EFFECTIVENESS ASSESSMENT METHODOLOGY OF INFORMATION SECURITY MANAGEMENT SYSTEM THROUGH THE SYSTEM RESPONSE TIME TO INFORMATION SECURITY INCIDENTS
Annotation
Quality assessment of information security management system is an important step for obtaining baseline data for analysis of the security system control effectiveness, and evaluating implementation of the specified information security requirements of the organization. Proceeding from current analysis practice of information security management systems effectiveness assessment, it can be concluded that, in most cases, independent measurement of security control is carried out without regard to their interaction. The uncertainty of the stochastic nature of the measured security controls is not taken into account. There is a list of related measures for control and management; however, structural elements for measuring of these interactions are absent. Thus, there is an important and urgent task of improving the effectiveness assessing methodology for information security management system that can be solved by introducing a new integral effectiveness indicator of the system, which would give the possibility to take into account the above-mentioned shortcomings. The author proposes the usage of a new integral efficiency indicator - system response time to information security incidents. This efficiency indicator will make it possible to pass from the binary effectiveness assessment of the system "approve or disapprove" to a quantitative one. New performance indicator gives the possibility to take into account the uncertainty of the stochastic nature of the attributes and measures of management and control, provides a quantitative assessment of the information security state and has a clear physical interpretation for the organization management and information security officers. Dynamics of the indicator change from test to test will assess the information security management system state in general and effectiveness of taken control and management measures. The method for calculating of the new information security management system performance indicator is based on the experimental design theory. Its advantages are: information security service staff has an opportunity to control the attributes measurement, the same accuracy of estimates for attribute parameters during the measurement is provided, interaction degree between attributes and their importance in the computation of the effectiveness of information security management is revealed by means of the regression coefficients, and also an analytical model of performance indicator can be obtained.
Keywords
Постоянный URL
Articles in current issue
- PHOTONICS AND OPTICAL INFORMATICS IN EUROPE: TRENDS OF 2003–2013
- TWO-DIMENSIONAL LOCALIZATION OF ATOMIC POPULATIONS IN FOUR-LEVEL QUANTUM SYSTEMS
- THE RECURRENT ALGORITHM FOR INTERFEROMETRIC SIGNALS PROCESSING BASED ON MULTI-CLOUD PREDICTION MODEL
- INVESTIGATION OF BIOLOGICAL OBJECTS IN OPTICAL COHERENCE TOMOGRAPHY WITH DATA PROCESSING BY SEQUENTIAL MONTE CARLO METHOD
- AUTOMATIC CALIBRATION METHOD FOR STEREOSCOPIC SYSTEM
- METHOD OF IMAGE QUALITY ENHANCEMENT FOR SPACE OBJECTS
- ROBUST REGULATION FOR SYSTEMS WITH POLYNOMIAL NONLINEARITY APPLIED TO RAPID THERMAL PROCESSES
- NANOSTRUCTURING AS A WAY FOR THERMOELECTRIC EFFICIENCY IMPROVEMENT
- SPECTRAL AND LUMINESCENT PROPERTIES OF CHROMIUM IONS IN FORSTERITE-LIKE NANO-GLASS CERAMICS
- SPECTRAL AND LUMINESCENT PROPERTIES OF FLUOROPHOSPHATE GLASSES DOPED WITH YTTERBIUM AND ERBIUM
- PARAMETERS OPTIMIZATION OF METAL-DIELECTRIC NANOSTRUCTURES FOR SENSOR APPLICATIONS
- HLD-METHODOLOGY APPLICATION FOR RECONFIGURABLE EMBEDDED SYSTEMS DESIGN
- METHOD OF HIGH-QUALITY SPEECH SYNTHESIS WITH A SMALL DATABASE USAGE
- DETECTION OF CLIPPED FRAGMENTS IN ACOUSTIC SIGNALS
- TWO-LEVEL HIERARCHICAL COORDINATION QUEUING METHOD FOR TELECOMMUNICATION NETWORK NODES
- AN APPROACH FOR CLONE DETECTION IN DOCUMENTATION REUSE
- MOVING PERSON IDENTIFICATION IN VIDEO SURVEILLANCE SYSTEMS
- MULTISENSOR SYSTEM APPLICATION FOR PREPARATIONS BITTERNESS EVALUATION IN TRADITIONAL CHINESE MEDICINE
- ACCURACY EVALUATION FOR THE NON-CONTACT DEFECT AREA MEASUREMENT AT THE COMPLEX-SHAPE SURFACES UNDER VIDEOENDOSCOPIC CONTROL
- COMPARATIVE ANALYSIS OF ENERGY ACCUMULATION SYSTEMS AND DETERMINATION OF OPTIMAL APPLICATION AREAS FOR MODERN SUPER FLYWHEELS
- MULTI-GRID METHOD OF CONVERGENCE SPEEDING-UP FOR THE SOLUTION OF GAS DYNAMICS PROBLEMS ON UNSTRUCTURED MESHES
- EXTENSION OF TENSOR PRODUCT FOR OPERATORS ON THE DIRAC OPERATOR EXAMPLE
- MOLECULAR DYNAMIC SIMULATION OF PEPTIDE POLYELECTROLYTES
- IDENTIFICATION OF NONLINEAR MODEL PARAMETERS FOR RAPID THERMAL PROCESSES