Descriptor: "cyber security" / Publisher: vysoke uceni technicke v brne. fakulta podnikatelska - Searchworks@Jio Institute Digital Library Search Results

Your search keyword '"cyber security"' showing total 144 results

Start Over Descriptor "cyber security" Publisher vysoke uceni technicke v brne. fakulta podnikatelska

144 results on '"cyber security"'

1. Zavedení ISMS v malém podniku

Author: Sedlák, Petr, Vlastimil,, Svoboda, Svoboda, Milan, Sedlák, Petr, Vlastimil,, Svoboda, and Svoboda, Milan
Abstract: Diplomová práce se zabývá návrhem zavedení systému řízení bezpečnosti informací (ISMS) v malém podniku. V této práci jsou rozebrána teoretická východiska, která jsou nutná pro pochopení a navržení ISMS. Návrh zavedení ISMS je zpracován na základě analýzy současného stavu bezpečnosti společnosti. Navržená bezpečnostní opatření vychází ze současného stavu bezpečnosti informací ve společnosti a doporučení norem řady ISO/IEC 27000., The diploma thesis focuses on proposing an information security management system (ISMS) in a small company. This publication includes theoretical facts, which are needed to understand and design a ISMS. The design proposal of the ISMS itself is based on an analysis of the current status of the company's information security. The proposed security measures are based on the actual state of information security within the company, and on recommendations stemming from the ISO/IEC 27000 standard.

2. Návrh metodiky hodnocení efektivity systému SIEM v organizaci

Author: Ondrák, Viktor, Lukáš,, KUBÍK, Kosková, Zdeňka, Ondrák, Viktor, Lukáš,, KUBÍK, and Kosková, Zdeňka
Abstract: V bakalářské práci je řešena problematika hodnocení efektivity systému SIEM v průmyslovém prostředí. Jejím cílem je navržení metodiky, která pro hodnocení využívá matici MITRE ATT&CK for ICS. V práci jsou analyzována již existující řešení a jejich možná aplikace. Dále je popsáno hodnocení monitoringu v energetické společnosti, které společně s maticí tvoří základ návrhu vlastního řešení. Výsledkem práce je návrh kvantitativního hodnocení jednotlivých technik matice, jeho grafická interpretace a možnost bezpečného sdílení výsledků s ostatními CERT týmy., The bachelor‘s thesis addresses the issue of evaluating the effectiveness of the SIEM system in an industrial environment. The goal was to propose a methodology that uses a MITRE ATT&CK matrix for ICS for evaluation. The thesis first analyses existing solutions and their potential applications, followed by a description of monitoring evaluation in an energy company, which together with the matrix form the basis of the proposed solution. The main output of the thesis is a proposal for quantitative evaluation of individual techniques of the matrix, such as graphical interpretation and the possibility to share results securely with other CERT teams.

3. Implementace nástroje pro řízení kybernetické bezpečnosti

Author: Sedlák, Petr, Josef,, Horáček, Strachová, Zuzana, Sedlák, Petr, Josef,, Horáček, and Strachová, Zuzana
Abstract: Diplomová práce je zaměřena na implementaci softwarového nástroje pro zvýšení efektivity řízení kybernetické bezpečnosti. Nástroj je implementován ve společnosti připravující se na zařazení do kritické informační infrastruktury. Na základě požadavků zadavatele je vybrán vhodný nástroj řízení kybernetické bezpečnosti. Následně navrhuji metodiku implementace nástroje, kterou vzápětí aplikuji. Výstupem práce je implementovaný nástroj, analýza rizik a ze zákona povinná bezpečnostní dokumentace., The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.

4. Informační bezpečnost jako jeden z ukazatelů hodnocení výkonnosti v energetické společnosti

Author: Sodomka, Petr, Svoboda, Vlastimil, Kubík, Lukáš, Sodomka, Petr, Svoboda, Vlastimil, and Kubík, Lukáš
Abstract: Diplomová práce se zabývá hodnocením stavu informační bezpečnosti a jeho využitím jako ukazatele podnikové výkonnosti v energetické společnosti. Kapitola analýza problému a současné situace předkládá poznatky o stavu bezpečnosti informací a etapě zavádění ISMS. Praktická část se zaměřuje na analýzu rizik a hodnocení úrovně zralosti procesů, na jejichž základě jsou navržena bezpečnostní opatření a doporučení. Zároveň jsou navrženy metriky pro posouzení úrovně bezpečnosti informací., Master thesis is concerned with assessing the state of information security and its use as an indicator of corporate performance in energy company. Chapter analysis of the problem and current situation presents findings on the state of information security and implementation stage of ISMS. The practical part is focused on risk analysis and assessment the maturity level of processes, which are submitted as the basis for the proposed security measures and recommendations. There are also designed metrics to measure level of information security.

5. Porovnání výuky informační a kybernetické bezpečnosti v České republice a Jižní Koreji s návrhy na zlepšení

Author: Sedlák, Petr, Zápotočný, Matej, Šisler, Marcel, Sedlák, Petr, Zápotočný, Matej, and Šisler, Marcel
Abstract: Tato diplomová práce se zabývá návrhem na zlepšení současného stavu výuky informační a kybernetické bezpečnosti v České republice. Tyto návrhy pramení ze srovnání výuky na Vysokém učení technickém v Brně - Fakultě podnikatelské a Hallym University v Jižní Koreji. Dalším podkladem je analýza trendů v oblasti kybernetických útoků a srovnání této oblasti mezi Českou republikou a Jižní Koreou., This diploma thesis deals with a suggestions to improve the current state of education information and cyber security in the Czech Republic. These suggestions are from a comparison of education at the Brno University of Technology - Faculty of Business and Hallym University in South Korea. Another part is the analysis of trends in the field of cyber attacks and comparison of this area between the Czech Republic and South Korea.

6. Aplikace fuzzy logiky při hodnocení stavu informačních systémů

Author: Janková, Zuzana, Václavík, Lukáš, Kocman, David, Janková, Zuzana, Václavík, Lukáš, and Kocman, David
Abstract: Diplomová práce se zabývá problematikou aplikace rozhodovacích modelů na proces hodnocení stavu informačního systému. Rozhodovací modely, vyzívající principy fuzzy logiky, budou realizovány v prostředí MS Excel a MathWorks MATLAB. Práce popisuje teoretická východiska společně s rozborem metodik sloužících k hodnocení informačního systému na jejichž základě byly realizovány rozhodující modely, které byli na danou problematiku aplikovány., The master’s thesis deals with the application of decision models to the process of evaluating the state of an information system. Decision models, challenging the principles of fuzzy logic, will be implemented in MS Excel and MathWorks MATLAB. The thesis describes the theoretical background together with the analysis of methodologies used for the evaluation of the information system on the basis of which the decision models were implemented and applied to the problem.

