Назва: Information Technology of Information Security Audit of Objects of Critical Infrastructure
Вантажиться...
Файли
Дата
Назва журналу
Номер ISSN
Назва тому
Видавець
Анотація
Context. The scientific and practical task to substantiate the mathematical apparatus on the basis of which the information technology of information security audit of critical infrastructure is developed, which provides verification of compliance of critical infrastructure with the general requirements approved by the Cabinet of Ministers of Ukraine dated 2019-06-19, No.518. A security audit is one of the most effective measures to increase the level of information security of the critical infrastructure. Objective. The purpose of the work is to create information security audit of critical information infrastructure on the basis of separate partial solutions of information technology. Method. On the basis of the general requirements defined by the Resolution of the Cabinet of Ministers of Ukraine dated 2019-06-19, No.18 “On approval of the General requirements for cyber protection of critical infrastructure objects” a set of indicators and evaluation criteria was proposed. The structure of future information technology was offered. In accordance with the structure of information technology, the stages of the methodology of information security audit of critical infrastructure were built. The technique contains a simple mathematical apparatus that simplifies calculations even in Microsoft Excel spreadsheets. In this paper, in contrast to the known methods and techniques, it is proposed to take into account the weight of the importance of information security requirements. As a result, the method has become sensitive to the most critical requirements for cybersecurity of critical infrastructure. Results. Information technology of information security audit of critical information infrastructure objects has been developed. Conclusions. The experiments in Microsoft Excel spreadsheets confirm the efficiency of the proposed method. It is advisable to recommend the development of software that would in practice automate the process of information security audit of critical information infrastructure. The scientific novelty of the obtained result is that for the first time the information technology of information security audit of critical infrastructure facilities was developed, which provides verification of compliance of critical infrastructure facilities with the general requirements approved by the Cabinet of Ministers of Ukraine dated 19 June 2019, No.518. The practical significance of the work lies in the possibility of developing information technology software. Prospects for further research in this area. The presented study does not cover all aspects of this problem. Theoretical and practical results obtained in the process of scientific research are the basis for further study in such areas as the development of information technology software.
Опис
Ключові слова
audit, critical infrastructure facility, information security, Information technology
Бібліографічний опис
Kozubtsov I., Lishchyna N., Kozubtsova L., Trush I., Yashchuk A. Information Technology of Information Security Audit of Objects of Critical Infrastructure. Proceedings of the Selected Papers of the Workshop on Emerging Technology Trends on the Smart Industry and the Internet of Things (TTSIIT 2022). (Kyiv, January 19. 2022). P. 97-106.