| Abstract [eng] |
The aim of this master's thesis is to develop a cyber security risk scenario generation method for artificial intelligence (AI) systems used in financial institutions. The research seeks to identify and evaluate potential cyber security threats that arise in AI systems within the financial sector. The first part of the thesis examines the concept of artificial intelligence, its core elements, and levels of autonomy. It explores the development of AI systems in the financial sector while highlighting emerging security challenges. Additionally, the structure of financial institutions and the regulatory environment for AI systems are analysed, along with the requirements for risk management to ensure the reliability and security of these systems. The second part focuses on the methodology for generating cyber security risk scenarios. It discusses the fundamental components of risk scenarios, the taxonomy of scenario elements, and compares existing tools available in the market. Furthermore, it explores cyber security risk management standards, providing a foundation for systematic and structured risk modelling. In the practical part, a cyber security risk scenario generator is implemented using the GPT-4 (OpenAI) system. This generator is designed to address the specific needs of AI systems within financial institutions. The thesis analyses the development process, training stages, user interface features, and technical characteristics of the generator. The functionality of the generator is tested through experiments involving hypothetical financial institution cases to create and evaluate realistic cyber security risk scenarios. Practical examples illustrate potential threats and highlight opportunities to strengthen the security of AI systems. This tool assists organizations in effectively managing cyber security risks, enhancing the protection of AI systems in the financial sector, and contributing to the safer application of AI technologies. |
