Оценка уровня зрелости центра мониторинга информационной безопасности в условиях обеспечения устойчивости риск-управления
Работая с сайтом, я даю свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта обрабатывается системой Яндекс.Метрика
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

Assessment of the maturity level of the information security monitoring center in the context of ensuring the sustainability of risk management

Ponomarev A.V. 

UDC 004.056.5
DOI: 10.26102/2310-6018/2024.46.3.015

  • Abstract
  • List of references
  • About authors

Assessment of the effectiveness of the security monitoring and management centers is an urgent task, the solution of which depends on both the reliability of the entire system and monitoring and forecasting. The purpose of the work is to conduct a systematic analysis of factors and metrics (indicators) affecting the maturity level of monitoring centers. This problem is realized by identifying control parameters and predicting (modeling) the stability of risk management of centers when servicing requests. In particular, the formation of an integral stability index is of interest. The hypotheses of the study are considered an acceptable "tolerance band," control stability, attack planning and vulnerability analysis, the need for situational modeling. Methods of system analysis and synthesis, modeling, probability theory, heuristic approach were used. The main results of the article: 1) analysis of the sustainability of information and economic security policies and classification of direct and indirect threats in the digital business ecosystem; 2) based on the analysis done, an adaptive scheme for modeling the risk stability of a corporate system and a formal optimization model for predicting sustainable protection (based on the cost of ensuring the required security measure) were proposed; 3) as practical applications, a probabilistic model of servicing requests in a distributed system (at a given intensity of "mixing" requests of intruders) and a heuristic procedure for assessing the level of stability monitoring are proposed. The work is developed in the direction of complication of models, their elasticity and "depth" of risk accounting.

Keywords: assessment, sustainability, maturity, information security center, monitoring, risk, management

For citation: Ponomarev A.V. Assessment of the maturity level of the information security monitoring center in the context of ensuring the sustainability of risk management. Modeling, Optimization and Information Technology. 2024;12(3). URL: https://moitvivt.ru/ru/journal/pdf?id=1631 DOI: 10.26102/2310-6018/2024.46.3.015 (In Russ).

315

Full text in PDF

Received 15.07.2024

Revised 22.07.2024

Accepted 31.07.2024

Published 30.09.2024