Світова практика управління подіями інформаційної безпеки корпорацій

Vitаliу CHUBAIEVSKYI

doi:10.31617/3.2022(125)05

Authors

Vitаliу CHUBAIEVSKYI State University of Trade and Economics https://orcid.org/0000-0001-8078-2652

DOI:

https://doi.org/10.31617/3.2022(125)05

Keywords:

informational security, information security incidents, international information security standards, information security management system, management of information security events.

Abstract

Introduction. The accumulated experience in the field of information protection, as well as new requirements for the construction of the information security policy of companies allowed to develop quite effective recommendations for the construction of the information security management system.

Problem. The central process in the information security management system of corporations is the «Event Management» process. Only a competent organization of this process can ensure the proper level of the entire sequence of stages of the effective functioning of the corporate information protection system, covering all actions during the entire life cycle of an information security event; from planning, training and raising awareness to detection, response and training at information security events.

The aim of the article is theoretical and methodological substantiation of the expediency of introducing the Information Security Event Management process in the context of the analysis of the global practice of the corporate information protection system.

Methods. The following methods were used in the course of research: the methods of the system approach, theoretical generalization and comparison, analysis and synthesis. The information base is the author’s own research, international standards of information security of the ISO/IEC 2700x series, publications in scientific editions and Internet resources.

Results. Within the framework of this study, the two most effective options (USA and Europe) for the organization of the Event Management process were analyzed. The conducted analysis made it possible to identify the peculiarities of the organization of each process, its advantages and disadvantages, proved the need for the formation of a comprehensive approach to the organization of processes.

It is justified that a comprehensive approach to the organization of the Event Management process should take into account the interconnection with other management processes and be harmonized with international information security standards.

The implementation of this algorithm makes it possible to minimize the potential risks associated with the possible loss of information resources of the corporation. And, therefore, minimizes the potential economic damage caused by non-compliance with the corporation’s information security policy.

Conclusions. The conducted research makes it possible to practically fill potential information gaps when creating a system for managing information security of corporations. An additional advantage of the proposed solution is the possibility of using this sub-process as an independent one, which simplifies the procedure of managing information security of the corporation as a whole and contributes to reducing the cost of its construction.

Author Biography

Vitаliу CHUBAIEVSKYI, State University of Trade and Economics

PhD (Politics), Associate Professor, Associate Professor of the Engineering Department of software and cyber security

References

White, G. (2021). Generation Z: Cyber-Attack Awareness Training Effectiveness. Journal of Computer Information Systems, 1-12 [in English].

Lallie, H. S., Shepherd, L. A., Nurse, J. R., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of covid-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, 102248. [in English].

Hoh, V. D., Meleshko, Je. V., & Smirnov, O. A. (2017). Doslidzhennja metodiv audytu system upravlinnja informacijnoju bezpekoju [Study of auditing methods of information security management systems]. Systemy upravlinnja, navigacii' ta zv’jazku. Zbirnyk naukovyh prac' – Control, navigation and communication systems. Collection of scientific works, (issue 1(41), (pp. 38-42) [in Ukrainian].

Shatnawi, M. M. (2019). Applying Information Security Risk Management Standards Process for Automated Vehicles. Bánki Közlemények (Bánki Reports), 2(1), 70-74 [in English].

Gabriel, R., Hoppe, T., Pastwa, A., & Sowa, S. (2009). Analyzing malware log data to support security information and event management: Some research results. In 2009 First International Confernce on Advances in Databases, Knowledge, and Data Applications (pp. 108-113). IEEE [in English].

Bhatt, S., Manadhata, P. K., & Zomlot, L. (2014). The operational role of security information and event management systems. IEEE security & Privacy, 12(5), 35-4 [in English].

Kang, K., & Kim, J. (2015). A case study on converged security with event correlation of physical and information security. International Journal of Security and Its Applications, 9(9), 77-94 [in English].

Lopez, M. A., Silva, R. S., Alvarenga, I. D., Rebello, G. A., Sanz, I. J., Lobato, A. G., & Pujolle, G. (2017, October). Collecting and characterizing a real broadband access network traffic dataset. In 2017 1st Cyber Security in Networking Conference (CSNet) (pp. 1-8). IEEE [in English].

Siponen, M., & Willison, R. (2009). Information security management standards: Problems and solutions. Information & management, 46(5), 267-270.

Ključnikov, A., Mura, L., & Sklenár, D. (2019). Information security management in SMEs: factors of success. Entrepreneurship and Sustainability Issues, 6(4), 2081[in English].

Shatnawi, M. M. (2019). Applying Information Security Risk Management Standards Process for Automated Vehicles. Bánki Közlemények (Bánki Reports), 2(1), 70-74 [in English].

Renners, L., Heine, F., & Rodosek, G. D. (2017, September). Modeling and learning incident prioritization. In 2017 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS) (Vol. 1, pp. 398-403). IEEE [in English].

Tanadi, Y., Soeprajitno, R. R. W. N., Firmansah, G. L., & El Karima, T. (2021). ISO 27001 Information Security Management System: Effect of Firm Audits in Emerging Blockchain Technology. Riset Akuntansi dan Keuangan Indonesia, 6(2), 198-204 [in English].

Wu, W., Shi, K., Wu, C. H., & Liu, J. (2021). Research on the Impact of Information Security Certification and Concealment on Financial Performance: Impact of ISO 27001 and Concealment on Performance. Journal of Global Information Management (JGIM), 30(3), 1-16 [in English].

Ključnikov, A., Mura, L., & Sklenár, D. (2019). Information security management in SMEs: factors of success. Entrepreneurship and Sustainability Issues, 6(4), 2081 [in English].

Ko, K., Kim, H. K., Kim, J., Lee, C. Y., Cha, S. G., & Jeong, H. C. (2009, August). Design and Implementation of SIP-aware Security Management System. In International Workshop on Information Security Applications (pp. 10-19). Springer, Berlin, Heidelberg. [in English].