A carregar...
Publicação
RoboCISO2 : uso de tecnologias de RPA e IA para dar diariamente ao CISO a análise situacional do estado da cibersegurança da sua organização
| Nome: | Descrição: | Tamanho: | Formato: | |
|---|---|---|---|---|
| 13.97 MB | Adobe PDF |
Autores
Orientador(es)
Resumo(s)
O Chief Information Security Officer (CISO) da Altice Portugal tem o RoboCISO para o auxiliar na
governança da cibersegurança da empresa. O RoboCISO é um sistema de Robotic Process Automation
(RPA), que alerta e informa o CISO, de uma forma contínua, sobre o estado de um conjunto de vetores
de risco por si escolhidos.
O objetivo deste projeto centrou-se no desenvolvimento de uma versão complementar do
RoboCISO, a que apelidámos de RoboCISO2, que introduziu o conceito do Daily Security Brief
(DSB). O DSB é um documento PDF que de uma forma sintética, concisa e global apresenta ao CISO
uma análise situacional diária do estado da cibersegurança da Altice Portugal. Este documento é
enviado para o CISO via email, uma vez por dia, todos os dias. Este contém um sumário inicial e o
corpo do documento encontra-se dividido em diferentes vetores de risco, apresentando gráficos,
tabelas e frases curtas para cada um. Os vetores de risco em análise são os incidentes de
cibersegurança, em particular os ataques de Denial of Service (DoS)/Distributed Denial of Service
(DDoS), os Service Level Agreement (SLA) que foram excedidos na vertente de resolução de
incidentes (Exceeded SLAs), a verificação do funcionamento das plataformas críticas da organização
(Current Health (Uptime) of DCY Systems), a avaliação dos ratings atribuídos pela Bitsight (External
CyberHygiene) e a avaliação de tópicos como o estado da instalação dos patches de segurança
(Internal CyberHygiene).
O RoboCISO2 é um sistema que permite a geração automática e robotizada do DSB, recorrendo a
RPA e a Inteligência artificial (IA) para a escolha da informação que aparece no sumário inicial e para
atribuir uma classificação a cada vetor de risco de acordo com o seu estado.
O RoboCISO permite manter o CISO da Altice Portugal permanentemente informado, isto é,
sempre que ocorre por exemplo um incidente de cibersegurança, este é alertado. Enquanto que o
RoboCISO2, permite aglutinar toda a informação crucial num só documento, possibilitando ao CISO
observar a informação como um todo e adquirir uma consciência situacional do estado da
cibersegurança da sua organização. A observação da informação relevante sintetizada num único
documento aumenta a capacidade de compreensão e processamento da mesma e facilita a tomada de
decisão.
Altice Portugal's Chief Information Security Officer (CISO) has RoboCISO to assist in the governance of the company's cybersecurity. RoboCISO is a Robotic Process Automation (RPA) system that continuously alerts and informs the CISO of the status of a set of risk vectors chosen by him. The aim of this project focused on the development of a complementary version of RoboCISO, which we dubbed RoboCISO2, that introduced the concept of the Daily Security Brief (DSB). The DSB is a PDF document that, in a synthetic, concise, and global way, presents the CISO with a daily situational analysis of the state of cybersecurity at Altice Portugal. This document is sent to CISO via email, once a day, every day. This contains an initial summary and the body of the document is divided into different risk vectors, presenting graphs, tables, and short sentences for each one. The risk vectors under analysis are cybersecurity incidents, in particular Denial of service (DoS)/Distributed Denial of Service (DDoS) attacks, Service Level Agreement (SLA) that were exceeded in terms of incident resolution (Exceeded SLAs), verification of the operation of the company's critical platforms (Current Health (Uptime) of DCY Systems), assessment of ratings assigned by Bitsight (External CyberHygiene) and assessment of topics like the installation status of security patches (Internal CyberHygiene). RoboCISO2 is a system that allows the automatic and robotic generation of the DSB, using RPA and Artificial Intelligence (AI) to choose the information that appear in the initial summary and to assign a classification to each risk vector accordingly with your status. RoboCISO allows to keep Altice Portugal's CISO permanently informed, that is, whenever a cybersecurity incident occurs, it is alerted. Meanwhile, RoboCISO2, allows to agglutinate all the crucial information in a single document, enabling the CISO to look at the information as a whole and acquire situational awareness of the state of cybersecurity in its organization. The observation of relevant information synthesized in a single document increases the ability to understand and process it and ease the decision making.
Altice Portugal's Chief Information Security Officer (CISO) has RoboCISO to assist in the governance of the company's cybersecurity. RoboCISO is a Robotic Process Automation (RPA) system that continuously alerts and informs the CISO of the status of a set of risk vectors chosen by him. The aim of this project focused on the development of a complementary version of RoboCISO, which we dubbed RoboCISO2, that introduced the concept of the Daily Security Brief (DSB). The DSB is a PDF document that, in a synthetic, concise, and global way, presents the CISO with a daily situational analysis of the state of cybersecurity at Altice Portugal. This document is sent to CISO via email, once a day, every day. This contains an initial summary and the body of the document is divided into different risk vectors, presenting graphs, tables, and short sentences for each one. The risk vectors under analysis are cybersecurity incidents, in particular Denial of service (DoS)/Distributed Denial of Service (DDoS) attacks, Service Level Agreement (SLA) that were exceeded in terms of incident resolution (Exceeded SLAs), verification of the operation of the company's critical platforms (Current Health (Uptime) of DCY Systems), assessment of ratings assigned by Bitsight (External CyberHygiene) and assessment of topics like the installation status of security patches (Internal CyberHygiene). RoboCISO2 is a system that allows the automatic and robotic generation of the DSB, using RPA and Artificial Intelligence (AI) to choose the information that appear in the initial summary and to assign a classification to each risk vector accordingly with your status. RoboCISO allows to keep Altice Portugal's CISO permanently informed, that is, whenever a cybersecurity incident occurs, it is alerted. Meanwhile, RoboCISO2, allows to agglutinate all the crucial information in a single document, enabling the CISO to look at the information as a whole and acquire situational awareness of the state of cybersecurity in its organization. The observation of relevant information synthesized in a single document increases the ability to understand and process it and ease the decision making.
Descrição
Trabalho de Projeto de Mestrado, Informática, 2022, Universidade de Lisboa, Faculdade de Ciências
Palavras-chave
Chief Information Security Officer (CISO) RoboCISO2 Daily Security Brief (DSB) Robotic Process Automation (RPA) Inteligência artificial (IA) Teses de mestrado - 2022