Оценка уровня зрелости центра мониторинга информационной безопасности в условиях обеспечения устойчивости риск-управления
Работая с нашим сайтом, вы даете свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта отправляется в «Яндекс» и «Google»
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

Assessment of the maturity level of the information security monitoring center in the context of ensuring the sustainability of risk management

Ponomarev A.V.  

UDC 004.056.5
DOI: 10.26102/2310-6018/2024.46.3.015

  • Abstract
  • List of references
  • About authors

Assessment of the effectiveness of the security monitoring and management centers is an urgent task, the solution of which depends on both the reliability of the entire system and monitoring and forecasting. The purpose of the work is to conduct a systematic analysis of factors and metrics (indicators) affecting the maturity level of monitoring centers. This problem is realized by identifying control parameters and predicting (modeling) the stability of risk management of centers when servicing requests. In particular, the formation of an integral stability index is of interest. The hypotheses of the study are considered an acceptable "tolerance band," control stability, attack planning and vulnerability analysis, the need for situational modeling. Methods of system analysis and synthesis, modeling, probability theory, heuristic approach were used. The main results of the article: 1) analysis of the sustainability of information and economic security policies and classification of direct and indirect threats in the digital business ecosystem; 2) based on the analysis done, an adaptive scheme for modeling the risk stability of a corporate system and a formal optimization model for predicting sustainable protection (based on the cost of ensuring the required security measure) were proposed; 3) as practical applications, a probabilistic model of servicing requests in a distributed system (at a given intensity of "mixing" requests of intruders) and a heuristic procedure for assessing the level of stability monitoring are proposed. The work is developed in the direction of complication of models, their elasticity and "depth" of risk accounting.

1. Kaziev M.V., Medvedeva L.B., Tyutrin N.O., Khizbullin F.F., Takhumova V.O. Improvement and modeling of the company's activity based on the innovative KPI system. Journal of Fundamental and Applied Sciences. 2018;10(5S):1406–1415.

2. Veligodskiy S.S., Miloslavskaya N.G. Unified model of maturity of network security centers of information and telecommunication networks. Izvestiya YuFU. Tekhnicheskie nauki = Izvestiya SFedU. Engineering Sciences. 2023;(3):157–172. (In Russ.). https://doi.org/10.18522/2311-3103-2023-3-157-172

3. Maksimova E. Cognitive modeling of destructive malicious impacts on critical information infrastructure objects. Trudy uchebnykh zavedenii svyazi = Proceedings of Telecommunication Universities. 2020;6(4):91–103. (In Russ.). https://doi.org/10.31854/1813-324X-2020-6-4-91-103

4. Andryukhin E.V., Ridli M.K., Pravikov D.I. Prediction of faults and failures in distributed control systems based on time series forecasting models. Voprosy kiberbezopasnosti. 2019;(3):24–32. (In Russ.).

5. Skryl' S.V., Gaifulin V.V., Domrachev D.V., Sychev V.M., Gracheva Yu.V. Topical issues of the problem of assessment of threats of cyber attacks on information resources of significant facilities of critical information infrastructure. Bezopasnost' informatsionnykh tekhnologii = IT Security (Russia). 2021;28(1):84–94. (In Russ.). https://doi.org/10.26583/bit.2021.1.07

6. Gaskova D.A., Massel A.G. The technology of cyber threat analysis and risk assessment of cybersecurity violation of critical infrastructure. Voprosy kiberbezopasnosti. 2019;(2):42–49. (In Russ.).

7. Lapsar' A.P., Nazaryan S.A., Vladimirova A.I. Ensuring the resistance of critical information infrastructure objects to advanced persistent threats. Voprosy kiberbezopasnosti. 2022;(2):39–51. (In Russ.).

8. Tanygin M.O., Budnikova Yu.A., Bulgakov A.S., Marchenko M.A. A model for assessing information security incidents damage. Bezopasnost' informatsionnykh tekhnologii = IT Security (Russia). 2021;28(2):98–106. (In Russ.). https://doi.org/10.26583/bit.2021.2.09

9. Zolotavin V.S., Nechta I.V. Overview of Man-in-the-middle (MITM) network attacks. In: Obrabotka informatsii i matematicheskoe modelirovanie: Materialy Vserossiiskoi nauchno-tekhnicheskoi konferentsii s mezhdunarodnym uchastiem, 19–20 April 2023, Novosibirsk, Russia. Novosibirsk: Siberian State University of Telecommunications and Information Science; 2023. pp. 279–285. (In Russ.).

10. Tikhonenko O.M. Queuing system with processor sharing and limited resources. Automation and Remote Control. 2010;71(5):803–815. https://doi.org/10.1134/S0005117910050073

Ponomarev Aleksandr Vladimirovich

Financial University under the Government of the Russian Federation

Moscow, Russia

Keywords: assessment, sustainability, maturity, information security center, monitoring, risk, management

For citation: Ponomarev A.V. Assessment of the maturity level of the information security monitoring center in the context of ensuring the sustainability of risk management. Modeling, Optimization and Information Technology. 2024;12(3). URL: https://moitvivt.ru/ru/journal/pdf?id=1631 DOI: 10.26102/2310-6018/2024.46.3.015 (In Russ).

96

Full text in PDF

Received 15.07.2024

Revised 22.07.2024

Accepted 31.07.2024

Published 30.09.2024