7. Posouzení informačního systému firmy a návrh změn

Author: Koch, Miloš, Novák, Lukáš, Novotný, Štěpán, Koch, Miloš, Novák, Lukáš, and Novotný, Štěpán
Abstract: Diplomová práce se zabývá posouzením současného stavu informačního systému vybraného sociálního podniku působícího v oblasti poskytování outsourcingu administrativy. Na základě zjištění z provedených analýz a provedeného primárního empirického výzkumu je zhodnocen stav efektivnosti a zejména bezpečnosti podnikového informačního systému. Výsledkem této práce je vypracovaní plánu implementace nového systému a návrh změn a opatření vedoucích k eliminaci identifikovaných nedostatků a zmírnění potenciálních rizik., The diploma thesis deals with the assessment of the current state of the information system of a selected social enterprise operating in the field of administration outsourcing. Based on the findings of the analyses and primary empirical research, the state of efficiency and especially security of the enterprise information system is evaluated. The result of this work is the development of a plan for the implementation of the new system and the proposal of changes and measures leading to the elimination of identified deficiencies and mitigation of potential risks.

8. Návrh zavedení programu budování bezpečnostního povědomí na gymnáziu

Author: Sedlák, Petr, Neuwirth, Bernard, Holásková, Marie, Sedlák, Petr, Neuwirth, Bernard, and Holásková, Marie
Abstract: Diplomová práce se zabývá problematikou budování bezpečnostního povědomí na gymnáziích. Diplomovou práci lze rozdělit na tři hlavní části. V úvodní části je uvedeno teoretické vymezení základních pojmů z oblasti informační bezpečnosti a stručný popis legislativních náležitostí, které je potřeba dodržet v řešení práce. Ve druhé části je provedena analýza současné situace vybraného gymnázia, včetně analýzy rizik, HOS 8 analýzy a SWOT analýzy. V praktické části je samotný návrh zavedení programu zvyšování bezpečnostního povědomí přizpůsobený na míru gymnázia., The diploma thesis deals with the issue of building security awareness at grammar schools. The thesis can be divided into three main parts. The introductory part introduces the theoretical definition of basic concepts in the area of information security and a brief description of the legislative requirements to be followed in solving the work. The second part analyzes the current situation of selected grammar school, including risk analysis, HOS 8 analysis and SWOT analysis. In the practical part, the proposal to introduce a security awareness program adapted to the grammar school.

9. Informační bezpečnost jako jeden z ukazatelů hodnocení výkonnosti v energetické společnosti

Author: Sodomka, Petr, Svoboda, Vlastimil, Kubík, Lukáš, Sodomka, Petr, Svoboda, Vlastimil, and Kubík, Lukáš
Abstract: Diplomová práce se zabývá hodnocením stavu informační bezpečnosti a jeho využitím jako ukazatele podnikové výkonnosti v energetické společnosti. Kapitola analýza problému a současné situace předkládá poznatky o stavu bezpečnosti informací a etapě zavádění ISMS. Praktická část se zaměřuje na analýzu rizik a hodnocení úrovně zralosti procesů, na jejichž základě jsou navržena bezpečnostní opatření a doporučení. Zároveň jsou navrženy metriky pro posouzení úrovně bezpečnosti informací., Master thesis is concerned with assessing the state of information security and its use as an indicator of corporate performance in energy company. Chapter analysis of the problem and current situation presents findings on the state of information security and implementation stage of ISMS. The practical part is focused on risk analysis and assessment the maturity level of processes, which are submitted as the basis for the proposed security measures and recommendations. There are also designed metrics to measure level of information security.

10. Technické opatření pro zajištění informační bezpečnosti na podnikatelské fakultě

Author: Sedlák, Petr, Kubek, Ján, Kajan, Tomáš, Sedlák, Petr, Kubek, Ján, and Kajan, Tomáš
Abstract: Diplomová práca sa zameriava na návrh technických opatrení slúžiacich na docielenie informačnej bezpečnosti na Fakulte podnikateľskej, ktorá je súčasťou univerzity Vysoké učení technické v Brne. Návrh sa vo veľkej miere riadi Vyhláškou o kybernetickej bezpečnosti, ktorú dopĺňa rada noriem ISO/IEC 27000. Výstupom práce sú technické opatrenia, ktoré doprevádzajú smernice na vybrané časti opatrení., The diploma thesis focuses on the design of technical measures used to achieve information security at the Faculty of Business and Management, which is part of the Brno University of Technology. The proposal is largely governed by the Cyber Security Ordinance, which is complemented by a series of ISO/IEC 27000 standards. The output of the work is technical measures that accompany the directives on selected parts of the measures.

11. Technika SQL injection - její metody a způsoby ochrany

Author: Kříž, Jiří, Sedlák, Petr, Bahureková, Beáta, Kříž, Jiří, Sedlák, Petr, and Bahureková, Beáta
Abstract: SQL injection je technika namierená proti webovým aplikáciám využívajúcim SQL databázu, ktorá môže predstavovať obrovské bezpečnostné riziko. Ide v nej o vloženie kódu do SQL databáze, pričom tento útok využíva zraniteľnosti v databázovej alebo aplikačnej vrstve. Hlavným cieľom mojej diplomovej práce je oboznámenie sa s podstatou SQL injection, pochopenie jednotlivých metód tejto útočnej techniky a ukázanie si spôsobov ako sa proti nej možno brániť. Prácu možno rozdeliť na tieto hlavné časti, ktoré rozoberiem nasledovne. V úvodnej časti práce zmieňujem teoretické východiska týkajúce sa SQL injection problematiky. Nasledujúca kapitola je zameraná na jednotlivé metódy tejto techniky. Analytická časť je venovaná zmapovaniu súčasného stavu testovacích subjektov, skenovacích nástrojov, ktoré tvoria základ pre optimálne skúmanie a testovanie jednotlivých SQLi metód, ktoré sú v tejto časti rozobraté z praktického hľadiska spolu s analýzou príkazov. V poslednej časti budem implementovať SQLi metódy na vybrané subjekty a na základe výstupov vytvorím univerzálne návrhové riešenie ako sa proti takýmto útokom brániť., SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.

12. Zavedení standardu ISO 27701 do firmy využitím Gap analýzy

Author: Sedlák, Petr, Konečný, Martin, Vicen, Šimon, Sedlák, Petr, Konečný, Martin, and Vicen, Šimon
Abstract: Tahle práce se zabývá tématem analýzy stavu systému pro implementaci rozšiřujícího standardu ISO 27701: 2019 v konkrétní společnosti. Společnost tímto standardem navazuje na již zavedený standard ISO 27001. V práci je hodnoceno kontrolní prostředí předepsaném požadavků normy ISO 27701: 2019. Teoretická část práce obsahuje poznatky z oblasti bezpečnosti informací, popisuje sadu norem ISO 27000 a také popisuje evropske a české právní akty vztahující se na bezpečnost informací. V další části je provedena analýza společnosti s následným aplikováním opatření při zavedení rozšiřujícího standardu ISO 27701. Přínosem této práce je vyhodnocení analýzy, která vyplývá ze zavedení doporučeného standardu k řešení zvýšeného množství bezpečnostních hrozeb a ochraně bezpečnosti informací., This thesis analyses current state of the system for implementation of standard ISO 27701: 2019 extention. This standard extends already established standard ISO 27001. The thesis evaluates set of controls to the requirements of standard ISO 27701: 2019. Theoretical part contains information regarding the information security, describes a set of ISO 27000 standards as well as European and Czech legal acts related to information security. Following analysis of the company is performed with the application of security measures while implementing the extension standard ISO 27701. Contribution of this thesis is evaluation of the analysis which results from implementation of recommended standard to address the increased number of security threats and the protection of security information.

