ISSUES OF AUTOMATION OF THE AUDIT IN ACCORDANCE WITH GOST R 57580.2-2018

The modern world can be characterized by a huge amount of information and computerization of all spheres of human activity. But one of the most valuable information can be considered the information that concerns financial organizations. There are incidents of information security in financial organizations that can lead not only to the violation of the interests of an individual client, but also to the crisis of the financial market of the entire country. Information security audit allows you to detect violations in the organization's information system in a timely manner, which significantly increases the security of information. Often, timely and rapid receipt of a qualitative and quantitative assessment of the level of security allows you to avoid an incident. To improve the accuracy of estimates and reduce the time of their receipt, the application "Audit57580" was developed, the relevance of which is discussed in detail in the article.

Download Full-text

RESEARCH ON THE USE OF DECEPTION TECHNOLOGY TO PREVENT CYBERSECURITY THREATS

CASPIAN JOURNAL Control and High Technologies ◽

10.21672/2074-1707.2020.52.4.085-098 ◽

2020 ◽

Vol 52 (4) ◽

pp. 85-98

Author(s):

MIKHAIL M PUTYATO ◽

◽

ALEKSANDR S. MAKARYAN ◽

SHAMIL M. CHICH ◽

VALENTINA K. MARKOVA ◽

...

Keyword(s):

Comparative Analysis ◽

Information Security ◽

Internet Of Things ◽

The Internet ◽

Security Audit ◽

Timely Manner ◽

Simple Operation ◽

Malicious Activity ◽

Iot Devices ◽

High Level

Internet of things (IoT) devices have become increasingly popular in recent years. IoT refers to smart refrigerators, smart locks, video nannies, and other household devices that have access to the Internet. However, the growing popularity of IoT technology is increasingly attracting the attention of hackers who are interested both in disclosing confidential enduser data and in misuse of the computing resources of the attacked devices. Unfortunately, malicious attacks often result in successful compromise of devices, with the ensuing consequences. The reasons for the high level of compromise of IoT devices are caused both by errors in the design, implementation, and relatively simple operation with the use of various information security audit tools. To identify defects in the development and implementation of devices, you need to have some idea about them, that is, to identify and eliminate them in a timely manner. This can be achieved in various ways. One of these methods is to create special traps that collect information about the activity of an attacker, called honeypot. The essence of the honeypot technology is to emulate or implement the functionality of existing devices, services, and protocols, with the accumulation of data about malicious activity of an attacker. The information obtained can be used to improve the protection of real devices, services, and protocols, as well as to develop measures to counter hackers. The article provides a comparative analysis of the existing most popular honeypot systems in order to identify the best system. The analysis identified both the weaknesses and strengths of these systems. Next, an attempt is made to adapt these same systems to function at the level of Internet of things devices.

Download Full-text