Оn the development of damage of information system operations and methodological issues of assessment of the efficiency of information security systems
DOI:
https://doi.org/10.32347/2411-4049.2019.2.67-90Keywords:
information systems, information and communication technologies, information security, information security systems, information systems risk management, methods of assessing the effectiveness of systemsAbstract
The paper analyzes the trends in threats to the functioning of information and telecommunication systems and methodological issues of evaluating the effectiveness of the information security system for protected objects. Based on the results of the analysis, a methodology for assessing the state of the effectiveness of information security systems has been proposed. It is shown that the development of assessment methodologies should be carried out on the basis of statistical and system analysis using expert methods, taking into account the fact that the assessment of the effectiveness of information security systems and its components is assessed with a large number of uncertainties and differences. The approach of assessing the state of the effectiveness of information security systems for an object of protection based on the risk management of business processes has been analyzed. It is substantiated that, depending on the goals and objectives of the assessment, it is possible to change both the main factors and the second level assessment factors and calculate them based on expert assessments of third level factors that affect the level of information security.References
Plenarnoe zasedanie Mezhdunarodnogo kongressa po kiberbezopasnosti. (2018, July 06). Retrieved from http://kremlin.ru/events/president/news/57957 (in Russian).
Statement from the Press Secretary. Whitehouse. (2019, May 15). Retrieved from https://www.whitehouse.gov/briefings-statements/statement-press-secretary-56/.
Vedomosti. (2019, May 16). Tramp vvel chrezvychajnoe polozhenie v SShA dlya zaschity kommunikacionnyh setej. Retrieved from https://www.vedomosti.ru/politics/ news/2019/05/16/801521-tramp (in Russian).
Interfax.ru. (2019, May 30). Pentagon zapretil kontrakty s RF na zapusk kommercheskih sputnikov s 2023 goda. Retrieved from https://www.interfax.ru/world/663107 (in Russian).
Kompanіya GlobalSign. (2018, February 09). Pyat' problem i tendencij informacionnoj bezopasnosti: chego ozhidat' v 2018 godu. Retrieved from https://habr.com/ru/company/globalsign/blog/348690/ (in Russian).
Prognozy po informacionnoj bezopasnosti na 2018 god | R-Vision. (n.d.). Retrieved June 1, 2019 from https://rvision.pro/blog-posts/prognozy-po-informatsionnoj-bezopasnosti-na-2018-god/ (in Russian).
Prognozy po informacionnoj bezopasnosti na 2019 god | R-Vision. (n.d.). Retrieved June 1, 2019 from https://rvision.pro/blog-posts/prognozy-po-informatsionnoj-bezopasnosti-na-2019-god/ (in Russian).
Informacionnaya bezopasnost' (trendy). 2019: Top-10 trendov v sfere kiberbezopasnosti interneta veschej. (2019, February 8). Retrieved from http://www.tadviser.ru/index.php/ (in Russian).
MIREA. (n.d.). Stat'i po informacionnoj bezopasnosti za 2016 god. Retrieved June 1, 2019 from https://www.mirea.ru/umo/scientific-activities/articles-on-information-security-for-2016/ (in Russian).
Sherstyuk, V. P. (n.d.). MGU: Nauchnye issledovaniya v oblasti informacionnoj bezopasnosti. Retrieved June 1, 2019, from http://emag.iis.ru/arc/infosoc/emag.nsf/ BPA/892ea7cb332e596cc32571cb00319141 (in Russian).
Voprosy informacionnoj bezopasnosti. (2014, September 9). Retrieved from https://www.marketing.spb.ru/mr/it/giss.htm (in Russian).
Sklyarov, D. (2019, May 6). Kak menyalas' informacionnaya bezopasnost' za poslednie 20 let. Retrieved from http://csef.ru/ru/oborona-i-bezopasnost/272/kak-menyalas-informaczionnaya-bezopasnost-za-poslednie-20-let-8881 (in Russian).
Informacionnaya bezopasnost' predpriyatiya: Klyuchevye ugrozy i sredstva zaschity. (n.d.). Retrieved June 1, 2019, from https://www.kp.ru/guide/informatsionnaja-bezopasnost-predprijatija.html (in Russian).
