Data-driven Security Assessments for Predicting Information Security Maturity Levels

This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework, which is adapted from ISO 27001. It compares the performance of conventional machine learning algorithms, such as Logistic Regression, Random...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of internet services and information security Jg. 15; H. 2; S. 906 - 925
Hauptverfasser: Muhammad, Alva Hendi, Hanafi, Hanafi, Ari Yuana, Kumara, Ghozali, Bahrun, Haris, Ruby
Format: Journal Article
Sprache:Englisch
Veröffentlicht: 30.05.2025
ISSN:2182-2069, 2182-2077
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework, which is adapted from ISO 27001. It compares the performance of conventional machine learning algorithms, such as Logistic Regression, Random Forest, Decision Tree, and Support Vector Machine, with advanced boosting methods, including CatBoost, Gradient Boosting, LightGBM, and XGBoost. Findings reveal that boosting models outperform traditional classifiers, with CatBoost achieving the highest accuracy (98.45%) and balanced evaluation metrics, demonstrating strong capabilities in managing complex and imbalanced datasets. The integration of machine learning into the KAMI framework effectively addresses key cybersecurity challenges, including the analysis of unstructured data and the expansion of assessment coverage. This research highlights the practical benefits for organizations and technology providers by showing how ML-powered tools can streamline risk assessments, enhance strategic decision-making, and strengthen cybersecurity resilience. By aligning with global standards and utilizing AI, the study contributes to the advancement of efficient and scalable ISRA methodologies, paving the way for future innovation at the intersection of machine learning and cybersecurity
ISSN:2182-2069
2182-2077
DOI:10.58346/JISIS.2025.I2.060