Information security indicators

Abstract: Organizations face daily different computer security threats, which makes necessary to have a Decision Support System (DSS) that allows generating knowledge to define strategies to minimize risk. The information security management supported in DSS requires time-consuming manual processes, analysis of large amounts of data and the experience of security specialists. The use of alternatives such as bigdata, machine learning, data analytics, and data visualization can reduce the time of manual processes and the automation of data analysis, contributing the inclusion of intelligence to decision support systems. This study presents a conceptual framework based on the three components of information security: people, technology and processes, with a cognitive approach; emphasizing the aspect of technology in the management of indicators through the integration of concepts such as bigdata, machine learning, data analytics, and data visualization to strengthen the DSS for the generation of knowledge and to help security specialists to make decisions at a strategic level.

Abstract: The issues of using fuzzy algorithms and fuzzy predicates in the process of evaluating information security indicators of industrial automation systems are considered. This approach makes it possible to increase the reliability of decision-making on the values of specific evaluated information security indicators, taking into account the uncertainty (fuzziness) of observation data. The concepts of a fuzzy algorithm, a fuzzy predicate, a fuzzy number and a fuzzy operator, their role and interrelation in the problems of accounting for the fuzzy conditions for evaluating (measuring, modeling and observing) information security indicators are discussed. The features of the use of fuzzy algorithms and predicates for problems of this class are determined, the results of experimental calculations are described. It allow, as an example, one to judge on the degree of belongingness of the final evaluation of a specific indicator of information security for industrial automation systems to the set of true verified values of this indicator.

Abstract: This article analyzes the performance features of network operation in enterprises. A multilevel model of a network interaction structure and a system of information security indicators are suggested. The developed system taken as a sum of multilevel indicators and links among then allows derivation of the integral characteristics of network security, which makes it possible to solve monitoring, prediction, and network control tasks at industrial enterprises. Techniques and algorithms for comprehensive assessment of network threat risks and for justifying protection steps are presented.

Abstract: The paper considers the problem of improving the reliability of estimates of indicators providing information-without danger on the basis of constructing cognitive models related factors are associated with the process of formation and development of various types of information security threats. There are new types of assessments of safety performance to ensure a certain guaranteed level of the range of possible values of the index, which provides a more responsive and more accurate assessment of safety performance. Formed procedure for constructing cognitive models related factors, as well as evaluation of safety performance based on the cognitive model built. This procedure is demonstrated by a specific example. Problem analysis of the level of information security is an important component of the problem and ensure even improve the functioning of the object of protection. However, existing methods of assessing the safety level often rely on the use of expert methods for direct assessment of information security indicators that have relatively less complex objects and data systems makes it quite rough estimates due to the availability of a sufficiently large number of uncertain and random factors. Here to solve the problem of improvement of quality evaluation is proposed to clarify the process of formation of various types of threats on the basis of the construction of cognitive models describing the dependence of the considered threats to a variety of factors that can have a significant effect on the consideration of information without the threat-risk.