow, to prevent information loss or different category of event assignment, than which it was originally represented by. If the conversion is accurate enough, it can be easier achieved more precise and broader analysis of cyber security incidents.
|
|
|
Statistical output of security audits
Hrubešová, Gabriela ; Vlastimil,, Svoboda (referee) ; Sedlák, Petr (advisor)
The subject of this diploma thesis is a statistical analysis of security audits. The theoretical part describes key terms in the field of cyber and information security, basic background for this area and important regulations. The next part focuses on the description of security audit, its course, necessary conditions and content. The last part is devoted to statistical analysis of obtained samples. We analyse samples from several points of view, compare and look for features and information that could be helpful to the auditor’s assessment.
|
|
|
Draft Recovery Plan for the infrastructure of the Faculty of Business and Management
Srnec, Jan ; Kubek, Ján (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the proposal of a “Disaster Recovery Plan” for the Informatics department at BUT’s Faculty of Business and Management. The first part consists of theoretical basis of crucial parts of disaster recovery plan, which is the very foundation for the proposal itself. The second part follows up with a description of the server room of the Informatics department, in particular its IT equipment. The third part deals with the very disaster recovery plan proposal which will function as a school code regulation and a foundation for a Business Continuity Management System document.
|
|
|
The Implementation of ISMS in a Small Company
Svoboda, Milan ; Vlastimil,, Svoboda (referee) ; Sedlák, Petr (advisor)
The diploma thesis focuses on proposing an information security management system (ISMS) in a small company. This publication includes theoretical facts, which are needed to understand and design a ISMS. The design proposal of the ISMS itself is based on an analysis of the current status of the company's information security. The proposed security measures are based on the actual state of information security within the company, and on recommendations stemming from the ISO/IEC 27000 standard.
|
|
|
GAP analysis of information security management system
Konečný, Martin ; Tomáš,, Krejčí (referee) ; Sedlák, Petr (advisor)
The master’s thesis focuses on GAP analysis of information security management system. The thesis consists of theoretical, analytical and practical part. The first part discusses the theoretical background of the issue of information and cyber security. The analytical part describes the current condition of the researched company. The thesis’s output is the draft of risk register and draft of security countermeasures implementation. The draft targets on countermeasures leading to increase information security in company.
|
guest ::
