Term of Award
Spring 2024
Degree Name
Master of Science, Information Technology
Document Type and Release Option
Thesis (restricted to Georgia Southern)
Copyright Statement / License for Reuse
This work is licensed under a Creative Commons Attribution 4.0 License.
Department
Department of Information Technology
Committee Chair
Lei Chen
Committee Member 1
Yiming Ji
Committee Member 2
Jongyeop Kim
Abstract
As businesses become more digitalized, the software supply chain (SSC) has grown increasingly vital, yet it's also becoming more vulnerable to cyber threats. This is evident in the recent surge in attacks targeting the SSC. Highlighting the indispensable need for robust SSC security measures, this research emphasizes the importance of securing every facet of the software supply chain to mitigate unauthorized access, data breaches, and the insertion of malicious code. We advocate for the integration of Security Orchestration, Automation, and Response (SOAR) solutions, particularly through low-code or no-code platforms like Robotic Process Automation (RPA) to enhance Security Information and Event Management (SIEM) systems. RPA’s automation capabilities enhance cybersecurity efficiency by streamlining routine security tasks, thereby enabling Security Operations Center (SOC) analysts to focus on strategic security initiatives. Inspired by the MOVEit Transfer cyberattack incident of 2023, this research underscores the financial and operational impacts of SSC vulnerabilities and presents a model with seven key components. We put two components through rigorous testing and demonstration to showcase their integration potential. Our model not only exhibits the cost-effectiveness and scalability of RPA in bolstering security measures but also emphasizes its role in expediting threat detection and response. This research concludes with a proposed automation checklist for SSC security enhancement, detailing the application of RPA in automating specific security tasks, thereby advocating for a more resilient, efficient, and adaptable security infrastructure in the face of evolving cyber threats.
Recommended Citation
Adesola, Helen J., "Moveit Transfer Attack: Protecting Organizations From Similar Attacks Using Robotic Process Automation" (2024). Electronic Theses and Dissertations. 2735.
https://digitalcommons.georgiasouthern.edu/etd/2735
Research Data and Supplementary Material
No