Saved in:
Bibliographic Details
Main Authors: Shafranskyi, Daniil, Stopochkina, Iryna, Ilin, Mykola
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2604.06274
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866913013120892928
author Shafranskyi, Daniil
Stopochkina, Iryna
Ilin, Mykola
author_facet Shafranskyi, Daniil
Stopochkina, Iryna
Ilin, Mykola
contents In recent years, the pace of development of information technology in various areas has increased drastically, forcing cybersecurity specialists to constantly review existing processes in order to prevent unauthorized access to confidential information. Using Ukraine as a primary case study, this paper explores the integration of international best practices, specifically ISO/IEC 27001 and the NIST Cybersecurity Framework, into national regulatory systems. A focus is placed on the transition from traditional compliance models to risk-based approaches, exemplified by the recent adoption of the Ukrainian normative documents. Furthermore, we propose a methodology for automating the development of target security profiles using Large Language Models (LLMs) enhanced by RetrievalAugmented Generation (RAG). By integrating a vector database of national regulations and organizational policies, the proposed RAG-based advisor reduces manual complexity, minimizes human error, and ensures alignment between technical controls and legal requirements. This study contributes to the field by providing a structured workflow for AI-assisted cybersecurity management in environments characterized by high-intensity hybrid threats.
format Preprint
id arxiv_https___arxiv_org_abs_2604_06274
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Towards the Development of an LLM-Based Methodology for Automated Security Profiling in Compliance with Ukrainian Cybersecurity Regulations
Shafranskyi, Daniil
Stopochkina, Iryna
Ilin, Mykola
Cryptography and Security
Artificial Intelligence
In recent years, the pace of development of information technology in various areas has increased drastically, forcing cybersecurity specialists to constantly review existing processes in order to prevent unauthorized access to confidential information. Using Ukraine as a primary case study, this paper explores the integration of international best practices, specifically ISO/IEC 27001 and the NIST Cybersecurity Framework, into national regulatory systems. A focus is placed on the transition from traditional compliance models to risk-based approaches, exemplified by the recent adoption of the Ukrainian normative documents. Furthermore, we propose a methodology for automating the development of target security profiles using Large Language Models (LLMs) enhanced by RetrievalAugmented Generation (RAG). By integrating a vector database of national regulations and organizational policies, the proposed RAG-based advisor reduces manual complexity, minimizes human error, and ensures alignment between technical controls and legal requirements. This study contributes to the field by providing a structured workflow for AI-assisted cybersecurity management in environments characterized by high-intensity hybrid threats.
title Towards the Development of an LLM-Based Methodology for Automated Security Profiling in Compliance with Ukrainian Cybersecurity Regulations
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2604.06274