Babenko A.A., Kozunova S.S. The Model of Information Security Threat Profile of Corporate Information System
THE MODEL OF INFORMATION SECURITY THREAT PROFILE OF CORPORATE INFORMATION SYSTEM
Aleksey Aleksandrovich Babenko
Candidate of Sciences (Pedagogy), Associate Professor, Department of Information Security,
Volgograd State University
This email address is being protected from spambots. You need JavaScript enabled to view it.
Prosp. Universitetsky, 100, 400062 Volgograd, Russian Federation
Svetlana Sergeevna Kozunova
Postgraduate Student, Department of Computer-Aided Design and Search Design,
Volgograd State Technical University
This email address is being protected from spambots. You need JavaScript enabled to view it.
Prosp. Lenina, 28, 400005 Volgograd, Russian Federation
Abstract. The level of information security of corporate information systems depends on the security of information assets of the enterprise in which the enterprise information systems are implemented. To protect data processed in corporate information systems, it is advisable to ensure the information security of the system, to identify and predict threats to information security violations. Such measures will ensure effective management of information security and high-quality response to threats in corporate information systems in real time. Thus, the research of threats management and information security of corporate information systems allows the authors to develop a model of threat profile. The difference from the previously proposed models is that the present solution defines the actions that need to be taken when threats are detected and to prevent them. Application of the proposed model will allow implementing special procedures of information security management of the enterprise, using private information security policies for corporate information systems. The authors highlight the key aspects of managing threats to information security of corporate information systems. The vulnerabilities typical for corporate information systems have been allocated. The sources of threats have been formed, and the potential violators have been described. A unique model of the profile of threats to information security for corporate information system has been developed.
Key words: threat profile, the task of threats classification, list of threats, threat sources, vulnerabilities, corporate information system, control, information security.
This work is licensed under a Creative Commons Attribution 4.0 International License.