EFFICIENCY OF THE INDICATORS INVESTMENT CALCULATION METHOD IN THE INFORMATION SECURITY SYSTEM OF INFORMATION OBJECTS

The article analyzes publications on the evaluation of investments in information security (IS) of objects of informatization (OBI). The possibility and necessity of obtaining the necessary data have been substantiated, contributing to a reliable assessment of the effectiveness of measures aimed at increasing the company’s IS. In the study process, the modelling methods have been used. A methodology is proposed for calculating indicators from investment activities in the context of increasing IS metrics of OBI. A specific example of such simulation is described. The proposed methodology provides an assessment of the damage prevention from a cyber-attack. The amount of the damage prevention from a cyber-attack is taken as a basic indicator for calculating the economic effect of investing in information security tools (IST). The performed simulation modelling allowed taking into account the relative uncertainty of the real situation with IS of OBI. The conducted study will help practitioners in the field of IS to obtain informed decisions to increase the efficiency of investment projects in the field of IS for OBI, using the approach outlined in the study. Unlike the existing ones, the proposed methodology takes into account both direct and indirect factors of investment projects in the field of IS of OBI

Download Full-text

THE SIMULATION MODELLING METHODS FOR ORGANIZATION OF THE ONCOLOGY PATIENTS ROUTING

10.46793/iccbi21.247z ◽

2021 ◽

Author(s):

Julya Zuenkova ◽

◽

Dmitry Kicha

Keyword(s):

Waiting Time ◽

Simulation Modeling ◽

Simulation Modelling ◽

X Ray ◽

Modeling Methods ◽

Care Services ◽

Stay Time ◽

Therapy Room ◽

Oncology Care ◽

Modelling Methods

Patient routing is a key tool for ensuring the availability and quality of cancer care, ensuring early detection of pathology and timely treatment. Mathematical and simulation modeling methods allow to predict the bottlenecks of patient flows and plan the optimal distribution of healthcare resources. Goal to optimize patients’ pathways for oncology care using the simulation modelling methods. Materials and methods Patient routing was presented in the logic of discrete events, the average resource utilization, the patient’s stay time were described, the bottlenecks of the system were determined. Simulation modeling methods were used to build the optimal organization of oncology care services in the region. Results The average waiting time at the pre-hospital stage was 10 days, the average hospitalization time for X-ray therapy was 24 bed days, the throughput of the X-ray therapy room was 6 patients per week, the average duration of the X-ray therapy session per patient was 10 minutes. With the help of simulation modeling methods, a multimodal system of oncodermatology care was created and put into practice, which allowed to reduce the patient’s waiting time for treatment to 0.7 days, increasing the throughput of the entire system.

Download Full-text

DEVELOPMENT OF STATE-PRIVATE PARTNERSHIP IN THE UDMURT REPUBLIC

Bulletin of Udmurt University. Series Economics and Law ◽

10.35634/2412-9593-2021-31-5-783-790 ◽

2021 ◽

Vol 31 (5) ◽

pp. 783-790

Author(s):

S.V. x S.V. Radygina

Keyword(s):

Economic Effect ◽

Public Private Partnership ◽

Social Infrastructure ◽

Private Partnership ◽

Distinctive Features ◽

Investment Projects ◽

The Social ◽

Development Institutions ◽

Udmurt Republic ◽

Private And Public

The article discloses the essence of the public-private partnership mechanism, various approaches to its definition, both at the level of legislative acts of the Russian Federation and international organizations (UN). Different forms of PPP projects, their peculiarities and distinctive features are described in accordance with federal laws on public-private partnership and concession agreements. Instruments are being considered to support investors implementing investment projects of social infrastructure on the basis of PPPs, from federal and regional development institutions, as well as state authorities. An analysis of the level of PPP development in the Udmurt Republic is carried out, concrete examples of successful cooperation between private and public parties on the organization of financing and implementation of the project on the basis of public-private or municipal-private partnership are given. The use of this mechanism allows to obtain a significant economic effect due to the fact that there is a personal interest of a private person in obtaining income from a built or modernized facility. In addition, the social component plays an important role, PPP allows you to direct funds to those industries that are initially considered not promising enough to conduct business, but are often of key importance for the development of the region and ensuring a comfortable urban environment for the population.

