CISO-BERT: Matching Information Security Requirements by Fine-Tuning the BERT Language Model

Date

2024-01-03

Contributor

Advisor

Department

Instructor

Depositor

Speaker

Researcher

Consultant

Interviewer

Narrator

Transcriber

Annotator

Journal Title

Journal ISSN

Volume Title

Publisher

Volume

Number/Issue

Starting Page

1359

Ending Page

Alternative Title

Abstract

In today's digital age, information security is of utmost importance. Many organizations are adopting information security management systems and pursuing certifications like ISO 27001. However, the process of creating and maintaining these policies is often manual and time-consuming. Organizations must merge requirements from different frameworks and stay updated with evolving regulations. To address these challenges, we propose a novel approach that leverages large language models, specifically fine-tuning a pre-trained BERT model. Our research focuses on automatically identifying and matching cybersecurity requirements, particularly those outlined in ISO 27001. This approach aims to support the merging of requirements from various frameworks into a unified policy and ensure the consistency of company-specific policies with updated frameworks over time. By utilizing advanced natural language processing techniques and the power of BERT, we aim to streamline the process of policy creation and maintenance, reducing manual effort and enabling organizations to stay compliant with changing regulations.

Description

Keywords

Information Security in the era of Artificial General Intelligence (AGI)

Citation

Extent

10 pages

Format

Geographic Location

Time Period

Related To

Proceedings of the 57th Hawaii International Conference on System Sciences

Related To (URI)

Table of Contents

Rights

Attribution-NonCommercial-NoDerivatives 4.0 International

Rights Holder

Local Contexts

Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.