Digital products’ information security risk management in the organization financial ecosystem

In the context of digital and technological challenges, changes in relations between market participants, modified types of information security threats arise, the sources of which are innovative financial services and their combinations. Such types appear due to the recent trend of transforming traditional service models into financial ecosystems, essential in the financial sector's evolution. In the context of information / cyber security risk, the product of the financial ecosystem should be defined as an architecturally complete information and communication technology that meets the needs of the organization's client with the presence of predefined and implemented useful properties. The transformation of information security risk factors inevitably affects the need to revise approaches to risk assessment, focusing on information security specialists on digital financial services - products of financial ecosystems. The task of assessing the information / cybersecurity risk of a product of a financial ecosystem is not so much predicting the future state of the product itself or the financial ecosystem, but deliberate management within the framework of the implementation of specific scenarios. The research topic is devoted to describing certain aspects of the new model of information security risk management in the development of financial ecosystems. The problems of using the classical model of information / cyber security risk analysis are considered. A risk assessment method is proposed that takes into account the peculiarities of the heterogeneous environment of financial ecosystems and the dynamics of risk factors.

1. Vasin S.M. Gamidullaeva L.A. Conceptual issues of management of an innovative system. Russian Journal of Management. 2015;3(4):342-351.

2. Gamidullaeva L.A. Experience of state support for business incubation abroad and the possibility of its adaptation in Russia . Bulletin of Tomsk State University. 2013;369:122- 125.

3. Tolstykh T.O., Agaeva A.M. Ecosystem approach as a concept of innovative development of the economy . Science today: challenges and solutions: materials of Intern. scientificpractical conf. (Vologda, January 29, 2020). - Vologda: LLC "Marker". 2020;1:73.

4. Tolstykh T.O., Shkarupeta E.V. The impact of human potential on the formation of a digital ecosystem in the framework of cross-industry transformation . Actual problems of the development of economic entities, territories and systems of regional and municipal management: materials of the XIV Intern. scientific-practical conf. 2019;1:210-213.

5. Nolan A., Guellec D. The digitalisation of science, technology and innovation. An overview of key developments and policies. OECD, DSTI/STP. 2019;1:14.

6. OECD (2019). University-Industry Collaboration: New Evidence and Policy Options. – Paris : OECD Publishing, 2019.

7. Kleiner G.B. Socio-economic ecosystems in the context of dual spatial-temporal analysis . Economics and Management: Problems and Solutions. 2018;5(5):5-13.

8. Technical risk assessment handbook: Version 1.1. Australian Government: Department of defence. Defence Science and Technology organization. – Canberra. 2016;1:42.

9. Standardization in the Russian Federation. Basic provisions: GOST R 1.0–2012. - Instead of GOST R 1.0-2004; entered 01.07.2013.

10. Risk management. Terms and definitions: GOST R 51897–2011/ ISO Guide 73: 2009. - Instead of GOST R 51897-2002; entered 01.12.2012.

11. The main directions of development of information security in the credit and financial sector for the period 2019-2021. Central Bank of the Russian Federation. Access mode: https://cbr.ru/Content/Document/File/83253/onrib_2021. (date of access: 01.10.2020).