13. Návrh, tvorba a implementace softwarové aplikace ve firemním prostředí

Author: Novák, Lukáš, Koch, Miloš, Zavadilová, Patrícia, Novák, Lukáš, Koch, Miloš, and Zavadilová, Patrícia
Abstract: Diplomová práce se zabývá návrhem a implementací řešení převedení firemní softwarové aplikace do mobilní a webové podoby. Pilíře práce stojí nejen na zefektivnění firemních procesů, ale také na zachování otázky informační a kybernetické bezpečnosti. Výsledkem by měl být systém, který přinese inovativní a pohodlné řešení, časovou a finanční úsporu., The master’s thesis is focused on the design and creation of a solution for converting company’s software application into the mobile and web form. The main goal is make business processes more efficient and maintain information and cyber security. The result should be a system that brings an innovative and convenient solution, time and financial savings.

14. Řešení kybernetické bezpečnosti a incident handlingu na FP VUT

Author: Sedlák, Petr, Vítězslav,, Pernica, Valtr, Jiří, Sedlák, Petr, Vítězslav,, Pernica, and Valtr, Jiří
Abstract: Diplomová práce se věnuje návrhu rámce pro řešení kybernetické bezpečnosti ve vybrané organizaci. První část představuje teoretická východiska nutná pro pochopení bezpečnostní situace v ČR a ve světě. Následná kapitola pak obsahuje výsledky analýz současného stavu kyberbezpečnosti v organizaci, pro kterou pak v části třetí sestavuji vhodný pracovní rámec, včetně doporučených nástrojů a postupů k zajištění kvalitního řešení kyberbezpečnosti a její udržitelnosti., The diploma thesis deals with design of cyber security solution in given organisation. The first part describes theoretical basis needed for basic understanding the security question in CZ and in the world. The following chapter then contains analysis outcome of current state of organisation, for which in the third part I compile a suitable framework, including needed tools and procedures, to settle a proper cyber security solution and its sustainability.

15. Technické opatření pro zajištění informační bezpečnosti na podnikatelské fakultě

Author: Sedlák, Petr, Kubek, Ján, Kajan, Tomáš, Sedlák, Petr, Kubek, Ján, and Kajan, Tomáš
Abstract: Diplomová práca sa zameriava na návrh technických opatrení slúžiacich na docielenie informačnej bezpečnosti na Fakulte podnikateľskej, ktorá je súčasťou univerzity Vysoké učení technické v Brne. Návrh sa vo veľkej miere riadi Vyhláškou o kybernetickej bezpečnosti, ktorú dopĺňa rada noriem ISO/IEC 27000. Výstupom práce sú technické opatrenia, ktoré doprevádzajú smernice na vybrané časti opatrení., The diploma thesis focuses on the design of technical measures used to achieve information security at the Faculty of Business and Management, which is part of the Brno University of Technology. The proposal is largely governed by the Cyber Security Ordinance, which is complemented by a series of ISO/IEC 27000 standards. The output of the work is technical measures that accompany the directives on selected parts of the measures.

16. Budování bezpečnostního povědomí na fakultě podnikatelské

Author: Sedlák, Petr, Ondrák, Viktor, Volfová, Jana, Sedlák, Petr, Ondrák, Viktor, and Volfová, Jana
Abstract: Tato diplomová práce se zaměřuje na budování bezpečnostního povědomí na Fakultě podnikatelské. Skládá se ze tří základních částí, a to části teoretické, analytické a části s vlastními návrhy. Teoretická část obsahuje vysvětlení a objasnění některých základních pojmů, procesů a analýz, aby čtenář práci rozuměl. Část analytická obsahuje jak popis vybrané organizace, tak i konkrétní provedení analýz, které byly představeny v teoretické části. Poslední část, kterou je část praktická, obsahuje mimo jiné také vlastní návrhy průběhu zvyšování povědomí na fakultě a benefity tohoto procesu., This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.

17. Budování bezpečnostního povědomí na fakultě podnikatelské

Author: Sedlák, Petr, Ondrák, Viktor, Volfová, Jana, Sedlák, Petr, Ondrák, Viktor, and Volfová, Jana
Abstract: Tato diplomová práce se zaměřuje na budování bezpečnostního povědomí na Fakultě podnikatelské. Skládá se ze tří základních částí, a to části teoretické, analytické a části s vlastními návrhy. Teoretická část obsahuje vysvětlení a objasnění některých základních pojmů, procesů a analýz, aby čtenář práci rozuměl. Část analytická obsahuje jak popis vybrané organizace, tak i konkrétní provedení analýz, které byly představeny v teoretické části. Poslední část, kterou je část praktická, obsahuje mimo jiné také vlastní návrhy průběhu zvyšování povědomí na fakultě a benefity tohoto procesu., This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.

18. Návrh zavedení bezpečnostních opatření v souladu s ISMS pro obchodní společnost

Author: Sedlák, Petr, Ondrák, Viktor, Dočekal, Petr, Sedlák, Petr, Ondrák, Viktor, and Dočekal, Petr
Abstract: Diplomová práce se zaměřuje na oblast bezpečnostních opatření v souladu se systémem řízení bezpečnosti informací. Představuje základní teoretická východiska problematiky informační a kybernetické bezpečnosti a popisuje současný stav ve společnosti. Výstupem je návrh zavedení bezpečnostních opatření přispívajících ke zvýšení bezpečnosti informací ve společnosti., The master’s thesis focuses on area of security countermeasures in accordance with information security management system. Presents basic theoretical background of information and cyber security and describes a current state in the company. The thesis’s output is the design of security countermeasures implementation which contribute to information security in the company.

19. Návrh metodiky hodnocení efektivity systému SIEM v organizaci

Author: Ondrák, Viktor, Lukáš,, KUBÍK, Kosková, Zdeňka, Ondrák, Viktor, Lukáš,, KUBÍK, and Kosková, Zdeňka
Abstract: V bakalářské práci je řešena problematika hodnocení efektivity systému SIEM v průmyslovém prostředí. Jejím cílem je navržení metodiky, která pro hodnocení využívá matici MITRE ATT&CK for ICS. V práci jsou analyzována již existující řešení a jejich možná aplikace. Dále je popsáno hodnocení monitoringu v energetické společnosti, které společně s maticí tvoří základ návrhu vlastního řešení. Výsledkem práce je návrh kvantitativního hodnocení jednotlivých technik matice, jeho grafická interpretace a možnost bezpečného sdílení výsledků s ostatními CERT týmy., The bachelor‘s thesis addresses the issue of evaluating the effectiveness of the SIEM system in an industrial environment. The goal was to propose a methodology that uses a MITRE ATT&CK matrix for ICS for evaluation. The thesis first analyses existing solutions and their potential applications, followed by a description of monitoring evaluation in an energy company, which together with the matrix form the basis of the proposed solution. The main output of the thesis is a proposal for quantitative evaluation of individual techniques of the matrix, such as graphical interpretation and the possibility to share results securely with other CERT teams.

