Analysis and identification of ways to reduce critical information security risks

Abstract

One of the key requirements for the protection of an organization's information assets is to ensure proper information security risk management. In the process of risk management, they should be identified, assessed, analyzed and processed in order to change the value of risk to an acceptable level. The article proposes to consider ways to reduce information risks that may be caused by critical categories of threats and vulnerabilities.