• INFORMATION SECURITY

    Determining the period for information security risk checks

    Security & Future, Vol. 5 (2021), Issue 3, pg(s) 94-97

    Risk assessments are not a one-off action, but there are no formal guidelines on when and how often a risk assessment should be carried out. Changing factors affect the risk assessment parameters. The strongest influence of these changes is the probabil ity of an accident. The article describes the main parameters of a model that is built on the basis of an asset and the incident scenarios defined for it. An analysis of the changes in the probability of an accident has been made. Dependencies are derived to determine the appropr iate periods for checking the risk factors. These periods must ensure an acceptable level of risk, which is within acceptable levels for the organization.

  • INFORMATION SECURITY

    Analysis of changes in the probability of an incident with information security

    Security & Future, Vol. 5 (2021), Issue 1, pg(s) 24-27

    Risk assessments are not a one-off action, but there are no formal guidelines on when and how often a risk assessment should be performed. Changing factors affect the risk assessment parameters. The strongest influence of these changes is the probability of an accident. Examining changes in the likelihood of an accident will allow for more accurate planning of periods for checking ri sk factors and assessing risk. In this way, the assessed risk will reflect the changes that have taken place and will lead to more adequate risk management. The analysis of the influence of the changing risk factors is made with the help of a model, which is built on the basis of one asset and the accident scenarios determined for it. The model examines the characteristics of changes in the risk factors for the asset. Th e probability distribution for the random number of changes is determined. The results of the amended conditions are also random. They are expressed in a change in the level of probability of an accident. For these random variables, the main probabilistic characteristics are d etermined and dependencies are derived that can be used for analysis.