20. Zavedení ISMS v malém podniku

Author: Sedlák, Petr, Vlastimil,, Svoboda, Svoboda, Milan, Sedlák, Petr, Vlastimil,, Svoboda, and Svoboda, Milan
Abstract: Diplomová práce se zabývá návrhem zavedení systému řízení bezpečnosti informací (ISMS) v malém podniku. V této práci jsou rozebrána teoretická východiska, která jsou nutná pro pochopení a navržení ISMS. Návrh zavedení ISMS je zpracován na základě analýzy současného stavu bezpečnosti společnosti. Navržená bezpečnostní opatření vychází ze současného stavu bezpečnosti informací ve společnosti a doporučení norem řady ISO/IEC 27000., The diploma thesis focuses on proposing an information security management system (ISMS) in a small company. This publication includes theoretical facts, which are needed to understand and design a ISMS. The design proposal of the ISMS itself is based on an analysis of the current status of the company's information security. The proposed security measures are based on the actual state of information security within the company, and on recommendations stemming from the ISO/IEC 27000 standard.

21. Statistický výstup z asistovaných zhodnocení

Author: Sedlák, Petr, Vlastimil,, Svoboda, Hrubešová, Gabriela, Sedlák, Petr, Vlastimil,, Svoboda, and Hrubešová, Gabriela
Abstract: Předmětem této diplomové práce je statistická analýza asistovaných zhodnocení. Teoretická část popisuje klíčové pojmy z oblasti kybernetické a informační bezpečnosti, základní podklady pro tuto oblast a důležité předpisy. Další část se zaměřuje na popis asistovaného zhodnocení, jeho průběhu, nutných podmínek a obsahu. V poslední části se věnujeme statistické analýze získaných vzorků. Vzorky analyzujeme z několika úhlů pohledu, porovnáváme a hledáme vlastnosti a informace, které by mohly být nápomocné pro auditory při hodnocení., The subject of this diploma thesis is a statistical analysis of security audits. The theoretical part describes key terms in the field of cyber and information security, basic background for this area and important regulations. The next part focuses on the description of security audit, its course, necessary conditions and content. The last part is devoted to statistical analysis of obtained samples. We analyse samples from several points of view, compare and look for features and information that could be helpful to the auditor’s assessment.

22. GAP analýza systému řízení bezpečnosti informací

Author: Sedlák, Petr, Tomáš,, Krejčí, Konečný, Martin, Sedlák, Petr, Tomáš,, Krejčí, and Konečný, Martin
Abstract: Diplomová práce se zaměřuje na GAP analýzu systému řízení bezpečnosti informací. Práce se skládá z teoretické, analytické a praktické části. První část pojednává o teoretických východiscích problematiky informační a kybernetické bezpečnosti. Analytická část popisuje současný stav ve zkoumané společnosti. Výstupem práce je návrh registru rizik a návrh zavedení bezpečnostních opatření. Návrh cílí na opatření vedoucí k zvýšení bezpečnosti informací ve společnosti, The master’s thesis focuses on GAP analysis of information security management system. The thesis consists of theoretical, analytical and practical part. The first part discusses the theoretical background of the issue of information and cyber security. The analytical part describes the current condition of the researched company. The thesis’s output is the draft of risk register and draft of security countermeasures implementation. The draft targets on countermeasures leading to increase information security in company.

23. Návrh Plánu obnovy pro infrastrukturu podnikatelské fakulty

Author: Sedlák, Petr, Kubek, Ján, Srnec, Jan, Sedlák, Petr, Kubek, Ján, and Srnec, Jan
Abstract: Tato diplomová práce se zabývá návrhem plánu obnovy při katastrofě pro serverovnu Ústavu informatiky fakulty podnikatelské při VUT v Brně. V první části jsou popsána teoretická východiska jednotlivých částí plánu obnovy, která slouží jako podklad pro samotný návrh. V druhé části práce je uveden popis serverovny Ústavu informatiky a vše, co se týče jeho IT aktiv. Třetí část se zabývá samotným návrhem plánu obnovy při katastrofě, který bude sloužit jako vnitřní směrnice školy a podklad pro dokument o systému řízení kontinuity činností., This diploma thesis deals with the proposal of a “Disaster Recovery Plan” for the Informatics department at BUT’s Faculty of Business and Management. The first part consists of theoretical basis of crucial parts of disaster recovery plan, which is the very foundation for the proposal itself. The second part follows up with a description of the server room of the Informatics department, in particular its IT equipment. The third part deals with the very disaster recovery plan proposal which will function as a school code regulation and a foundation for a Business Continuity Management System document.

24. Case Management jako přístup k designu knowledge management systémů používaných CSIRT týmy

Author: Sedlák, Petr, Milan,, Boháček, Tichý, Dušan, Sedlák, Petr, Milan,, Boháček, and Tichý, Dušan
Abstract: Tématem této práce je využití case management přístupu při designu knowledge management systémů pro IR (skupiny reakce na incidenty) CSIRT týmů. Cílem práce je vysvětlit pojem case management, jak může být aplikován při podpoře rozhodování znalostních pracovníků skupiny reakce na incidenty a jaké benefity přináší toto použití case management přístupu organizaci z hlediska ekonomického a z hlediska znalostního kapitálu. Práce popisuje návrh informačního systému založeného na principech case managementu, návrh transformuje stávající procesy v procesy využívající knowledge management a pokročilou automatizaci. Návrh je demonstrovaný na prototypu, který prezentuje hlavní procesy a kroky znalostního pracovníka při řešení spear-phishing incidentu., The topic of this thesis is an application of the case management approach when designing knowledge management systems used by the Incident Response part of CSIRT teams. The thesis aims to explain what case management is, how it can be applied to support the work of incident response knowledge workers, and what kind of economic and knowledge management benefits it brings to an organization. The thesis proposes a case management-based information system design that transforms an organization's processes into ones that leverage knowledge management and automation principles to support the expert workers. The transformation is demonstrated on a real-life prototype, presenting the main processes/steps of solving a spear-phishing incident using the described case management system.

25. Posouzení a návrh informační bezpečnosti v organizaci

Author: Ondrák, Viktor, Šarbort, Jakub, Rybáková, Alena, Ondrák, Viktor, Šarbort, Jakub, and Rybáková, Alena
Abstract: Tato diplomová práce pojednává o problematice informační bezpečnosti v organizaci. Snahou autorky je získat široký přehled souvislostí, které potom budou zhodnoceny v závěrečné části, při poskytování konkrétních doporučení. V této práci je tedy rozebírán systém řízení bezpečnosti informací, systém managementu služeb a kybernetická bezpečnost jak v teoretické rovině, tak z hlediska reálné aplikace v konkrétní organizaci. Cílem práce je poskytnutí vlastních doporučení na zlepšení., This diploma thesis deals with the issue of information security in the organization. Author's effort is to gain a broad overview of connections, which will then be evaluated in the final section, providing concrete recommendations. In this thesis it is discussed information security management system, service management system and cyber security, both in theory and in terms of real application in a particular organization. The aim is to provide own recommendations for improvement.

