Improving the Methods for Protecting Information from Unauthorized Access

Abstract

The research relevance is conditioned by the constantly growing technical capabilities for unauthorized access to protected information in the local area networks (LAN), the development of methods of attacks, and therefore, the need to improve methods of information protection. The paper describes the peculiarities of using the system of collecting and correlating information security events SIEM (Security Information and Event Management), which detects and notifies about the emergence of threats to leakage of protected information. In the modern world, due to the ever-growing technical capabilities of attackers for unauthorized access to LAN, improving the ways of carrying out attacks on them, there is a need to improve the existing methods of information protection and to develop new ones. In addition to the technical component, an important risk factor is the human factor, due to which up to 52 % of information leaks (intentional and unintended) occur around the world. They are distributed by categories of information: 62.3 % – personal data, 31.0 % – payment documents, 3.9 % – state secrets, 2.8 % – trade secrets.