Auswahl der wissenschaftlichen Literatur zum Thema „Nástroj řízení kybernetické bezpečnosti“

Článek se nejprve zabývá pojmovou nejednotností a používáním slova „opatření“ v systematice zákona o kybernetické bezpečnosti, tak aby nedocházelo k záměně těchto jazykově velice podobných institutů. Po jasném vymezení názvosloví a charakteru jednotlivých opatření je detailně pojednáno o institutu varování, který je v mezinárodním srovnání poměrně specifický. Klade totiž vysoké nároky na samostatnou činnost povinných osob, díky čemuž však umožňuje vhodně stupňovat bezpečnostní opatření povinných osob, a tak efektivně reagovat na kyberbezpečnostní hrozby různé intenzity. Dále je prakticky pojednáno o problematickém promítnutí performativních pravidel práva kybernetické bezpečnosti a vysoce formalizovaných administrativních pravidel zadávání veřejných zakázek. Po vysvětlení správného zohlednění varování veřejnými zadavateli jsou v souladu s podpůrnými materiály NÚKIB a aktuální rozhodovací praxí předestřeny také způsoby, jakými lze v různých fázích zadávacího řízení obsah varování promítnout do předmětu veřejné zakázky.

The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.

The diploma thesis is focused on the creation of a helpdesk design for ESKO software. This ESKO software was developed by ISIT Slovakia s.r.o. The helpdesk will be represented by several software. Some are used to create diagrams and represent workflows, others for graphic editing. The helpdesk will be created based on the current needs of the company and then delivered to it as the final product. The main goal is to extend the functionality of an existing website and add to this website and the proposed helpdesk. The bonus will be a query library, which should work on the principle of an SQL database.

The thesis is focused on the Czech act no. 181/2014 Sb., on cyber security and subsequent regulations, introduces origin and importance of act, defines the state administration´s office which identifies important information systems according to regulations, and subsequently thesis detailed analyses act and regulation on cyber security in relation to the defined state administration´s office. Keynote of this thesis is show the real application of identified obligations of the act and regulation to the defined state administration´s office, especially a design, implementation and management of organizational and technical security measures, including the evaluation of real impact on information security. To achieve the set goals author of this thesis uses the analysis of legislation, and draws own conclusions from author´s position of a security technologist who actively participated in the design security policy, and implementation and management of security tools. The benefit of this thesis is complex overview of the security employees work at defined state administration´s office, overview of the real fulfilment obligations of the act and regulation of cybernetic security, and ultimately this thesis brings ideas for further development of technical security tools. This thesis can brings benefit to other important information systems administrators as a set of processes, proposals and recommendation for their own information security management system. This thesis is structurally divided into four main parts. The first theoretical part introduces origin, importance and impact of the act on state and private organizations. The second analytical part analyses act and subsequent regulations in relation to the defined state administration´s office. The third practical part shows the real application of organizational and technical security measures. The fourth last part evaluates the real impact of measures on information security.

This diploma thesis deals with a suggestions to improve the current state of education information and cyber security in the Czech Republic. These suggestions are from a comparison of education at the Brno University of Technology - Faculty of Business and Hallym University in South Korea. Another part is the analysis of trends in the field of cyber attacks and comparison of this area between the Czech Republic and South Korea.

The diploma thesis focuses on implementation and deployment of information security management system (ISMS) into healthcare organizations. Specifies what is required to include in this process and what not to forget. It includes a risk analysis of a branch of the selected company, and for it is written a safety guide. Safety guide provides advice and recommendations regarding security in terms of human resources, physical security, ICT security and other aspects that should be included in the ISMS deployment in healthcare organizations. The work also reflects the newly emerging law on cyber security. It is expected that the law will also address cyber security in healthcare.