Incident Management (IM) is the process to prevent, protect, and react to incidents affecting an organization and should be well-defined to be prepared in case of alerts. To this aim, security standards define guidelines to manage the incidents and the organizations should comply with them to properly set up a secure-by-design process. Assessing whether an organization is compliant or not with security standards requires a big effort as the main methodologies are based on manual analysis and leveraging automatic approaches to support human decisions is challenging. To facilitate this task, we design IMPAVID, a visual analytics solution to support the assessment of IM process compliance through process mining. The aim is to increase the level of awareness of the security assessor to support her in making informed decisions about actions to improve IM process compliance with regulatory and technical standards. We evaluate the proposed system through a usage scenario based on a publicly available dataset containing data from a real IM log of an IT company.
Visually Supporting the Assessment of the Incident Management Process / Palma, Alessandro; Angelini, Marco. - (2024). (Intervento presentato al convegno 26th EG Conference on Visualization tenutosi a Odense; Denmark) [10.2312/eurova.20241116].
Visually Supporting the Assessment of the Incident Management Process
Alessandro Palma
Primo
;Marco Angelini
2024
Abstract
Incident Management (IM) is the process to prevent, protect, and react to incidents affecting an organization and should be well-defined to be prepared in case of alerts. To this aim, security standards define guidelines to manage the incidents and the organizations should comply with them to properly set up a secure-by-design process. Assessing whether an organization is compliant or not with security standards requires a big effort as the main methodologies are based on manual analysis and leveraging automatic approaches to support human decisions is challenging. To facilitate this task, we design IMPAVID, a visual analytics solution to support the assessment of IM process compliance through process mining. The aim is to increase the level of awareness of the security assessor to support her in making informed decisions about actions to improve IM process compliance with regulatory and technical standards. We evaluate the proposed system through a usage scenario based on a publicly available dataset containing data from a real IM log of an IT company.File | Dimensione | Formato | |
---|---|---|---|
Palma_Visually_2024.pdf
accesso aperto
Note: https://doi.org/10.2312/eurova.20241116
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Creative commons
Dimensione
1.72 MB
Formato
Adobe PDF
|
1.72 MB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.