A New National Security Strategy for a New Era. Whitehouse. (2017, December 19). Retrieved from https://www.whitehouse.gov/articles/new-national-security-strategy-new-era/
The National Defense Strategy. DOD. (2018, January 19). Retrieved from https://dod.defense.gov/Portals/1/Documents/pubs/2018-National-Defense-Strategy-Summary.pdf.
The National Military Strategy of the United States of America. 2015. JCS.mil. (n.d.). Retrieved May 15, 2019, from https://www.jcs.mil/Portals/36/Documents/Publications/ 2015_National_Military_Strategy.pdf.
The National Cyber Strategy, (NCS). Whitehouse. (2018, September 28). Retrieved from https://www.whitehouse.gov/wp-content/uploads/2018/09/National-Cyber-Strategy.pdf.
Strategіya Kіberbezpeki Ukrai'ny. (2016, March 15). Ukaz Prezidenta Ukrai'ny № 96/2016. Retrieved from https://zakon.rada.gov.ua/laws/show/96/2016#n11 (in Ukrainian).
Doktrina іnformacіjnoї bezpeki Ukrai'ny. (2017, February 25). Ukaz Prezidenta Ukrai'ny № 47/2017. Retrieved from https://zakon.rada.gov.ua/laws/show/47/2017 (in Ukrainian).
Verhovnа Radа Ukrai'ny. (2017, October 5). Zakon Ukrai'ny «Pro Osnovnі Zasadi Zabezpechennya Kіberbezpeki Ukrai'ny» № 2163-VIII (Vіdomostі Verhovnoї Radi (VVR), 2017, № 45, st.403 іz zmіnami). Retrieved from https://zakon.rada.gov.ua/laws/show/2163-19 (in Ukrainian).
Doktrina informacionnoj bezopasnosti RF, 2016. (n.d.). Retrieved from http://publication.pravo.gov.ru/Document/View/0001201612060002?index=0&rangeSize=1 (in Russian).
Federal'nyj Zakon RF «Ob Informacii, Informacionnyh Tehnologiyah i o Zaschite Informacii» (2006, July 27). Retrieved May 27, 2019, from http://www.consultant.ru/document/cons_doc_LAW_61798/ (in Russian).
Federal'nyj zakon RF «O bezopasnosti kriticheskoj informacionnoj infrastruktury RF» N 187-FZ (2017, July 26). Retrieved May 27, 2019, from http://www.consultant.ru/ document/cons_doc_LAW_220885/ (in Russian).
Centr nacional'noj komp'yuternoj bezopasnosti Velikobritanii. Retrieved June 1, 2019, from https://ru.wikipedia.org/wiki/Centr_nacional'noj_komp'yuternoj_bezopasnosti_ Velikobritanii (in Russian).
ISO/IEC 27000 – seriya mezhdunarodnyh standartov, vklyuchayuschaya standarty po informacionnoj bezopasnosti, opublikovannye sovmestno Mezhdunarodnoj Organizaciej po Standartizacii (ISO) i Mezhdunarodnoj `Elektrotehnicheskoj Komissiej (IEC).
Informacionnaya bezopasnost'. Vikipediya. (n.d.). Retrieved June 1, 2019, from https://ru.wikipedia.org/wiki/Informacionnaya_bezopasnost' (in Russian).
Zubarev, V. V., Kutovij, O. P., Svergunov, O. O., & Himchenko, S. M. (2009). Metodologіchnі aspekti ocіnki stanu vіjs'kovo-tehnіchnoї polіtiki ta її skladovih : Nauk.-metod. vidannya (V. P. Gorbulіn, Ed.). Kyiv: Іntertehnologіya (in Ukrainian).
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2019 Ihor B. Chepkov, Valerii V. Zubariev, Oleksandr O. Sverhunov, Oleksandr V. Zubariev
This work is licensed under a Creative Commons Attribution 4.0 International License.
The journal «Environmental safety and natural resources» works under Creative Commons Attribution 4.0 International (CC BY 4.0).
The licensing policy is compatible with the overwhelming majority of open access and archiving policies.
