Risk resilience of information security monitoring centers and its modeling
Abstract
Risk resilience of information security monitoring centers and its modeling
Incoming article date: 09.10.2024Abstract. The purpose of the article is to study the information security of critical parameters of the organization's IT infrastructure processes and its digital infrastructure using Security Monitoring Centers. Such risk factors as adaptability, stability in the middle and long period, the influence of uncertainties ("white noise") are emphasized. In addition to system analysis and synthesis, methods of mathematical (simulation, operator) modeling, computational mathematics and statistics are used in the work. Based on the analysis and synthesis, the following main results were obtained: 1) the classification of the effects of various attacks on the distributed infrastructure was carried out; 2) a scheme, a multiplicative model of integral interactions of protective measures and an integral measure of security are proposed; 3) an algorithm has been developed to identify the constructed multiplicative model based on the least squares criterion, both by the set of factors and by risk classes; 4) shows an example of an operator equation taking into account random noise in the system. Scientific and practical value of work: the results can be used to assess the security of the system and reduce the risks of targeted attacks, damage from them. In addition, the proposed schemes will facilitate situational modeling to detect risk situations and assess the damage from their implementation.
Keywords: assessment, sustainability, maturity, information security center, monitoring, risk, management