• A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site
Menu
  • HSE University
  • Publications of HSE
  • Articles
  • Один из подходов к формализации описания угроз, уязвимостей и рисков системы защиты информации на предприятии

Article

Один из подходов к формализации описания угроз, уязвимостей и рисков системы защиты информации на предприятии

Царегородцев А. В., Тараскин М. М., Дербин Е. А.

One of the approaches to the assessment of threats, vulnerabilities and risks in the protection of information in organizations , allowing to fully analyze and document requirements related to information security in the organization. Using this approach will allow to avoid the costs of redundant safety measures arising from the subjective assessment of the risks to assist in planning and implementing protection at all stages of the life cycle of information systems, and ensure that work under tight deadlines. Practical recommendations for the choice of countermeasures and evaluate the effectiveness of countermeasures to compare their various options.