Download Full-text

The effectiveness of the Centralized Use of Digital Technologies, Information Resources and Information Protection Tools in Government by the Example of the Republic of Tyva

Proceedings of Southwest State University ◽

10.21869/2223-1560-2019-23-6-99-114 ◽

2020 ◽

Vol 23 (6) ◽

pp. 99-114

Author(s):

B. S. Dongak ◽

A. S. Shatohin ◽

R. V. Meshcheryakov

Keyword(s):

Risk Management ◽

Information Security ◽

Management System ◽

Economic Effect ◽

Security Management ◽

Information Resources ◽

Information Protection ◽

Information Security Management ◽

Information Security Management System ◽

Software And Hardware

Purpose of research. The purpose of this study is to assess the possibility of applying the methodology for centralized management of systems and information risks using the example of informatization of public departments of Republic of Tyva in order to optimize the cost of purchasing technical, software and hardware-software means of protecting information, as well as the payroll of maintenance technical personnel.Methods. One of the main research methods is the creation of an experimental model of the mechanism of a single information and computing network, combining various government departments located within the same administrative building, which allows working simultaneously with distributed or centralized applications, databases and other services, as well as centralized information risk management security. The next research method is the analysis and study of the principle of operation of information resources, information systems, databases, and the increase in the number of domain users if they are combined into a single data transfer network. The interaction and effectiveness of personnel, a specialized unit based on one government agency, ensuring the regular functioning of the network and the necessary level of information security for all government departments.Results. As a result, an economic effect is achieved by eliminating the acquisition of duplicate software and hardware information protection, increasing the efficiency of using unified information services, and creating a centralized structural unit that uses risk management tools and makes information security management decisions based on the principles of system analysis , structuring method and expert survey methods. The results of the study have been used in solving problems of improving the information security management system of the authorities of Republic of Tyva.Conclusion. We have developed the original information technology architecture of the information security management system and centralized use of information technologies for the government of Republic of Tyva. The distinctive features of the structure of software tools for the centralized approach are the multi-agent implementation of the control elements of the decision support system and the integration of various types of security management models into a single complex.

Download Full-text

Identifying the Business Value of Information Security

Advances in Business Information Systems and Analytics - Approaches and Processes for Managing the Economics of Information Systems ◽

10.4018/978-1-4666-4983-5.ch010 ◽

2014 ◽

pp. 157-180

Author(s):

Lucas Cardholm

Keyword(s):

Information Security ◽

Value Of Information ◽

Business Value ◽

Bottom Line ◽

Financial Cost ◽

Business Context ◽

Investment Projects ◽

Equal Footing ◽

Cost Projection ◽

Benefits And Costs

Management may see information security as an inhibitor to daily operations if the investment is not well aligned with current business activities or is presented in financial terms not relevant to their agenda. While this chapter shows that information security improvements create bottom-line business benefits, there is still a need for security managers to focus on quantifying those benefits in relevant financial terms. The purpose is to demystify the principles of general investment processes and criteria for calculating the benefits and costs of investments while accentuating alignment to the imperatives of the organization that makes the investment. As information security investments are assessed alongside other investment projects, it helps to consider them on an equal footing, implying the use of similar, and ideally the same, methods of financial cost projection. It is equally important to position and present the proposed investment in a relevant business context.

