CISO-BERT: Matching Information Security Requirements by Fine-Tuning the BERT Language Model
Files
Date
2024-01-03
Authors
Contributor
Advisor
Department
Instructor
Depositor
Speaker
Researcher
Consultant
Interviewer
Narrator
Transcriber
Annotator
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
1359
Ending Page
Alternative Title
Abstract
In today's digital age, information security is of utmost importance. Many organizations are adopting information security management systems and pursuing certifications like ISO 27001. However, the process of creating and maintaining these policies is often manual and time-consuming. Organizations must merge requirements from different frameworks and stay updated with evolving regulations. To address these challenges, we propose a novel approach that leverages large language models, specifically fine-tuning a pre-trained BERT model. Our research focuses on automatically identifying and matching cybersecurity requirements, particularly those outlined in ISO 27001. This approach aims to support the merging of requirements from various frameworks into a unified policy and ensure the consistency of company-specific policies with updated frameworks over time. By utilizing advanced natural language processing techniques and the power of BERT, we aim to streamline the process of policy creation and maintenance, reducing manual effort and enabling organizations to stay compliant with changing regulations.
Description
Keywords
Information Security in the era of Artificial General Intelligence (AGI)
Citation
Extent
10 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 57th Hawaii International Conference on System Sciences
Related To (URI)
Table of Contents
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Local Contexts
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.