Autor: |
V.A. Selifanov, A.V. Lyashenko, V.V. Martynenko, M.A. Frolov |
Jazyk: |
English<br />Russian |
Rok vydání: |
2022 |
Předmět: |
|
Zdroj: |
Измерение, мониторинг, управление, контроль, Iss 4 (2022) |
Druh dokumentu: |
article |
ISSN: |
2307-5538 |
DOI: |
10.21685/2307-5538-2021-4-4 |
Popis: |
Background. The organization of the information security incident management process is a very important aspect of the information security system design. The objective of the research was to analyze problems of effective assessment of information security events. Materials and methods. In the theoretical part of the article analyzed international and Russian standarts in the field of information security event management. For example, Russian GOST or international ISO/IEC. The article described such incident management models as PDCA and PICERL. The study proved the importance of using SIEM-solutions in information systems and methods for setting up event correlation. Results. The key thesis of this article are: there is no generally accepted method of incident management; models for building information security event management processes don’t describe the nuances of configuring technical solutions and don’t provide a quick response, analysis and resolution of information security incidents. The results of the study show the main problems of effective assessment of information security events. |
Databáze: |
Directory of Open Access Journals |
Externí odkaz: |
|