Download Full-text

EVALUATION OF POST-VOYAGE OPERATIONS DURATION BY THE SHIPOWNER�S EMPLOYEES USING SIMULATION MODELLING METHODS

Vestnik Gosudarstvennogo universiteta morskogo i rechnogo flota imeni admirala S O Makarova ◽

10.21821/2309-5180-2020-12-5-884-893 ◽

2020 ◽

Vol 12 (5) ◽

pp. 884-893

Author(s):

Mariia D. Diakonova ◽

◽

Anton D. Semenov ◽

Keyword(s):

Simulation Modelling ◽

Modelling Methods

Download Full-text

Analysis of the economic effect of the implementation of public-private partnership projects in the Republic of Kazakhstan

Entrepreneur’s Guide ◽

10.24182/2073-9885-2021-14-1-125-132 ◽

2021 ◽

Vol 14 (1) ◽

pp. 125-132

Author(s):

A. A. Nuraliyev ◽

E. I. Kulikova

Keyword(s):

Economic Effect ◽

Public Private Partnership ◽

Effective Mechanism ◽

Private Partnership ◽

Investment Projects ◽

The Republic

This article examines public–private partnership as an effective mechanism in the investment market. It also analyzes the advantages of PPP in comparison with budget-investment projects. The author provides the main problems of PPP projects implementation and suggests ways to solve them.

Download Full-text

End-Point Information Security in the Healthcare Industry: A Critical Review

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.36.23799 ◽

2018 ◽

Vol 7 (4.36) ◽

pp. 338

Author(s):

Arif Uzzaman ◽

. .

Keyword(s):

Information Security ◽

Current Literature ◽

Medical Center ◽

Third Party ◽

Healthcare Industry ◽

Cyber Attack ◽

Security Attacks ◽

Healthcare Organizations ◽

The Subject ◽

Security Compliance

The ability of the healthcare industry to keep abreast with the evolving trends in endpoint information security depends on combinations of measures. In the current literature, some of these measures include the development of analytics capable of spotting intruders on time, embracing quick reactions to potential or detected intrusions, and the decision to employ robust system defenses. In this paper, the main aim was to review the current literature regarding the subject of endpoint information security, with critical insights gained from the case of the healthcare industry. Findings suggest that the healthcare industry forms one of the most attractive arenas for security attackers. Some of the healthcare organizations that have been victims of recent security attacks include the Californian Hollywood Presbyterian Medical Center that experienced a data breach in February 2016 and MedStar Health Inc. (in the same month). In the following month, San Diego’s Alvaro Hospital Medical Center was also targeted for cyber attack. Hence, some algorithms have been proposed to counter these attacks; including the use of SOA-based EHRs, the implementation of the RBAC model, the use of k-anonymity, k-unlinkability, and the SQL searching mechanisms that target the patients’ encrypted data. Also, some strategies have been proposed as best practices in endpoint information security. These strategies include the management of identity lifecycles, the establishment of risk-aware cultures, the management of third-party security compliance, and securing healthcare firms’ devices in terms of design. Overall, it is evident that the complexity of endpoint information security in the healthcare industry (due to the evolution of applications such as virtualization and cloud computing) implies that the ability to survive from future security attacks will depend on the firms’ ability to keep abreast with industry demands.

Download Full-text

Overview of the Impact of Human Error on Cybersecurity based on ISO/IEC 27001 Information Security Management

Journal of Information Security and Cybercrimes Research ◽

10.26735/wlpw6121 ◽

2021 ◽

Vol 4 (1) ◽

pp. 95-102

Author(s):

Amar Yasser El-Bably

Keyword(s):

Information Security ◽

Human Error ◽

International Standards ◽

Cyber Attack ◽

Negative Effects ◽

Human Errors ◽

Access To Data ◽

Concept Of Information ◽

Iec 27001 ◽

The Impact

Information security is the practice of protecting information by mitigating the risk of cyber-attack, and typically includes preventing or reducing the possibility of unauthorized/inappropriate access to data, unlawful use, disclosure, disruption. This concept of information security covers as well various procedures aiming at minimizing the negative effects of such incidents and threats. These threats might be originated from the human behavior which may lead to a wide damage of the organization data assets. Thus, the primary focus of information security is on the balanced protection of confidentiality, integrity and availability of data while maintaining an effective use of the organizations' systems. International standards related to information security such as ISO/IEC 27001 emphasis on effective implementation of the information security policies and applications without hampering the productivity of the organization. This research seeks to draw a set of practical rules to be established within an organization to preserve cybersecurity objectives and protect dada specifically from human errors incidents. The drawn rules are based on ISO/IEC 27001 and its application within organizations will rise the employee’s awareness about their behavior to reduce the impact of such incidents on the organization' systems and data.

