We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
ОСОБЛИВОСТІ РОЗПОВСЮДЖЕННЯ РИЗИКО-ОРІЄНТОВАНОГО ПІДХОДУ ДО ОЦІНКИ ВРАЗЛИВОСТІ ОБ’ЄКТІВ КІБЕРЗАХИСТУ.
- Authors
Рубан, Ігор; Тютюник, Вадим; Заболотний, Володимир; Тютюник, Ольга
- Abstract
The paper presents the results of the spread of a risk-oriented approach to assess the effectiveness of the information security system of a cyber-defense object in the context of possible disclosure and information leakage, its blocking and modification. It is shown that the basis of the information security system of cyber protection objects is a classical control loop that provides collection, processing and analysis of information, as well as modeling the development of information danger to cyber protection facilities, the development and implementation of anti-crisis management to prevent the emergence of threats to information, revolves in the process of functioning of cyber protection facilities, as well as elimination or minimization of consequences. On the basis of the results obtained, a structural and logical diagram of the anti-crisis management process has been developed to prevent the emergence of threats to information, rotates in the process of functioning of the cyber defense object, as well as eliminating or minimizing the consequences of threats. The developed anti-crisis management scheme includes: diagnosis of the crisis state of the cyber defense object and threats to the information circulating in the process of functioning of the cyber defense object; defining the goals and objectives of crisis management to prevent threats to information circulating during the operation of the cyber defense object, as well as to eliminate or minimize their consequences; identification of the subject of anti-crisis activities to prevent threats to information circulating during the operation of the cyber defense object, as well as to eliminate or minimize their consequences; assessment of time constraints of crisis management to prevent threats to information circulating during the operation of the cyber defense object, as well as to eliminate or minimize their consequences; assessing the resource potential of crisis management to prevent threats to information circulating during the operation of the cyber defense object, as well as to eliminate or minimize their consequences; development of an anti-crisis program to prevent threats to information circulating during the operation of the cyber defense object, as well as to eliminate or minimize their consequences; implementation of the anti-crisis program and control over its implementation to prevent threats to information circulating during the operation of the cyber defense object, as well as to eliminate or minimize their consequences; development and implementation of preventive measures to prevent the recurrence of threats to information circulating during the operation of the cyber defense object.
- Subjects
CRISIS management; INFORMATION technology security; INFORMATION modeling; SECURITY systems; INFORMATION storage &; retrieval systems; CYBER physical systems
- Publication
Ukrainian Scientific Journal of Information Security, 2020, Vol 26, Issue 3, p145
- ISSN
2225-5036
- Publication type
Article
- DOI
10.18372/2225-5036.26.14947