The optimization method of the integrated management system security audit

Livshitz, Ilya I.; Lontsikh, Pawel A.; Eliseev, Sergey

doi:10.23919/fruct.2017.8071319

Cited by 4 publications

(1 citation statement)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Specific features of information protection focus on existing methods of localization of anomalies and current hazards in networks, statistical methods are considered as effective methods of detecting anomalies and experimental detection of the chosen method, methods of capturing and analyzing network traffic during passive monitoring of network segment [13][14][15][16][17][18]. The analysis of different areas of information security management in organizations of various activities is not left out: the management of information security system resources in the organization [19][20][21]; risk management and threats to information security [20,22,23]; management of documentation and information assistance system in the organization [19,20,24,25]; information security audit management [23,26,27]; management of information security system efficiency analysis [19,21,28]. Some sources are associated with the use of different forecasting methods based on the construction of appropriate models [29][30][31][32][33][34][35].…”

Section: Related Workmentioning

confidence: 99%

Risk Forecasting of Data Confidentiality Breach Using Linear Regression Algorithm

Korystin¹,

Nataliia²,

Митина³

2022

IJCNIS

View full text Add to dashboard Cite

The paper focuses on the study of cyber security in Ukraine and creation of a predictive model for reducing the risk of identified cyber threats. Forecasting is performed using a linear regression model, taking into account the optimal dependence of specific threats in the field of cyber security of Ukraine on variables characterizing capabilities / vulnerabilities of cyber security. An unique empirical base was used for the analysis, which was formed on the basis of an expert survey of the cyber security system’s subjects in Ukraine. In order to increase the representativeness of the research, based on the selection of reliable expert population, data cleaning is provided. Methodological research is based on a risk-oriented approach, which provided a risk assessment of the spread of cyber threats and, on this basis, the determination of capabilities / vulnerabilities of the cyber security system in Ukraine. The value of the research is formed not only by assessing the risks of the spread of cyber threats, but by a more in-depth analysis of the dependence of the cyber threats’ level on the vulnerability of the cyber security system based on the search for optimal and statistically significant relationships. The experiment was conducted on the basis of determining the optimal model for forecasting the risk of the spread of one of the most significant threats in Ukraine – data confidentiality breach (54.67%), depending on the variables that characterize the capabilities / vulnerabilities of the cyber security system in Ukraine. The experiment showed that the optimal model emphasizes the predictors characterizing the vulnerability of the organizational cyber security system – "Departmental level of cybersecurity monitoring" and capabilities: "The level of use of risk management approaches at the operational level" and "The level of methodological support for cybersecurity of the critical infrastructure system".

show abstract