The Model of Information Security Threat Profile of Corporate Information System

Abstract

The level of information security of corporate information systems depends on the security of information assets of the enterprise in which the enterprise information systems are implemented. To protect data processed in corporate information systems, it is advisable to ensure the information security of the system, to identify and predict threats to information security violations. Such measures will ensure effective management of information security and high-quality response to threats in corporate information systems in real time. Thus, the research of threats management and information security of corporate information systems allows the authors to develop a model of threat profile. The difference from the previously proposed models is that the present solution defines the actions that need to be taken when threats are detected and to prevent them. Application of the proposed model will allow implementing special procedures of information security management of the enterprise, using private information security policies for corporate information systems. The authors highlight the key aspects of managing threats to information security of corporate information systems. The vulnerabilities typical for corporate information systems have been allocated. The sources of threats have been formed, and the potential violators have been described. A unique model of the profile of threats to information security for corporate information system has been developed.