Translate this page:
Please select your language to translate the article


You can just close the window to don't translate
Library
Your profile

Back to contents

National Security
Reference:

Tsaregorodtsev, A.V., Taraskin, M.M., Derbin E.A. One of the approaches to the formalized description of threats, vulnerabilities and risks in the system of information protection at an enterprise.

Abstract: The authors evaluate one of the approaches to the evaluation of threats, vulnerabilities and risks in the systems of information protection of organizations, which allows to have all-inclusive analysis and to formulate the requirements for the guarantees of security of information in an organization. Use of such an approach shall allow one to cut the costs of the excess security measures, which often take place, when the evaluation of risks is taken subjectively. It shall also aid in planning and implementation of the protection at all of the stages of vital cycles of information systems and to guarantee that the necessary means can be taken in short periods of time. The authors offer practical advice for the choice of counter-measures and evaluation of efficiency of their various options.


Keywords:

warfare, security, information, organization, risk, threat, vulnerability, model, method, identification.


This article can be downloaded freely in PDF format for reading. Download article


References
1. Tsaregorodtsev A.V. Zashchita informatsionnykh resursov predpriyatiya.-M.: Izd-vo VGNA Minfina Rossii, 2008.
2. Borid'ko S.I., Zabelinskiy A.A., Kovalenko Yu.I., Taraskin M.M. Zashchita informatsii v organizatsiyakh: metodika issledovaniya ugroz, uyazvimostey i riskov.-M.: MINIT, 2011 g.
3. Tsaregorodtsev A.V., Luk'yanchuk A.V. Printsipy tsentralizovannogo upravleniya v sistemakh obnaruzheniya setevykh atak, osnovannykh na mnogoagentnoy tekhnologii // Natsional'naya bezopasnost'.-M.: Izd-vo «NB Media», 2011.-№ 4.-S. 90-95