{"title":"Research on Information Security Risk Assessment Techniques","authors":"R. A. Smirnov, S. Novikov","doi":"10.33764/2618-981x-2022-6-250-257","DOIUrl":null,"url":null,"abstract":"The emergence of new technologies not only generates new methods of attacks, but also expands the existing list of threats, and, as you know, each threat can be carried out by a large number of different attacks. To date, there are methods based on various approaches to the study of information security threats, such as: assessment of the relevance of information security threats according to the FSTEC methodology of Russia, ATT&CK Matrix for Enterprise, Howard-Longstaff incident taxonomy, information security threat assessment study based on a security model. All of the above methods can be divided into two groups of threat assessment: quantitative and qualitative. In this connection, there is a need to conduct their research. The article presents a study of methods for assessing information security threats, conducted in various ways.","PeriodicalId":13672,"journal":{"name":"Interexpo GEO-Siberia","volume":"18 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Interexpo GEO-Siberia","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.33764/2618-981x-2022-6-250-257","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The emergence of new technologies not only generates new methods of attacks, but also expands the existing list of threats, and, as you know, each threat can be carried out by a large number of different attacks. To date, there are methods based on various approaches to the study of information security threats, such as: assessment of the relevance of information security threats according to the FSTEC methodology of Russia, ATT&CK Matrix for Enterprise, Howard-Longstaff incident taxonomy, information security threat assessment study based on a security model. All of the above methods can be divided into two groups of threat assessment: quantitative and qualitative. In this connection, there is a need to conduct their research. The article presents a study of methods for assessing information security threats, conducted in various ways.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
