Adaptive Monitoring of Companies' Information Security
Abstract
Additions were proposed to the method of organizing the information security (IS) event management process of companies. Unlike existing solutions, the algorithm of the "Event handling" subprocess was detailed. This detailing is a complex, which includes the IS event processing substage. In addition, the proposed detailing of the "Event Handling" subprocess allows for covering the entire life cycle of an IS event. The performed research allows in practice to fill in potential gaps in information when creating a company's ISMS. An additional advantage of the proposed solution is the possibility of using this sub-process as an independent one. The proposed approach makes it possible to simplify the procedure for managing the information security of a company as a whole, as well as potentially reduce the costs of its construction for small companies and enterprises. Also, this sub-process can be considered as an independent information security management process, for example, for a company's CIS. The proposed solutions and additions, in contrast to similar studies, are characterized by invariance with respect to the methods of implementing the company's IS infrastructure solutions, and in particular its CIS. This ultimately allows, without changing the methodological tools, to scale this approach and adapt it to the ISMS of various companies.References
B., Lakhno, M., Gulmira, Y. A Model for Managing the Procedure of Continuous Mutual Financial Investment in Cybersecurity for the Case with Fuzzy Information, (2022) Lecture Notes on Data Engineering and Communications Technologies, 93, pp. 539-553.
Begun AV, Osipova OI, Urdenko OG Pro odnu z sytuatsiynykh modeley upravlinnya informatsiynoyu bezpekoyu pidpryyemstva [About one of the situational models of information security management of the enterprise]. Modeling and information systems in economics: collection. Science. pr. / Ministry of Education and Science of Ukraine, SHEI "Kyiv. nat. econ. Univ. Vadim Hetman "; [editor: OE Kaminsky (ed.), etc.]. - Kyiv: KNEU, 2020. - Issue. 100. - P. 39–50.
Bhatt, S., Manadhata, P. K., & Zomlot, L. (2014). The operational role of security information and event management systems. IEEE security & Privacy, 12(5), 35-41.
Culot, G., Nassimbeni, G., Podrecca, M., & Sartor, M. (2021). The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda. The TQM Journal.
Fonseca-Herrera, O. A., Rojas, A. E., & Florez, H. (2021). A model of an information security management system based on NTC-ISO/IEC 27001 standard. IAENG Int. J. Comput. Sci, 48(2), 213-222.
Gabriel, R., Hoppe, T., Pastwa, A., & Sowa, S. (2009, March). Analyzing malware log data to support security information and event management: Some research results. In 2009 First International Confernce on Advances in Databases, Knowledge, and Data Applications (pp. 108-113). IEEE.
ITIL Service Operation Second edition. 2011. С. 58-72.
Kang, K., & Kim, J. (2015). A case study on converged security with event correlation of physical and information security. International Journal of Security and Its Applications, 9(9), 77-94.
Khokh, V. D., Meleshko, E. V., & Smirnov, O. A. (2017). Doslidzhennya metodiv audytu system upravlinnya informatsiynoyu bezpekoyu. [Follow-up methods for auditing information security management systems]. Management systems, navigation and communication. Collection of scientific works, 1(41), 38-42.
Ključnikov, A., Mura, L., & Sklenár, D. (2019). Information security management in SMEs: factors of success. Entrepreneurship and Sustainability Issues, 6(4), 2081.
Ko, K., Kim, H. K., Kim, J., Lee, C. Y., Cha, S. G., & Jeong, H. C. (2009, August). Design and Implementation of SIP-aware Security Management System. In International Workshop on Information Security Applications (pp. 10-19). Springer, Berlin, Heidelberg.
Kuznetsov, A. V. (2015). A method of organizing the event management process in terms of their processing within the enterprise information security management system. Information security issues, (2), 57-62.
Lakhno, V., Plyska, L. Analysis of Models for Selection of Investment Strategies, (2021) 2020 IEEE International Conference on Problems of Infocommunications Science and Technology, PIC S and T 2020 - Proceedings, № 9468024, pp. 43-46.
Lallie, H. S., Shepherd, L. A., Nurse, J. R., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of covid-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, 102248.
Lopez, M. A., Silva, R. S., Alvarenga, I. D., Rebello, G. A., Sanz, I. J., Lobato, A. G., & Pujolle, G. (2017, October). Collecting and characterizing a real broadband access network traffic dataset. In 2017 1st Cyber Security in Networking Conference (CSNet) (pp. 1-8). IEEE.
Miller D. et al. Security information and event management (SIEM) implementation. – McGraw-Hill, 2011.
Nadezhdin, E. N., & Belyanskaya, O. V. (2019). K voprosu analiza ustoychivosti sistemy upravleniya riskami informatsionnoy bezopasnosti. In Sovremennyye instrumental'nyye sistemy, informatsionnyye tekhnologii i innovatsii. [On the issue of stability analysis of the information security risk management system]. In Modern tool systems, information technology and innovation (pp. 144-148).
