Information Security Risk Management using Cognitive Modeling

Shevchenko, Svitlana and Zhdanova, Yuliia and Shevchenko, Halyna and Nehodenko, Olena and Spasiteleva, Svitlana (2023) Information Security Risk Management using Cognitive Modeling Cybersecurity Providing in Information and Telecommunication Systems, 3550. pp. 297-305. ISSN 1613-0073

[thumbnail of S_Shevchenko_Y_Zhdanova_H_Shevchenko_О_Nehodenko_S_ Spasiteleva_CPITS-II-2023_3050.pdf] Text
S_Shevchenko_Y_Zhdanova_H_Shevchenko_О_Nehodenko_S_ Spasiteleva_CPITS-II-2023_3050.pdf

Download (593kB)

Abstract

Making decisions by an individual is an element of managing any process in society; therefore, theories of cognitive science are applicable in various fields, including information and cyber security systems. This study proposes the development of a cognitive model of “danger-risk” in the process of managing information risks in information and cyber security systems. Based on the analysis of scientific literature, the concepts of “cognitive modeling” and “cognitive map” are defined. The views of scholars on methods for creating cognitive maps and mechanisms for simulating problem situations are presented. The main tasks addressed within cognitive analysis and modeling are outlined, and the advantages and disadvantages of cognitive models are identified. In the second part of the study, the main stages of developing the cognitive model of “danger-risk” in the field of information and cyber security are considered: identification of complex situations and issues, construction of a cognitive map, modeling and verification of model adequacy, and dynamic situation analysis. A theoretical model of “danger-risk” is developed, and its elements are highlighted. A list of risk management concepts in information security is characterized, and cause-and-effect relationships between them are justified using SWOT analysis. As an example, for a specific information asset (a database), threats and vulnerabilities are identified, and the risk level for each connection is calculated as the product of the probability of each threat's realization and the probability of corresponding damages. The model of cognitive risk maps in information security is represented in a static form as an oriented graph, with a subsequent selection of methods for handling these risks.

Item Type: Article
Uncontrolled Keywords: Information security risks; information security system; cyber system; cyber risks; cognitive modeling; cognitive danger-risk model; SWOT analysis
Subjects: Це архівна тематика Київського університету імені Бориса Грінченка > Статті у наукометричних базах > Scopus
Divisions: Це архівні підрозділи Київського університету імені Бориса Грінченка > Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка
Depositing User: Павло Миколайович Складанний
Date Deposited: 11 Dec 2023 10:18
Last Modified: 11 Dec 2023 10:18
URI: https://elibrary.kubg.edu.ua/id/eprint/47369

Actions (login required)

View Item View Item