Download Full-text

Evaluation of firewall performance when ranging a filtration rule set

Discrete and Continuous Models and Applied Computational Science ◽

10.22363/2658-4670-2021-29-3-230-241 ◽

2021 ◽

Vol 29 (3) ◽

pp. 230-241

Author(s):

Anatoly Y. Botvinko ◽

Konstantin E. Samouylov

Keyword(s):

Information Flow ◽

Computing System ◽

Logical Structure ◽

Simulation Modelling ◽

Service Discipline ◽

The Matrix ◽

Filtering Efficiency ◽

Rule Set ◽

Modelling Methods ◽

Request Service

This article is a continuation of a number of works devoted to evaluation of probabilistic-temporal characteristics of firewalls when ranging a filtration rule set. This work considers a problem of the decrease in the information flow filtering efficiency. The problem emerged due to the use of a sequential scheme for checking the compliance of packets with the rules, as well as due to heterogeneity and variability of network traffic. The order of rules is non-optimal, and this, in the high-dimensional list, significantly influences the firewall performance and also may cause a considerable time delay and variation in values of packet service time, which is essentially important for the stable functioning of multimedia protocols. One of the ways to prevent decrease in the performance is to range a rule set according to the characteristics of the incoming information flows. In this work, the problems to be solved are: determination and analysis of an average filtering time for the traffic of main transmitting networks; and assessing the effectiveness of ranging the rules. A method for ranging a filtration rule set is proposed, and a queuing system with a complex request service discipline is built. A certain order is used to describe how requests are processed in the system. This order includes the execution of operations with incoming packets and the logical structure of filtration rule set. These are the elements of information flow processing in the firewall. Such level of detailing is not complete, but it is sufficient for creating a model. The QS characteristics are obtained with the help of simulation modelling methods in the Simulink environment of the matrix computing system MATLAB. Based on the analysis of the results obtained, we made conclusions about the possibility of increasing the firewall performance by ranging the filtration rules for those traffic scripts that are close to real ones.

Download Full-text

RANKING EFFICIENCY OF RURAL PROPERTY INVESTMENT PROJECTS USING MULTICRITERIA DECISION METHODS/DAUGIAKRITERINIS KAIMO STATINIŲ INVESTICINIŲ PROJEKTŲ, EFEKTYVUMO VERTINIMAS

Journal of Civil Engineering and Management ◽

10.3846/13921525.2001.10531730 ◽

2001 ◽

Vol 7 (3) ◽

pp. 238-246 ◽

Cited By ~ 2

Author(s):

Sigitas Lunkevičius ◽

Leonas Ustinovičius ◽

Edmundas Kazimieras Zavadskas

Keyword(s):

Net Present Value ◽

Economic Effect ◽

Investment Project ◽

Fish Products ◽

Investment Projects ◽

Partial Ranking ◽

Key Indicator ◽

Ranking Criteria ◽

Decision Methods ◽

Calculation Results

Many researchers are right considering economic effect of investments as the key indicator, however, ranking other social, ecological and technical indicators of efficiency separately and leaving them outside of investment ranking criteria system. The authors suggest using together all known efficiency criteria plus some specific of rural property: Payback period, Net present value, Internal rate of return, Profitability index, Business perspective, Rural property purchase price, Rural property reconstruction price, Number of workspace, Taxes, Social level of villagers, Fascination of village. Ranking rural property investment project does not mean deciding which criterion is preferred to another one. Therefore in this situation we use ELECTRE IV approach, because it's objective is to rank the options, but without any weighting criteria. The authors have made some alternatives of rural property revival: Heating and airing systems factory, Fish products manufacture, Woodworker manufacture. On the basis of calculation results the following partial ranking of the alternative projects is suggested: Fish products manufacture; Heating and airing systems factory; 3. Rural property; 4. Woodworker manufacture; 5. Sport and leisure centre.

Download Full-text