An ontological approach to compliance verification of the NIS 2 directive. (arXiv:2306.17494v1 [cs.CR])

Cybersecurity, which notoriously concerns both human and technological
aspects, is becoming more and more regulated by a number of textual documents
spanning several pages, such as the European GDPR Regulation and the NIS
Directive. This paper introduces an approach that leverages techniques of
semantic representation and reasoning, hence an ontological approach, towards
the compliance check with the security measures that textual documents
prescribe. We choose the ontology instrument to achieve two fundamental
objectives: domain modelling and resource interrogation. The formalisation …

compliance cybersecurity documents gdpr human nis nis 2 nis 2 directive nis directive reasoning regulation representation spanning techniques verification