{"title":"关键基础设施对象信息系统网络安全风险评估","authors":"V. Mokhor, S. Honchar, A. Onyskova","doi":"10.1109/PICST51311.2020.9467957","DOIUrl":null,"url":null,"abstract":"The concept of complex cybersecurity risk of information systems of critical infrastructure objects is substantiated in the paper, the vector model of risk and model of complex risk is offered, the method of calculation of total risk, complex risk is offered, the structural decision of computer system for calculation of cybersecurity risk of information systems of critical infrastructure objects is developed. Using the proposed method, it is possible to solve the issue related to the possibility of calculating the amount of risks, which allows to assess the risk as a whole, taking into account the human factor in risk assessment, which is extremely important for critical infrastructure, especially in the energy sector. The proposed computing system can be used as part of a decision support system for assessing cybersecurity risks of information systems of critical infrastructure facilities. The results obtained can be used to assess the cybersecurity risk of information systems of critical infrastructure objects in the construction and implementation of information security management systems, integrated information protection systems in automated systems in the development of a threat model, security policy, and protection plan. Despite a significant number of approaches to solving this problem, it remains relevant for the entire world community.","PeriodicalId":123008,"journal":{"name":"2020 IEEE International Conference on Problems of Infocommunications. Science and Technology (PIC S&T)","volume":"232 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Cybersecurity Risk Assessment of Information Systems of Critical Infrastructure Objects\",\"authors\":\"V. Mokhor, S. Honchar, A. Onyskova\",\"doi\":\"10.1109/PICST51311.2020.9467957\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The concept of complex cybersecurity risk of information systems of critical infrastructure objects is substantiated in the paper, the vector model of risk and model of complex risk is offered, the method of calculation of total risk, complex risk is offered, the structural decision of computer system for calculation of cybersecurity risk of information systems of critical infrastructure objects is developed. Using the proposed method, it is possible to solve the issue related to the possibility of calculating the amount of risks, which allows to assess the risk as a whole, taking into account the human factor in risk assessment, which is extremely important for critical infrastructure, especially in the energy sector. The proposed computing system can be used as part of a decision support system for assessing cybersecurity risks of information systems of critical infrastructure facilities. The results obtained can be used to assess the cybersecurity risk of information systems of critical infrastructure objects in the construction and implementation of information security management systems, integrated information protection systems in automated systems in the development of a threat model, security policy, and protection plan. Despite a significant number of approaches to solving this problem, it remains relevant for the entire world community.\",\"PeriodicalId\":123008,\"journal\":{\"name\":\"2020 IEEE International Conference on Problems of Infocommunications. Science and Technology (PIC S&T)\",\"volume\":\"232 3\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE International Conference on Problems of Infocommunications. Science and Technology (PIC S&T)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PICST51311.2020.9467957\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Conference on Problems of Infocommunications. Science and Technology (PIC S&T)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PICST51311.2020.9467957","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cybersecurity Risk Assessment of Information Systems of Critical Infrastructure Objects
The concept of complex cybersecurity risk of information systems of critical infrastructure objects is substantiated in the paper, the vector model of risk and model of complex risk is offered, the method of calculation of total risk, complex risk is offered, the structural decision of computer system for calculation of cybersecurity risk of information systems of critical infrastructure objects is developed. Using the proposed method, it is possible to solve the issue related to the possibility of calculating the amount of risks, which allows to assess the risk as a whole, taking into account the human factor in risk assessment, which is extremely important for critical infrastructure, especially in the energy sector. The proposed computing system can be used as part of a decision support system for assessing cybersecurity risks of information systems of critical infrastructure facilities. The results obtained can be used to assess the cybersecurity risk of information systems of critical infrastructure objects in the construction and implementation of information security management systems, integrated information protection systems in automated systems in the development of a threat model, security policy, and protection plan. Despite a significant number of approaches to solving this problem, it remains relevant for the entire world community.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
