Integrated Information Model of an Enterprise and Cybersecurity Management System: From Data to Activity

Abstract

The paper analyzes the concepts of "data", "information", "knowledge", "intelligence", "activity", establishes their relationship in the context of integrating information about the enterprise with the contours of security management through the connection of information technologies, operation technologies, ecology technologies (IT, OT, ET). The authors propose an integrated model of information representation of the organization based on a chain of data, information, knowledge and activity / intelligence. The main feature of this model is that it explicitly includes activities that are implemented considering the laws of natural intelligence and forms a corresponding control loop. The security management system is based on identifying and tolerating threats on the stages of processing the data, information, knowledge and intelligence/activities and IT, OT and ET levels. Two industrial cases related to dialog enterprise management system and post-accident monitoring system are discussed.