Data-driven Security Assessments for Predicting Information Security Maturity Levels

This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework, which is adapted from ISO 27001. It compares the performance of conventional machine learning algorithms, such as Logistic Regression, Random...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Journal of internet services and information security Ročník 15; číslo 2; s. 906 - 925
Hlavní autoři: Muhammad, Alva Hendi, Hanafi, Hanafi, Ari Yuana, Kumara, Ghozali, Bahrun, Haris, Ruby
Médium: Journal Article
Jazyk:angličtina
Vydáno: 30.05.2025
ISSN:2182-2069, 2182-2077
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:This study investigates the use of machine learning to improve Information Security Risk Assessment (ISRA), with a particular emphasis on the KAMI framework, which is adapted from ISO 27001. It compares the performance of conventional machine learning algorithms, such as Logistic Regression, Random Forest, Decision Tree, and Support Vector Machine, with advanced boosting methods, including CatBoost, Gradient Boosting, LightGBM, and XGBoost. Findings reveal that boosting models outperform traditional classifiers, with CatBoost achieving the highest accuracy (98.45%) and balanced evaluation metrics, demonstrating strong capabilities in managing complex and imbalanced datasets. The integration of machine learning into the KAMI framework effectively addresses key cybersecurity challenges, including the analysis of unstructured data and the expansion of assessment coverage. This research highlights the practical benefits for organizations and technology providers by showing how ML-powered tools can streamline risk assessments, enhance strategic decision-making, and strengthen cybersecurity resilience. By aligning with global standards and utilizing AI, the study contributes to the advancement of efficient and scalable ISRA methodologies, paving the way for future innovation at the intersection of machine learning and cybersecurity
ISSN:2182-2069
2182-2077
DOI:10.58346/JISIS.2025.I2.060