National Institute of standards and technology. Special Publication 800-92. Guide to Computer Security Log Management. 2006. - 61 p
Ovcharenko M. Yu. Analysis of correlation rules in information security and security management systems / M. Yu. , 8–9 April 2021 - VA ZS AR; NTU "KhPI"; NAU, SE "PDPRONDIAVIAPROM"; UmZh, 2021. - Vol. 2, sections 3-5.– pp. 46.
Poltavtseva, M. A., & Zegzhda, D. P. (2020). Adaptive monitoring of CFS information security from the point of view of a systematic approach. Methods and technical means of ensuring information security, (29), 88. pp. 1661-1669.
Renners, L., Heine, F., & Rodosek, G. D. (2017, September). Modeling and learning incident prioritization. In 2017 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS) (Vol. 1, pp. 398-403). IEEE.
Shatnawi, M. M. (2019). Applying Information Security Risk Management Standards Process for Automated Vehicles. Bánki Közlemények (Bánki Reports), 2(1), 70-74.
Sievierinov O.V., Ovcharenko M.Y. Analysis of correlation rules in Security information and event management systems. Computer and information systems and technologies. 2020. P. 24-25.
Siponen, M., & Willison, R. (2009). Information security management standards: Problems and solutions. Information & management, 46(5), 267-270.
Tanadi, Y., Soeprajitno, R. R. W. N., Firmansah, G. L., & El Karima, T. (2021). ISO 27001 Information Security Management System: Effect of Firm Audits in Emerging Blockchain Technology. Riset Akuntansi dan Keuangan Indonesia, 6(2), 198-204.
Ushatov V., Severinov O.V. Problems of operational detection and response to information security incidents. – Kharkiv: KNURE, 2019. - pp. 104–105. (2019).
White, G. (2021). Generation Z: Cyber-Attack Awareness Training Effectiveness. Journal of Computer Information Systems, 1-12.
Wu, W., Shi, K., Wu, C. H., & Liu, J. (2021). Research on the Impact of Information Security Certification and Concealment on Financial Performance: Impact of ISO 27001 and Concealment on Performance. Journal of Global Information Management (JGIM), 30(3), 1-16.
Downloads
Published
Issue
Section
License
Copyright (c) 2023 International Journal of Electronics and Telecommunications
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
1. License
The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on https://creativecommons.org/licenses/by/4.0/.
2. Author’s Warranties
The author warrants that the article is original, written by stated author/s, has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author/s. The undersigned also warrants that the manuscript (or its essential substance) has not been published other than as an abstract or doctorate thesis and has not been submitted for consideration elsewhere, for print, electronic or digital publication.
3. User Rights
Under the Creative Commons Attribution license, the author(s) and users are free to share (copy, distribute and transmit the contribution) under the following conditions: 1. they must attribute the contribution in the manner specified by the author or licensor, 2. they may alter, transform, or build upon this work, 3. they may use this contribution for commercial purposes.
4. Rights of Authors
Authors retain the following rights:
- copyright, and other proprietary rights relating to the article, such as patent rights,
- the right to use the substance of the article in own future works, including lectures and books,
- the right to reproduce the article for own purposes, provided the copies are not offered for sale,
- the right to self-archive the article
- the right to supervision over the integrity of the content of the work and its fair use.
5. Co-Authorship
If the article was prepared jointly with other authors, the signatory of this form warrants that he/she has been authorized by all co-authors to sign this agreement on their behalf, and agrees to inform his/her co-authors of the terms of this agreement.
6. Termination
This agreement can be terminated by the author or the Journal Owner upon two months’ notice where the other party has materially breached this agreement and failed to remedy such breach within a month of being given the terminating party’s notice requesting such breach to be remedied. No breach or violation of this agreement will cause this agreement or any license granted in it to terminate automatically or affect the definition of the Journal Owner. The author and the Journal Owner may agree to terminate this agreement at any time. This agreement or any license granted in it cannot be terminated otherwise than in accordance with this section 6. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.
7. Royalties
This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by the Journal Owner or its sublicensee.
8. Miscellaneous
The Journal Owner will publish the article (or have it published) in the Journal if the article’s editorial process is successfully completed and the Journal Owner or its sublicensee has become obligated to have the article published. Where such obligation depends on the payment of a fee, it shall not be deemed to exist until such time as that fee is paid. The Journal Owner may conform the article to a style of punctuation, spelling, capitalization and usage that it deems appropriate. The Journal Owner will be allowed to sublicense the rights that are licensed to it under this agreement. This agreement will be governed by the laws of Poland.
By signing this License, Author(s) warrant(s) that they have the full power to enter into this agreement. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.