Towards the Development of an LLM-Based Methodology for Automated Security Profiling in Compliance with Ukrainian Cybersecurity Regulations

TL;DR

This paper proposes an LLM-based methodology utilizing Retrieval-Augmented Generation to automate security profiling aligned with Ukrainian cybersecurity regulations, reducing manual effort and errors.

Contribution

It introduces a novel RAG-enhanced LLM approach for automating security profile development in compliance with national regulations.

Findings

The RAG-based advisor effectively reduces manual effort in security profiling.

The methodology ensures better alignment between technical controls and legal requirements.

It provides a structured workflow for AI-assisted cybersecurity management.

Abstract

In recent years, the pace of development of information technology in various areas has increased drastically, forcing cybersecurity specialists to constantly review existing processes in order to prevent unauthorized access to confidential information. Using Ukraine as a primary case study, this paper explores the integration of international best practices, specifically ISO/IEC 27001 and the NIST Cybersecurity Framework, into national regulatory systems. A focus is placed on the transition from traditional compliance models to risk-based approaches, exemplified by the recent adoption of the Ukrainian normative documents. Furthermore, we propose a methodology for automating the development of target security profiles using Large Language Models (LLMs) enhanced by RetrievalAugmented Generation (RAG). By integrating a vector database of national regulations and organizational policies, the proposed RAG-based advisor reduces manual complexity, minimizes human error, and ensures alignment between technical controls and legal requirements. This study contributes to the field by providing a structured workflow for AI-assisted cybersecurity management in environments characterized by high-intensity hybrid threats.