The rapid evolution of digital technologies has radically changed industries, enabling more efficient and scalable operations, but also introducing new cybersecurity challenges. Sectors such as healthcare have become prime targets for cyberattacks, with the number of incidents rising dramatically in recent years. This increase is often linked to the vulnerabilities created by the interconnected nature of digital systems and the shortage of skilled cybersecurity professionals. In response, to secure their systems and to implement an effective risk management plan, organizations must navigate several complex security frameworks requiring a deep understanding of evolving regulations and proactive adaptation to the security best practices. This thesis contributes to addressing these challenges by presenting a systematization of key cybersecurity documents and the development of a contextualized security prototype for the healthcare sector. We propose a semi-automated mapping process using Natural Language Processing (NLP) models to align vulnerabilities with fitting security controls, significantly reducing the time and effort required for cybersecurity decision-making. Our results show how this approach can streamline the implementation of security measures, improve regulatory compliance, and enhance overall cybersecurity resilience.

Enhancing cybersecurity framework adoption: methodologies and techniques for contexts specific implementations

CARELLO, MARIA PATRIZIA
2025

Abstract

The rapid evolution of digital technologies has radically changed industries, enabling more efficient and scalable operations, but also introducing new cybersecurity challenges. Sectors such as healthcare have become prime targets for cyberattacks, with the number of incidents rising dramatically in recent years. This increase is often linked to the vulnerabilities created by the interconnected nature of digital systems and the shortage of skilled cybersecurity professionals. In response, to secure their systems and to implement an effective risk management plan, organizations must navigate several complex security frameworks requiring a deep understanding of evolving regulations and proactive adaptation to the security best practices. This thesis contributes to addressing these challenges by presenting a systematization of key cybersecurity documents and the development of a contextualized security prototype for the healthcare sector. We propose a semi-automated mapping process using Natural Language Processing (NLP) models to align vulnerabilities with fitting security controls, significantly reducing the time and effort required for cybersecurity decision-making. Our results show how this approach can streamline the implementation of security measures, improve regulatory compliance, and enhance overall cybersecurity resilience.
21-gen-2025
Inglese
QUERZONI, Leonardo
BONOMI, Silvia
LEOTTA, FRANCESCO
Università degli Studi di Roma "La Sapienza"
79
File in questo prodotto:
File Dimensione Formato  
Tesi_dottorato_Carello.pdf

accesso aperto

Dimensione 4.84 MB
Formato Adobe PDF
4.84 MB Adobe PDF Visualizza/Apri

I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14242/190279
Il codice NBN di questa tesi è URN:NBN:IT:UNIROMA1-190279