Calculation of risks of information security of telecommunication enterprise

Ilchenko, Lidiya M.; Брагина, Е. К.; Егоров, И. Э.; Зайцев, С. И.

doi:10.21686/1818-4243-2018-2-61-70

Cited by 5 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…He established the basic requirements for information security risk assessment and treatment. But he did not describe in detail how to reduce the damage caused by security threats ( 8 ).…”

Section: Related Workmentioning

confidence: 99%

Networked Organizational Structure of Enterprise Information Security Management Based on Digital Transformation and Genetic Algorithm

Liu

2022

Front. Public Health

View full text Add to dashboard Cite

With the rapid development of society and economy, enterprises have also started digital transformation in order to follow the pace. Now-a-days, the development of enterprises is also faced with the risk of improper management of enterprise information security, so it is very necessary to study the networked organizational structure of enterprise information security management. The purpose of this paper is to study how to analyze the network organization structure of enterprise information security management based on genetic algorithm. This paper puts forward the difficult problems faced by enterprise information security, and how to prevent and solve the risks encountered in information security. In the experimental part of this paper, it can be seen that with the increase of the number of experiments, the work efficiency of the traditional network organization structure has increased from about 4.6 to about 17%. The work efficiency of the network organization structure based on genetic algorithm has risen from about 10 to about 50%. It shows that the work efficiency of the network organization structure based on genetic algorithm is much higher than that of the traditional network organization structure. It can be seen that the advantage percentage of enterprise information security management networked organizational structure with strong room for growth is 79–84%, and the percentage of cost savings is 75–82%. It can be seen that there are still many advantages of the networked organizational structure of enterprise information security management. The network organization structure based on genetic algorithm can not only improve the work efficiency of enterprises, but also improve the information security. Therefore, the network organization structure based on genetic algorithm is of great significance to the enterprise information security.

show abstract

“…He established the basic requirements for information security risk assessment and treatment. But he did not describe in detail how to reduce the damage caused by security threats ( 8 ).…”

Section: Related Workmentioning

confidence: 99%

Networked Organizational Structure of Enterprise Information Security Management Based on Digital Transformation and Genetic Algorithm

Liu

2022

Front. Public Health

View full text Add to dashboard Cite

show abstract

“…В связи с тем, что рассматривалось типовое предприятие, экспертная оценка стоимости ресурсов рассматривает-ся гипотетически. В условиях реального предприятия стоимость ресурсов оценивается на основе методик, рассматриваемых в [6,9]. Исходя из полученного результата можно выделить 4 ключевых ресурса, нуждающихся в первую очередь в реализации мероприятий по защите информации: 1) Программное обеспечение, разработанное компаниейисходные коды программ, 2) Типовые проектные решения -проектные модели, скрипты баз данных и пр., 3) Документация по выполненным проектам, 4) База заказчиков с данными о заключенных договорах.…”

Section: Improving the Efficiency Of The Formation Of Professional Counclassified

Improving the efficiency of the formation of professional competencies Masters in “Information Security” based on the use o CASE-technologies

Gavrilov

Сизов

2019

Otkryt. obraz. (Mosk.)

View full text Add to dashboard Cite

Purpose of the study. In modern conditions, building an effective information security system for an enterprise requires specialists with appropriate professional competencies and systems approach skills in analyzing a combination of factors that influence the state of information security of an enterprise. For the preparation of such kind of specialists, qualitative changes in the content of educational disciplines are required, based on the use of methods and means of system analysis in the process of building an information security system. The current approaches to assessing the risk of an enterprise are based on the formation of a register of its information resources necessary for the further processing of risks. Adequate assessment of the value of a resource is impossible without a correct understanding of the semantics of this resource and its role in the implemented business processes. Modern approaches to the formation of the register of enterprise information resources, according to the authors, do not offer an effective method of identifying resources and estimating their value.This paper considers an approach based on the use of structural and functional analysis methods and CASE-technologies in the formation of a register of information resources of the enterprise in the training of masters in the direction of “Information Security”. Materials and methods. For the formation of the register of enterprise information resources, it is proposed to build a structural-functional enterprise model using the IDEF0 notation. Business process modeling was performed in the Business Studio environment of «Modern Control Technologies». As an example for risk analysis, the activities of a typical IT-industry company engaged in the development and implementation of enterprise management information systems were considered. Results. The technique was successfully tested in the educational process. According to the authors of the article, the use of this technique in conducting laboratory classes for masters enrolled in the “Information Security” direction has made it possible to increase the efficiency of the formation of professional competencies in students and, consequently, in general, the quality of education. The results obtained can be used not only as a training method for specialists in the field of information security. The application of the methodology of forming the register of information resources of an enterprise considered in the article in practical activities to ensure the information security of an enterprise will increase the validity of decisions to protect the information of the enterprise. Conclusion. The paper proposes a method to justify the choice of the main directions for the protection of enterprise information based on the analysis of its business processes. A distinctive feature of the technique is the use of modern CASE-technologies for decision-making in the field of enterprise information security. The implementation of the methodology allows you to create a register of information resources of the enterprise, including an assessment of the likely damage for each resource. The registry shows the bottlenecks in the organization of protection, which should be given priority when planning measures to protect information. On the basis of the data obtained, it is possible to form a strategy and tactics for developing an enterprise information protection system that is reasonable from an economic point of view.

show abstract