26. Návrh zavedení bezpečnostních opatření v souladu s ISMS pro obchodní společnost

Author: Sedlák, Petr, Ondrák, Viktor, Dočekal, Petr, Sedlák, Petr, Ondrák, Viktor, and Dočekal, Petr
Abstract: Diplomová práce se zaměřuje na oblast bezpečnostních opatření v souladu se systémem řízení bezpečnosti informací. Představuje základní teoretická východiska problematiky informační a kybernetické bezpečnosti a popisuje současný stav ve společnosti. Výstupem je návrh zavedení bezpečnostních opatření přispívajících ke zvýšení bezpečnosti informací ve společnosti., The master’s thesis focuses on area of security countermeasures in accordance with information security management system. Presents basic theoretical background of information and cyber security and describes a current state in the company. The thesis’s output is the design of security countermeasures implementation which contribute to information security in the company.

27. Metodika asistovaného zhodnocení

Author: Sedlák, Petr, Hana,, Sobotková, Kroupová, Hana, Sedlák, Petr, Hana,, Sobotková, and Kroupová, Hana
Abstract: Tato diplomová práce se zabývá asistovaným zhodnocením. Záměrem práce je vytvořit metodiku, která může pomoci při zpracování asistovaných zhodnocení a zjištění aktuálního reálného stavu kybernetické a informační bezpečnosti ve společnosti. Teoretická část se věnuje základním pojmům a terminologii, která se týká kybernetické a informační bezpečnosti. Vlastní návrh obsahuje popis jednotlivých oblastí metodiky asistovaného zhodnocení., The master‘s thesis is focused on security audit. The aim of this thesis is to create methodology, which might help with creating security audits and research current condition of cybernetic and information security in a business establishment. Theoretical part explains basic terms and concepts about cyber and information security. Own interpretation consist description of methodological areas of security audit.

28. Implementace minimálního bezpečnostního standardu ve společnosti

Author: Sedlák, Petr, Květoslav,, Hošek, Křiva, Adam, Sedlák, Petr, Květoslav,, Hošek, and Křiva, Adam
Abstract: Předmětem diplomové práce je implementace minimálního bezpečnostního standardu v rámci společnosti. Práce se v první části zaměřuje na teoretická východiska. Následně je provedena analýza současného stavu ve společnosti. Vlastní návrh řešení určuje rozsah minimálního bezpečnostního standardu, identifikuje a hodnotí aktiva, popisuje vytvořené bezpečnostní politiky po manažerské i technické stránce. Vytvořené bezpečnostní politiky jsou následně ekonomicky zhodnoceny., The subject of the diploma thesis is the implementation of a minimal security standard within a company. The thesis focuses on theoretical foundations in the first part. Subsequently is conducted an analysis of the current state within the company. The actual solution proposal determines the scope of the minimal security standard, identifies and evaluates assets, describes the created security policies from the managerial and technical aspects. The developed security policies are then economically assessed.

29. Budování bezpečnostního povědomí na základní škole

Author: Sedlák, Petr, Helena,, Doložílková, Kolajová, Jana, Sedlák, Petr, Helena,, Doložílková, and Kolajová, Jana
Abstract: Diplomová práce se zabývá problematikou budování bezpečnostního povědomí na základní škole. Práci lze rozdělit na tři hlavní části. V úvodní části jsou uvedeny základní pojmy z oblasti informační bezpečnosti a stručný popis legislativních náležitostí, které je třeba dodržet pro správný návrh programu. Ve druhé části je provedena analýza současné situace na vybrané základní škole, včetně zpracování analýzy SLEPT, Porterovy analýzy pěti sil, analýzy 7S a SWOT. V praktické části je představen návrh zavedení programu, který je plně uzpůsoben požadavkům a potřebám základní školy. V poslední části jsou zhodnoceny přínosy a nedostatky zavedeného řešení., This diploma thesis is focused on the development of informational environment safety awareness at primary schools. The thesis consists of three main parts. The introduction explains the basic safety terms and briefly describe the legislative essentials necessary for this proposal. The second part consists of the analysis of the current situation at the school chosen for this research, including SLEPT analysis, Porter´s analysis, 7S analysis, and SWOT analysis. The practical part introduces the proposal of implementation of the program which is tailored to the requirements and needs of the primary school. The final part evaluates the pros and cons of the implemented solution.

30. Porovnání výuky informační a kybernetické bezpečnosti v České republice a Jižní Koreji s návrhy na zlepšení

Author: Sedlák, Petr, Zápotočný, Matej, Šisler, Marcel, Sedlák, Petr, Zápotočný, Matej, and Šisler, Marcel
Abstract: Tato diplomová práce se zabývá návrhem na zlepšení současného stavu výuky informační a kybernetické bezpečnosti v České republice. Tyto návrhy pramení ze srovnání výuky na Vysokém učení technickém v Brně - Fakultě podnikatelské a Hallym University v Jižní Koreji. Dalším podkladem je analýza trendů v oblasti kybernetických útoků a srovnání této oblasti mezi Českou republikou a Jižní Koreou., This diploma thesis deals with a suggestions to improve the current state of education information and cyber security in the Czech Republic. These suggestions are from a comparison of education at the Brno University of Technology - Faculty of Business and Hallym University in South Korea. Another part is the analysis of trends in the field of cyber attacks and comparison of this area between the Czech Republic and South Korea.

31. Aplikace fuzzy logiky při hodnocení stavu informačních systémů

Author: Janková, Zuzana, Václavík, Lukáš, Kocman, David, Janková, Zuzana, Václavík, Lukáš, and Kocman, David
Abstract: Diplomová práce se zabývá problematikou aplikace rozhodovacích modelů na proces hodnocení stavu informačního systému. Rozhodovací modely, vyzívající principy fuzzy logiky, budou realizovány v prostředí MS Excel a MathWorks MATLAB. Práce popisuje teoretická východiska společně s rozborem metodik sloužících k hodnocení informačního systému na jejichž základě byly realizovány rozhodující modely, které byli na danou problematiku aplikovány., The master’s thesis deals with the application of decision models to the process of evaluating the state of an information system. Decision models, challenging the principles of fuzzy logic, will be implemented in MS Excel and MathWorks MATLAB. The thesis describes the theoretical background together with the analysis of methodologies used for the evaluation of the information system on the basis of which the decision models were implemented and applied to the problem.

32. Statistický výstup z asistovaných zhodnocení

Author: Sedlák, Petr, Vlastimil,, Svoboda, Hrubešová, Gabriela, Sedlák, Petr, Vlastimil,, Svoboda, and Hrubešová, Gabriela
Abstract: Předmětem této diplomové práce je statistická analýza asistovaných zhodnocení. Teoretická část popisuje klíčové pojmy z oblasti kybernetické a informační bezpečnosti, základní podklady pro tuto oblast a důležité předpisy. Další část se zaměřuje na popis asistovaného zhodnocení, jeho průběhu, nutných podmínek a obsahu. V poslední části se věnujeme statistické analýze získaných vzorků. Vzorky analyzujeme z několika úhlů pohledu, porovnáváme a hledáme vlastnosti a informace, které by mohly být nápomocné pro auditory při hodnocení., The subject of this diploma thesis is a statistical analysis of security audits. The theoretical part describes key terms in the field of cyber and information security, basic background for this area and important regulations. The next part focuses on the description of security audit, its course, necessary conditions and content. The last part is devoted to statistical analysis of obtained samples. We analyse samples from several points of view, compare and look for features and information that could be helpful to the auditor’s assessment.

