scholarly journals Models of information technology security risk analysis

2021 ◽  
Vol 40 (2) ◽  
pp. 16-20
Author(s):  
L.V. Zahoruyko ◽  
◽  
T.A. Martʹyanova ◽  
A.V. Skyrda ◽  
◽  
...  
Keyword(s):  
Information Technology ◽  
Risk Analysis ◽  
Security Risk ◽  
Information Technology Security

Security Protection for Critical Infrastructure

2011 ◽  
pp. 609-615
Author(s):  
M. J. Warren
Keyword(s):  
Information Technology ◽  
Risk Analysis ◽  
Computer Security ◽  
Critical Infrastructure ◽  
Information Infrastructure ◽  
Information Warfare ◽  
Security Risk ◽  
Security Risks ◽  
Information Technology Security ◽  
Information Interchange

Understanding and managing information infrastructure (II) security risks is a priority to most organizations dealing with information technology and information warfare (IW) scenarios today (Libicki, 2000). Traditional security risk analysis (SRA) was well suited to these tasks within the paradigm of computer security, where the focus was on securing tangible items such as computing and communications equipment (NCS,1996; Cramer, 1998). With the growth of information interchange and reliance on information infrastructure, the ability to understand where vulnerabilities lie within an organization, regardless of size, has become extremely difficult (NIPC, 1996). To place a value on the information that is owned and used by an organization is virtually an impossible task. The suitability of risk analysis to assist in managing IW and information infrastructure-related security risks is unqualified, however studies have been undertaken to build frameworks and methodologies for modeling information warfare attacks (Molander, Riddile, & Wilson, 1996; Johnson, 1997; Hutchinson & Warren, 2001) which will assist greatly in applying risk analysis concepts and methodologies to the burgeoning information technology security paradigm, information warfare.

scholarly journals Сonceptual Model of Information Technology Security Risk Analysis

2020 ◽  
pp. 2-10
Author(s):  
Roman Anosov ◽  
◽  
Sergey Anosov ◽  
Igor Shakhalov ◽  
◽  
...  
Keyword(s):  
Information Technology ◽  
Risk Analysis ◽  
Security Risk ◽  
Information Technology Security

scholarly journals Analyzing and Managing the Impact of Risks using Multi Fuzzy Inference System

2020 ◽  
Vol 8 (6) ◽  
pp. 1567-1571
Keyword(s):  
Information Technology ◽  
Risk Analysis ◽  
Risk Evaluation ◽  
Fuzzy Inference ◽  
Security Threats ◽  
Security Risk ◽  
Inference System ◽  
Information Technology Security ◽  
Evaluation Approach ◽  
The Impact

Information technology security risk evaluations are necessary in determining measures being taken for risk analysis. Risk analysis is also significant as it predicts the loopholes in the software which can get manipulated during suspicious activities. The article has attempted to analyze the risk issue and further suggests a multi-fuzzy risk evaluation approach for the identification of security threats. This approach analyses hacker risks based on the potential ability for an assailant, their overall probability for an attacks as well as the implications of such attacks. It typically consists of 3 sub fuzzy inference structures. The 1 st fuzzy inference structure assesses an assailant's total capacities. The 2 nd fuzzy inference structure assesses the general probability of ambush success, whereas the 3 rd fuzzy inference structure measures risk thresholds.

scholarly journals IMPLEMENTASI OCTAVE-S DAN STANDAR PENGENDALIAN ISO 27001:2013 PADA MANAJEMEN RISIKO SISTEM INFORMASI PERGURUAN TINGGI

Petir ◽  
2018 ◽  
Vol 11 (2) ◽  
Author(s):  
Rima Rizqi Wijayanti
Keyword(s):  
Higher Education ◽  
Information Technology ◽  
Information Systems ◽  
Risk Analysis ◽  
Teaching And Learning ◽  
Business Processes ◽  
Information Technology Security ◽  
System Risk ◽  
University Performance ◽  
Iso 27001

In higher education, information systems become a strategic tool for the continuity of universities or institutions themselves, especially in the running business processes. The disruption of information systems in higher education will have a bad impact, especially for the continuity of business processes, information systems that initially as a tool will then turn into a threat and even become a risk if it is not properly addressed and mitigated. The problem that arises is that University of Muhammadiyah Tangerang has never conducted a system risk analysis assessment of existing information, including policies relating to information technology security. This study aims to provide information to the University of Muhammadiyah Tangerang regarding the risks, threats and weaknesses of information technology found and recommendations that can be applied to mitigate risks that can arise. This study uses the octave-s risk analysis method combined with ISO 27001: 2013 control standards. The results of this study are in the form of a final document that can be used as a guideline and help in the future development of a risk analysis assessment at UMT. The results of the evaluation obtained, it is known that risk management is in the MEDIUM position, meaning that UMT does not experience risks that can stop / damage information systems that have an impact on the cessation of teaching and learning, but risks and weaknesses in universities can have an impact on decreasing university performance immediately.

Information Technology Development Risks in the Banking Sector

2020 ◽  
Vol 14 (3) ◽  
pp. 44-53
Author(s):  
N. E. Sokolinskaya ◽  
L. M. Kupriyanova
Keyword(s):  
Information Technology ◽  
Customer Service ◽  
Banking Sector ◽  
Technology Development ◽  
Banking System ◽  
Security Risk ◽  
On Line ◽  
Information Technology Development ◽  
Development Risks ◽  
Security Risk Management

The relevance of the article is because in parallel with the processes of introduction of innovations in the field of automation and computerization of the banking system, the number of types of banking risks associated with innovations in the field of on-line customer service and internal Bank reporting, as well as information systems. As a result of this article, we have studied the latest legislative acts of the Central Bank of Russia as a mega-regulator and summarized the practice of both individual credit institutions and the banking sector in the field of information technology development risks in the banking sector. To strengthen the development of new financial technologies in the digital economy, it is necessary to regularly discuss the emergence of new phenomena and innovations; to consider the possibility of further analysis of existing methodological developments to exchange best practices of banks. Building an effective it security risk management system is not a one-time project. Still, a complex process is important, focused on minimizing external and internal threats and taking into account the limitations on resources and time factor

Sign in / Sign up

Export Citation Format

Share Document