The Different Aspects of Information Security Education

This chapter discusses the importance of information security education for everyone, ranging from organizations to professionals and students, all the way through to individual users of information and communication systems. It discusses the different subject areas in information security and shows how instead of being intimidated by it, different categories of users can obtain varying depths of information security education based on their cyber-activities and need for knowledge. Information security professionals would require an in-depth knowledge in all aspects of information security, and information technology professionals and students would require an overall education in these areas, while most users of information and communication systems would only require a basic education to help protect their information assets in cyberspace.

An Overview of the IT Risk Management Methodologies for Securing Information Assets

Effective information asset management is the basis of information security as well as many other issues. IT risk assessments work well with the proper handling of asset values, and also it is for effectively securing information assets. There is also a wide variety of risk assessment methodologies. This chapter presents information about the overall IT risk management process and methodologies. Best practices are mentioned and occasionally compared based on the requirements of the information technology (IT) sector in practice. This chapter will provide deep knowledge about the IT risk management approach and construction to implementers, risk owners, IT auditors, executive managers, and other IT staff.

Methodology for Assessing the Risks of Information Enterprise Security Using Case Technologies

Purpose of the study. Creating an effective information security system of an enterprise is impossible without an adequate assessment of the risks to which its assets are exposed. The results of such an assessment should become the basis for making decisions in the field of information security of the enterprise. Identification of information assets and assessment of their value, determination of the level of threats to the security of assets allow planning measures to create an enterprise information security system.This paper discusses a methodology for assessing the risks of information security of an enterprise, a distinctive feature and novelty of which is the use of modern tools and methods for constructing and analyzing business processes in order to identify the information assets of an enterprise to be protected.Materials and methods. It is proposed to identify information assets based on the model of business processes of the enterprise, performed using the IDEF0 methodology. Modeling of business processes was carried out in the Business Studio environment of the “Modern Management Technologies” company.The activity of a typical IT-industry company was considered as an example for the risk analysis.Results. The methodology for assessing the risks of information security of an enterprise described in the article has been successfully tested in the educational process. Its use in conducting laboratory classes in the discipline “Designing the information security system of enterprises and organizations” for masters studying in the direction of “Information security” allowed, according to the authors of the article, to increase the effectiveness of the formation of students’ professional competencies.Conclusion. The paper proposes a methodology for assessing information security risks for objects of an enterprise’s information infrastructure, which makes it possible to identify priority areas of information security at an enterprise. As a result of the application of the technique, a loss matrix is formed, showing the problem areas in the organization of information protection, which should be given priority attention when planning information security measures. Based on the data obtained, it is possible to form an economically justified strategy and tactics for the development of an enterprise information security system.

Criticisms of digital art: foundations and theoretical limits

This article attempts a critical examination of the actual digital art production, posing key questions about its artistic value inside the contemporary esthetic discourse, including the relationships with the art system. Considering the properties of the numeric language, two important topics will be discussed: the dialectic artwork-process and the meaning of digital multimedia. With the support of up-to-date computational creativity theories and the evidences of experimental digital art, the treacherous influence of the romantic aesthetic paradigm and the traditional art system will be tested. As a possible solution, the author suggests rethinking the components of software as meta-medium, such as its information assets, its algorithms, the code textual properties, interactivity and interfaces. In the conclusions it will be stressed that the immateriality of software is paramount to avoid misunderstandings and to open new fields of research. For instance, natural computation, ethnomathematics and ethnocomputing are valuable social and educational contents and meanings that could substantially improve digital art.

Integration of information resources of situational centers

The existing approaches towards formation of a single information space for accessing from various information resources are not effective enough from the economic and operational perspective. The subject of this research is the information assets from different sources used for the work of intelligent situational centers. The goal lies in the development of methodology for unification of such resources into a single information space, which is essential for the processing of large volumes of unstructured and poorly structured information. The article explores the models and types of data, information space of the activity for determining the end type of data representation, and the algorithm of transitioning from the object to NoSQL model. As a result of the conducted research, the author built a new information structure of the intelligent situational center. The proposed methodology for the formation of physical data models is compatible with the four types of NoSQL databases: columns, documents, graphs, and a key value. The data models (conceptual, logical, and physical) used in the developed process comply with the meta-models: from conceptual to logical stage, followed by from logical to physical stage. The offered solution should be implemented in the form of a hardware-in-the-loop complex that utilizes the described methodology for integrating the information flows from various situational centers. This would ensure the adaptive dynamic transformation of incoming data and their further use within the situational center.