33. Case Management jako přístup k designu knowledge management systémů používaných CSIRT týmy

Author: Sedlák, Petr, Milan,, Boháček, Tichý, Dušan, Sedlák, Petr, Milan,, Boháček, and Tichý, Dušan
Abstract: Tématem této práce je využití case management přístupu při designu knowledge management systémů pro IR (skupiny reakce na incidenty) CSIRT týmů. Cílem práce je vysvětlit pojem case management, jak může být aplikován při podpoře rozhodování znalostních pracovníků skupiny reakce na incidenty a jaké benefity přináší toto použití case management přístupu organizaci z hlediska ekonomického a z hlediska znalostního kapitálu. Práce popisuje návrh informačního systému založeného na principech case managementu, návrh transformuje stávající procesy v procesy využívající knowledge management a pokročilou automatizaci. Návrh je demonstrovaný na prototypu, který prezentuje hlavní procesy a kroky znalostního pracovníka při řešení spear-phishing incidentu., The topic of this thesis is an application of the case management approach when designing knowledge management systems used by the Incident Response part of CSIRT teams. The thesis aims to explain what case management is, how it can be applied to support the work of incident response knowledge workers, and what kind of economic and knowledge management benefits it brings to an organization. The thesis proposes a case management-based information system design that transforms an organization's processes into ones that leverage knowledge management and automation principles to support the expert workers. The transformation is demonstrated on a real-life prototype, presenting the main processes/steps of solving a spear-phishing incident using the described case management system.

34. Zavedení ISMS v malém podniku

Author: Sedlák, Petr, Vlastimil,, Svoboda, Svoboda, Milan, Sedlák, Petr, Vlastimil,, Svoboda, and Svoboda, Milan
Abstract: Diplomová práce se zabývá návrhem zavedení systému řízení bezpečnosti informací (ISMS) v malém podniku. V této práci jsou rozebrána teoretická východiska, která jsou nutná pro pochopení a navržení ISMS. Návrh zavedení ISMS je zpracován na základě analýzy současného stavu bezpečnosti společnosti. Navržená bezpečnostní opatření vychází ze současného stavu bezpečnosti informací ve společnosti a doporučení norem řady ISO/IEC 27000., The diploma thesis focuses on proposing an information security management system (ISMS) in a small company. This publication includes theoretical facts, which are needed to understand and design a ISMS. The design proposal of the ISMS itself is based on an analysis of the current status of the company's information security. The proposed security measures are based on the actual state of information security within the company, and on recommendations stemming from the ISO/IEC 27000 standard.

35. Informační bezpečnost jako jeden z ukazatelů hodnocení výkonnosti v energetické společnosti

Author: Sodomka, Petr, Svoboda, Vlastimil, Kubík, Lukáš, Sodomka, Petr, Svoboda, Vlastimil, and Kubík, Lukáš
Abstract: Diplomová práce se zabývá hodnocením stavu informační bezpečnosti a jeho využitím jako ukazatele podnikové výkonnosti v energetické společnosti. Kapitola analýza problému a současné situace předkládá poznatky o stavu bezpečnosti informací a etapě zavádění ISMS. Praktická část se zaměřuje na analýzu rizik a hodnocení úrovně zralosti procesů, na jejichž základě jsou navržena bezpečnostní opatření a doporučení. Zároveň jsou navrženy metriky pro posouzení úrovně bezpečnosti informací., Master thesis is concerned with assessing the state of information security and its use as an indicator of corporate performance in energy company. Chapter analysis of the problem and current situation presents findings on the state of information security and implementation stage of ISMS. The practical part is focused on risk analysis and assessment the maturity level of processes, which are submitted as the basis for the proposed security measures and recommendations. There are also designed metrics to measure level of information security.

36. Implementace nástroje pro řízení kybernetické bezpečnosti

Author: Sedlák, Petr, Josef,, Horáček, Strachová, Zuzana, Sedlák, Petr, Josef,, Horáček, and Strachová, Zuzana
Abstract: Diplomová práce je zaměřena na implementaci softwarového nástroje pro zvýšení efektivity řízení kybernetické bezpečnosti. Nástroj je implementován ve společnosti připravující se na zařazení do kritické informační infrastruktury. Na základě požadavků zadavatele je vybrán vhodný nástroj řízení kybernetické bezpečnosti. Následně navrhuji metodiku implementace nástroje, kterou vzápětí aplikuji. Výstupem práce je implementovaný nástroj, analýza rizik a ze zákona povinná bezpečnostní dokumentace., The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.

37. Technika SQL injection - její metody a způsoby ochrany

Author: Kříž, Jiří, Sedlák, Petr, Bahureková, Beáta, Kříž, Jiří, Sedlák, Petr, and Bahureková, Beáta
Abstract: SQL injection je technika namierená proti webovým aplikáciám využívajúcim SQL databázu, ktorá môže predstavovať obrovské bezpečnostné riziko. Ide v nej o vloženie kódu do SQL databáze, pričom tento útok využíva zraniteľnosti v databázovej alebo aplikačnej vrstve. Hlavným cieľom mojej diplomovej práce je oboznámenie sa s podstatou SQL injection, pochopenie jednotlivých metód tejto útočnej techniky a ukázanie si spôsobov ako sa proti nej možno brániť. Prácu možno rozdeliť na tieto hlavné časti, ktoré rozoberiem nasledovne. V úvodnej časti práce zmieňujem teoretické východiska týkajúce sa SQL injection problematiky. Nasledujúca kapitola je zameraná na jednotlivé metódy tejto techniky. Analytická časť je venovaná zmapovaniu súčasného stavu testovacích subjektov, skenovacích nástrojov, ktoré tvoria základ pre optimálne skúmanie a testovanie jednotlivých SQLi metód, ktoré sú v tejto časti rozobraté z praktického hľadiska spolu s analýzou príkazov. V poslednej časti budem implementovať SQLi metódy na vybrané subjekty a na základe výstupov vytvorím univerzálne návrhové riešenie ako sa proti takýmto útokom brániť., SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.

38. Návrh, tvorba a implementace softwarové aplikace ve firemním prostředí

Author: Novák, Lukáš, Koch, Miloš, Zavadilová, Patrícia, Novák, Lukáš, Koch, Miloš, and Zavadilová, Patrícia
Abstract: Diplomová práce se zabývá návrhem a implementací řešení převedení firemní softwarové aplikace do mobilní a webové podoby. Pilíře práce stojí nejen na zefektivnění firemních procesů, ale také na zachování otázky informační a kybernetické bezpečnosti. Výsledkem by měl být systém, který přinese inovativní a pohodlné řešení, časovou a finanční úsporu., The master’s thesis is focused on the design and creation of a solution for converting company’s software application into the mobile and web form. The main goal is make business processes more efficient and maintain information and cyber security. The result should be a system that brings an innovative and convenient solution, time and financial savings.

39. Vytvoření help desku SW nástroje pro řízení kybernetické bezpečnosti

Author: Sedlák, Petr, Svoboda Vlastimil, Ing., MBA, Brzobohatá, Veronika, Sedlák, Petr, Svoboda Vlastimil, Ing., MBA, and Brzobohatá, Veronika
Abstract: Diplomová práce je zaměřena na tvorbu návrhu helpdesku pro software ESKO. Tento ESKO software vyvinula firma ISIT Slovakia s.r.o. Helpdesk bude znázorněn pomocí několika softwarů. Některé se používají pro tvorbu diagramů a znázornění workflow, další pak pro grafické úpravy. Helpdesk bude vytvořen na základě aktuálních potřeb firmy a následně jí bude dodán jako výsledný produkt. Hlavním cílem je rozšířit funkcionalitu webu a doplnění tohoto webu o navrhnutý helpdesk. Bonusem bude knihovna dotazů, která bude fungovat na principu SQL databáze., The diploma thesis is focused on the creation of a helpdesk design for ESKO software. This ESKO software was developed by ISIT Slovakia s.r.o. The helpdesk will be represented by several software. Some are used to create diagrams and represent workflows, others for graphic editing. The helpdesk will be created based on the current needs of the company and then delivered to it as the final product. The main goal is to extend the functionality of an existing website and add to this website and the proposed helpdesk. The bonus will be a query library, which should work on the principle of an SQL database.

40. Technické opatření pro zajištění informační bezpečnosti na podnikatelské fakultě

Author: Sedlák, Petr, Kubek, Ján, Kajan, Tomáš, Sedlák, Petr, Kubek, Ján, and Kajan, Tomáš
Abstract: Diplomová práca sa zameriava na návrh technických opatrení slúžiacich na docielenie informačnej bezpečnosti na Fakulte podnikateľskej, ktorá je súčasťou univerzity Vysoké učení technické v Brne. Návrh sa vo veľkej miere riadi Vyhláškou o kybernetickej bezpečnosti, ktorú dopĺňa rada noriem ISO/IEC 27000. Výstupom práce sú technické opatrenia, ktoré doprevádzajú smernice na vybrané časti opatrení., The diploma thesis focuses on the design of technical measures used to achieve information security at the Faculty of Business and Management, which is part of the Brno University of Technology. The proposal is largely governed by the Cyber Security Ordinance, which is complemented by a series of ISO/IEC 27000 standards. The output of the work is technical measures that accompany the directives on selected parts of the measures.

41. Posouzení a návrh informační bezpečnosti v organizaci

Author: Ondrák, Viktor, Šarbort, Jakub, Rybáková, Alena, Ondrák, Viktor, Šarbort, Jakub, and Rybáková, Alena
Abstract: Tato diplomová práce pojednává o problematice informační bezpečnosti v organizaci. Snahou autorky je získat široký přehled souvislostí, které potom budou zhodnoceny v závěrečné části, při poskytování konkrétních doporučení. V této práci je tedy rozebírán systém řízení bezpečnosti informací, systém managementu služeb a kybernetická bezpečnost jak v teoretické rovině, tak z hlediska reálné aplikace v konkrétní organizaci. Cílem práce je poskytnutí vlastních doporučení na zlepšení., This diploma thesis deals with the issue of information security in the organization. Author's effort is to gain a broad overview of connections, which will then be evaluated in the final section, providing concrete recommendations. In this thesis it is discussed information security management system, service management system and cyber security, both in theory and in terms of real application in a particular organization. The aim is to provide own recommendations for improvement.

42. Implementace minimálního bezpečnostního standardu ve společnosti

Author: Sedlák, Petr, Květoslav,, Hošek, Křiva, Adam, Sedlák, Petr, Květoslav,, Hošek, and Křiva, Adam
Abstract: Předmětem diplomové práce je implementace minimálního bezpečnostního standardu v rámci společnosti. Práce se v první části zaměřuje na teoretická východiska. Následně je provedena analýza současného stavu ve společnosti. Vlastní návrh řešení určuje rozsah minimálního bezpečnostního standardu, identifikuje a hodnotí aktiva, popisuje vytvořené bezpečnostní politiky po manažerské i technické stránce. Vytvořené bezpečnostní politiky jsou následně ekonomicky zhodnoceny., The subject of the diploma thesis is the implementation of a minimal security standard within a company. The thesis focuses on theoretical foundations in the first part. Subsequently is conducted an analysis of the current state within the company. The actual solution proposal determines the scope of the minimal security standard, identifies and evaluates assets, describes the created security policies from the managerial and technical aspects. The developed security policies are then economically assessed.

43. Budování bezpečnostního povědomí na základní škole

Author: Sedlák, Petr, Helena,, Doložílková, Kolajová, Jana, Sedlák, Petr, Helena,, Doložílková, and Kolajová, Jana
Abstract: Diplomová práce se zabývá problematikou budování bezpečnostního povědomí na základní škole. Práci lze rozdělit na tři hlavní části. V úvodní části jsou uvedeny základní pojmy z oblasti informační bezpečnosti a stručný popis legislativních náležitostí, které je třeba dodržet pro správný návrh programu. Ve druhé části je provedena analýza současné situace na vybrané základní škole, včetně zpracování analýzy SLEPT, Porterovy analýzy pěti sil, analýzy 7S a SWOT. V praktické části je představen návrh zavedení programu, který je plně uzpůsoben požadavkům a potřebám základní školy. V poslední části jsou zhodnoceny přínosy a nedostatky zavedeného řešení., This diploma thesis is focused on the development of informational environment safety awareness at primary schools. The thesis consists of three main parts. The introduction explains the basic safety terms and briefly describe the legislative essentials necessary for this proposal. The second part consists of the analysis of the current situation at the school chosen for this research, including SLEPT analysis, Porter´s analysis, 7S analysis, and SWOT analysis. The practical part introduces the proposal of implementation of the program which is tailored to the requirements and needs of the primary school. The final part evaluates the pros and cons of the implemented solution.

44. Nasazení DLP řešení v energetické společnosti

Author: Sedlák, Petr, Veselý Jindřich, Ing., MBA, Přikryl, Adam, Sedlák, Petr, Veselý Jindřich, Ing., MBA, and Přikryl, Adam
Abstract: Diplomová práce se zabývá posouzením nasazení DLP řešení v energetické společnosti se zvážením přechodu na jiného dodavatele. První část shrnuje teoretická východiska potřebná pro pochopení problematiky ochrany dat a DLP systémů. V druhé části je provedena analýza současného stavu společnosti s analýzou vybraných částí. Třetí část představuje návrh řešení, ten se opírá o teoretická východiska a analýzu současného stavu, zahrnuje popis systémů, návrh přechodu na jiného dodavatele a ekonomické zhodnocení., The diploma thesis deals with the assessment of the deployment of DLP solutions in an energy company with the consideration of transition to another supplier. The first part summarizes the theoretical background needed to understand the issues of data protection and DLP systems. The second part provides an analysis of the current state of the company. The third part presents a proposed solution, which is based on the theoretical background and analysis of the current state, includes a description of the systems, a proposal for switching to another supplier and an economic evaluation.

45. Ekonomické dopady implementace SW nástroje pro shodu s VKB do podnikového prostředí

Author: Sedlák, Petr, Svoboda Vlastimil, Ing., MBA, Nováková, Natálie, Sedlák, Petr, Svoboda Vlastimil, Ing., MBA, and Nováková, Natálie
Abstract: Diplomová práce je zaměřena na posouzení ekonomických dopadů zavedení softwarového nástroje pro shodu s Vyhláškou o kybernetické bezpečnosti (VKB) do podnikového prostředí. V rámci práce byla provedena analýza dostupných nástrojů pro správu kybernetické bezpečnosti včetně jejich srovnání. Na základě výsledků tohoto srovnání byl vybrán konkrétní nástroj, který se jeví jako nejvhodnější. Výstupem této práce je ekonomické porovnání nákladů spojených s jednotlivými možnostmi řešení., This thesis focuses on evaluating the economic impact of implementing a software tool for compliance with the Cybersecurity Decree (VKB) in a corporate environment. As part of the thesis, an analysis of available cybersecurity management tools was conducted, including a comparison of their features and functionalities. Based on the results of this comparison, a specific tool was selected that appears to be the most suitable. The output of this thesis is an economic comparison of the costs associated with each solution option.

46. Metodika zabezpečení advokátní kanceláře

Author: Sedlák, Petr, Mikuláš,, Vargic, Veselý, Marek, Sedlák, Petr, Mikuláš,, Vargic, and Veselý, Marek
Abstract: Tématem diplomové práce je vytvoření metodiky a následné zabezpečení zařízení včetně ochrany dat pro advokátní kancelář. Práce obsahuje teoretická východiska, analýzu současného stavu společnosti, ze které vychází návrh řešení. Návrh řešení obsahuje analýzu rizik a návrh vhodných bezpečnostních opatření včetně implementačních doporučení pro eliminaci nebo minimalizaci identifikovaných rizik., The topic of the master‘s thesis is the creation of methodology and subsequent security of equipment including data protection for a law firm. The thesis contains theoretical background, analysis of the current state of the company, on which the proposed solution is based. The proposed solution includes risk analysis and proposal of appropriate security measures including implementational recommendations for the elimination or minimization of identified risks.

47. GAP analýza systému řízení bezpečnosti informací

Author: Sedlák, Petr, Tomáš,, Krejčí, Konečný, Martin, Sedlák, Petr, Tomáš,, Krejčí, and Konečný, Martin
Abstract: Diplomová práce se zaměřuje na GAP analýzu systému řízení bezpečnosti informací. Práce se skládá z teoretické, analytické a praktické části. První část pojednává o teoretických východiscích problematiky informační a kybernetické bezpečnosti. Analytická část popisuje současný stav ve zkoumané společnosti. Výstupem práce je návrh registru rizik a návrh zavedení bezpečnostních opatření. Návrh cílí na opatření vedoucí k zvýšení bezpečnosti informací ve společnosti, The master’s thesis focuses on GAP analysis of information security management system. The thesis consists of theoretical, analytical and practical part. The first part discusses the theoretical background of the issue of information and cyber security. The analytical part describes the current condition of the researched company. The thesis’s output is the draft of risk register and draft of security countermeasures implementation. The draft targets on countermeasures leading to increase information security in company.

48. Zavedení standardu ISO 27701 do firmy využitím Gap analýzy

Author: Sedlák, Petr, Konečný, Martin, Sedlák, Petr, and Konečný, Martin
Abstract: Tahle práce se zabývá tématem analýzy stavu systému pro implementaci rozšiřujícího standardu ISO 27701: 2019 v konkrétní společnosti. Společnost tímto standardem navazuje na již zavedený standard ISO 27001. V práci je hodnoceno kontrolní prostředí předepsaném požadavků normy ISO 27701: 2019. Teoretická část práce obsahuje poznatky z oblasti bezpečnosti informací, popisuje sadu norem ISO 27000 a také popisuje evropske a české právní akty vztahující se na bezpečnost informací. V další části je provedena analýza společnosti s následným aplikováním opatření při zavedení rozšiřujícího standardu ISO 27701. Přínosem této práce je vyhodnocení analýzy, která vyplývá ze zavedení doporučeného standardu k řešení zvýšeného množství bezpečnostních hrozeb a ochraně bezpečnosti informací., This thesis analyses current state of the system for implementation of standard ISO 27701: 2019 extention. This standard extends already established standard ISO 27001. The thesis evaluates set of controls to the requirements of standard ISO 27701: 2019. Theoretical part contains information regarding the information security, describes a set of ISO 27000 standards as well as European and Czech legal acts related to information security. Following analysis of the company is performed with the application of security measures while implementing the extension standard ISO 27701. Contribution of this thesis is evaluation of the analysis which results from implementation of recommended standard to address the increased number of security threats and the protection of security information.

49. Návrh Plánu obnovy pro infrastrukturu podnikatelské fakulty

Author: Sedlák, Petr, Kubek, Ján, Sedlák, Petr, and Kubek, Ján
Abstract: Tato diplomová práce se zabývá návrhem plánu obnovy při katastrofě pro serverovnu Ústavu informatiky fakulty podnikatelské při VUT v Brně. V první části jsou popsána teoretická východiska jednotlivých částí plánu obnovy, která slouží jako podklad pro samotný návrh. V druhé části práce je uveden popis serverovny Ústavu informatiky a vše, co se týče jeho IT aktiv. Třetí část se zabývá samotným návrhem plánu obnovy při katastrofě, který bude sloužit jako vnitřní směrnice školy a podklad pro dokument o systému řízení kontinuity činností., This diploma thesis deals with the proposal of a “Disaster Recovery Plan” for the Informatics department at BUT’s Faculty of Business and Management. The first part consists of theoretical basis of crucial parts of disaster recovery plan, which is the very foundation for the proposal itself. The second part follows up with a description of the server room of the Informatics department, in particular its IT equipment. The third part deals with the very disaster recovery plan proposal which will function as a school code regulation and a foundation for a Business Continuity Management System document.

50. Řešení kybernetické bezpečnosti a incident handlingu na FP VUT

Author: Sedlák, Petr, Vítězslav,, Pernica, Sedlák, Petr, and Vítězslav,, Pernica
Abstract: Diplomová práce se věnuje návrhu rámce pro řešení kybernetické bezpečnosti ve vybrané organizaci. První část představuje teoretická východiska nutná pro pochopení bezpečnostní situace v ČR a ve světě. Následná kapitola pak obsahuje výsledky analýz současného stavu kyberbezpečnosti v organizaci, pro kterou pak v části třetí sestavuji vhodný pracovní rámec, včetně doporučených nástrojů a postupů k zajištění kvalitního řešení kyberbezpečnosti a její udržitelnosti., The diploma thesis deals with design of cyber security solution in given organisation. The first part describes theoretical basis needed for basic understanding the security question in CZ and in the world. The following chapter then contains analysis outcome of current state of organisation, for which in the third part I compile a suitable framework, including needed tools and procedures, to settle a proper cyber security solution and its sustainability.

Catalog

Books, media, physical & digital resources

See catalog results

Searchworks

Select search scope, currently: Articles Catalog books, media & more in Jio Institute collections Articles journal articles & other e-resources

Search

Search Constraints

Refine your results

Search Limiters

Publication Year Range

Publication Type

Database

144 results on '"cyber security"'

Search Results

Catalog

Select search scope, currently: Articles

Catalog

books, media & more in Jio Institute collections

Articles

journal articles & other e-resources