Derendyaev D.A., Gatchin Y.A., Bezrukov V.A. —
Mathematical model for evaluating the impact coefficient of a single factor on information security threats
// Cybernetics and programming. – 2016. – ¹ 5.
– P. 222 - 227.
DOI: 10.7256/2306-4196.2016.5.19608
URL: https://en.e-notabene.ru/kp/article_19608.html
Read the article
Abstract: Currently, more attention is paid to the protection of information resources against various threats. There are numerous methods of risk assessment and management, which are aimed at minimizing the threats to information security. However, the risk assessment generally considered a threat, that is, under the action of all potential factors. Wherein the one or other factor may have more influence on the particular threat than others. The paper presents a mathematical model for evaluating the impact coefficient of a single factor on information security threats. The study was based on the evaluation of probability of occurrence and criticality of unrelated threats to information security. The study was based on the probability of occurrence and criticality of unrelated threats to information security. The mathematical model presented in the paper makes it possible to assess the characteristics of threats under the influence of a specific factor. This in turn helps to understand how much a single factor strongly influences information security. The data obtained makes it possible to optimize the protection system counteracting the most critical factors.
Derendyaev D.A., Gatchin Y.A., Bezrukov V.A. —
Algorithm for Representation of Residual Risk Mathematical Model
// Cybernetics and programming. – 2016. – ¹ 4.
– P. 81 - 85.
DOI: 10.7256/2306-4196.2016.4.19655
URL: https://en.e-notabene.ru/kp/article_19655.html
Read the article
Abstract: The majority of modern risk evaluation and management methods imply the concept of residual risk as a figure describing the risk of a threat after all countermeasures have been implemented, however, researchers do not pay enough attention thereto. In this research the authors offer their algorithm allowing to represent the residual risk of information security threats in a form of a mathematical model which in its turn creates opportunities for a more detailed analysis of a parameter under review and the model itself. Coefficients of this model demonstrate the impact of input parameters on the final result. The algorithm of the residual risk mathematical model is based on a complete factorial experiment taking into account peculiarities of a parameter under review. This approach allows to analyze the role of residual risk not only as a figure but also mathematical model which can help to better imply residual risk when implementing risk evaluation and management methods in order to improve an information protection system at an enterprise.