Incident Management (IM) is the process to prevent, protect, and react to incidents affecting an organization and should be well-defined to be prepared in case of alerts. To this aim, security standards define guidelines to manage the incidents and the organizations should comply with them to properly set up a secure-by-design process. Assessing whether an organization is compliant or not with security standards requires a big effort as the main methodologies are based on manual analysis and leveraging automatic approaches to support human decisions is challenging. To facilitate this task, we design IMPAVID, a visual analytics solution to support the assessment of IM process compliance through process mining. The aim is to increase the level of awareness of the security assessor to support her in making informed decisions about actions to improve IM process compliance with regulatory and technical standards. We evaluate the proposed system through a usage scenario based on a publicly available dataset containing data from a real IM log of an IT company.

Visually Supporting the Assessment of the Incident Management Process / Palma, Alessandro; Angelini, Marco. - (2024). (Intervento presentato al convegno 26th EG Conference on Visualization tenutosi a Odense; Denmark) [10.2312/eurova.20241116].

Visually Supporting the Assessment of the Incident Management Process

Alessandro Palma
Primo
;
Marco Angelini
2024

Abstract

Incident Management (IM) is the process to prevent, protect, and react to incidents affecting an organization and should be well-defined to be prepared in case of alerts. To this aim, security standards define guidelines to manage the incidents and the organizations should comply with them to properly set up a secure-by-design process. Assessing whether an organization is compliant or not with security standards requires a big effort as the main methodologies are based on manual analysis and leveraging automatic approaches to support human decisions is challenging. To facilitate this task, we design IMPAVID, a visual analytics solution to support the assessment of IM process compliance through process mining. The aim is to increase the level of awareness of the security assessor to support her in making informed decisions about actions to improve IM process compliance with regulatory and technical standards. We evaluate the proposed system through a usage scenario based on a publicly available dataset containing data from a real IM log of an IT company.
2024
26th EG Conference on Visualization
visual analytics; visualization systems and tools; usability in security and privacy;
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Visually Supporting the Assessment of the Incident Management Process / Palma, Alessandro; Angelini, Marco. - (2024). (Intervento presentato al convegno 26th EG Conference on Visualization tenutosi a Odense; Denmark) [10.2312/eurova.20241116].
File allegati a questo prodotto
File Dimensione Formato  
Palma_Visually_2024.pdf

accesso aperto

Note: https://doi.org/10.2312/eurova.20241116
Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Creative commons
Dimensione 1.72 MB
Formato Adobe PDF
1.72 MB Adobe PDF

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1711044
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact