Cybersecurity Self-Assessment Tools Based on ISO/IEC 27002 for SME

 




 

Loh, Chuen Simm (2021) Cybersecurity Self-Assessment Tools Based on ISO/IEC 27002 for SME. Final Year Project (Bachelor), Tunku Abdul Rahman University College.

[img] Text
Loh Chuen Simm.pdf
Restricted to Registered users only

Download (1MB)

Abstract

In this day and age, as technology advances at a steady pace, cyberspace has grown significantly thanks to the emergence of the Internet of Things (IoT). Cybersecurity problems or threats are the most major problem to the small to medium enterprises (SMEs). This is because the SMEs are currently facing the security threats from the attackers and they would like to run their business without any security concerns. Our aim is to create a self-assessment tool based on ISO/IEC 27002 controls to evaluate the security issues and give a scoring of the organization’s assets. Our target is the SMEs because these tools can help them to mitigate the security risks. Besides, this tool comes with English and we also target IT professionals. The scope of this project covers 3 different types of SMEs which are organizations with standalone systems, Organization with Local Area Network, File Server and/or Application System, and Organization with Local Area Network, File Server and/or Application System and dedicated IT team to maintain such facilities and let them to proceed with different level of questions. A lot of tools will be used to develop this project such as iText, SMTP, rdlc and so forth. We are using the waterfall model to run through the project. The testing areas will be focused on the organizations with standalone systems, Organization with Local Area Network, File Server and/or Application System, and Organization with Local Area Network, File Server and/or Application System and dedicated IT team to maintain such facilities before we launch. In a nutshell, this tool can analyze the security risk and expose the gap of the security issues of an organization. This tool is still not being tested by any organization and with more users tested, the better the tools to enhance.

Item Type: Final Year Project
Subjects: Science > Computer Science
Science > Computer Science > Internet
Technology > Technology (General) > Information technology. Information systems
Faculties: Faculty of Computing and Information Technology > Bachelor of Information Technology (Honours) in Information Security
Depositing User: Library Staff
Date Deposited: 12 Aug 2021 06:58
Last Modified: 12 Aug 2021 06:58
URI: https://eprints.tarc.edu.my/id/eprint/19191