Proces upravljanja incidentov informacijske varnosti banke X: študija primera : diplomsko delo visokošolskega študijskega programa Informacijska varnost

Enci, Matej

| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

First page > Show document

Show document

Title:	Proces upravljanja incidentov informacijske varnosti banke X: študija primera : diplomsko delo visokošolskega študijskega programa Informacijska varnost
Authors:	ID Enci, Matej (Author) ID Dvojmoč, Miha (Mentor) More about this mentor... ID Mihelič, Anže (Comentor)
Files:	VS_Enci_Matej_2024.pdf (1,00 MB) MD5: 95796E71B3D459E5E304433C79C9106F
Language:	Slovenian
Work type:	Bachelor thesis/paper
Typology:	2.11 - Undergraduate Thesis
Organization:	FVV - Faculty of Criminal Justice and Security
Abstract:	Grožnje iz sveta informacijske varnosti postajajo vse pogostejši pojav, pri čemer napadalci, z uporabo različnih tipov kibernetskih napadov, poskušajo pridobiti občutljive podatke in finančna sredstva ali povzročiti škodo žrtvam napada. Z namenom učinkovitega zoperstavljanja tovrstnim grožnjam se vzpostavljajo celovite varnostne politike, ki vsebujejo oblikovane smernice in okvirje za zaščito informacijskih sistemov ter z njimi povezane podatke. Zaradi vse hitrejšega razvoja in povečanja kompleksnosti groženj je nujno potrebno posodabljanje varnostnih politik s ciljem proaktivnega prilagajanja novim, naprednejšim grožnjam. V diplomskem delu je bil, s ciljem proaktivnega prilagajanja na sodobne grožnje, opravljen pregled aktualne literature ter dobrih praks iz področja informacijske varnosti. Skladno z literaturo je bila nato izvedena analiza varnostne politike procesa upravljanja incidentov informacijske varnosti, pri čemer se je osredotočalo na študijo primera, z namenom pridobitve konkretnega vpogleda v realno okolje. Po opravljeni analizi so bile odkrite pomanjkljivosti in pripravljene izboljšave, s pomočjo katerih lahko organizacija pripravi še bolj sistematičen pristop k obravnavi incidentov informacijske varnosti. Ugotovitve so pokazale, da je v finančnem svetu velik poudarek na zaščiti pred kibernetskimi grožnjami, katera je tudi regulirana iz strani revizijskih organov. Poleg zagotavljanja skladnosti z regulativnimi zahtevami še vedno obstaja prostor za zagotovitev naprednejše zaščite pred grožnjami, ki pa je odvisen od strateških ciljev organizacije ter finančnih virov, namenjenih za zagotavljanje informacijske varnosti. Te ugotovitve so lahko pomembne za strokovnjake iz področja informacijske varnosti, katerim služijo kot dobre prakse za upravljanje informacijske varnosti.
Keywords:	informacijska varnost, varnostna politika, kibernetske grožnje, varnost podatkov, upravljanje tveganj, diplomske naloge
Place of publishing:	Ljubljana
Place of performance:	Ljubljana
Publisher:	M. Enci
Year of publishing:	2024
Year of performance:	2024
Number of pages:	VI f., [65] str.
PID:	20.500.12556/DKUM-89811
UDC:	004.056(043.2)
COBISS.SI-ID:	208855043
Publication date in DKUM:	25.09.2024
Views:	0
Downloads:	31
Metadata:
Categories:	FVV
:	ENCI, Matej, 2024, Proces upravljanja incidentov informacijske varnosti banke X: študija primera : diplomsko delo visokošolskega študijskega programa Informacijska varnost [online]. Bachelor’s thesis. Ljubljana : M. Enci. [Accessed 14 March 2025]. Retrieved from: https://dk.um.si/IzpisGradiva.php?lang=eng&id=89811 Copy citation

Average score:	0.5 1 1.5 2 2.5 3 3.5 4 4.5 5 (0 votes)
Your score:	Voting is allowed only for logged in users.
Share:

Similar works from our repository:

Similar works from other repositories:

Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Licences

License:	CC BY-NC-ND 4.0, Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International

Link:	http://creativecommons.org/licenses/by-nc-nd/4.0/
Description:	The most restrictive Creative Commons license. This only allows people to download and share the work for no commercial gain and for no other purposes.
Licensing start date:	13.08.2024

Secondary language

Language:	English
Title:	The process of managing information security incidents at bank X: a case study analysis
Abstract:	Threats in the realm of information security are becoming increasingly common, with attackers using various types of cyberattacks to obtain sensitive data, financial resources or cause harm to victims. To effectively counter such threats, comprehensive security policies are being established, providing guidelines and frameworks for protecting information systems and associated data. The accelerating pace of development and the increasing complexity of threats make it necessary to update security policies in order to proactively adapt to new, more advanced threats. In this thesis, a review of current literature and best practices in the field of information security was conducted with the goal of proactively addressing modern threats. Based on the literature, an analysis of the security policy for the information security incident management process was performed, focusing on a case study to gain concrete insights into a real-world environment. Following the analysis, gaps were identified and improvements were made to enable the organization to develop a more systematic approach to handling information security incidents. The findings revealed that in the financial world there is a strong focus on protection against cyber threats, which is also regulated by audit authorities. Despite ensuring compliance with regulatory requirements, there is still room for advancing threat protection, which depends on the organization's strategic goals and the financial resources dedicated for information security. These findings may be valuable for information security professionals, serving as best practices for managing information security.
Keywords:	information security, security policy, cyber threats, data security, risk management

Comments

Leave comment

You must log in to leave a comment.

Comments (0)

0 - 0 / 0

There are no comments!

Back