Decision-making on the Base of Linear Optimization in the Process of Management of Information Security Risks

Жданова, Юлія Дмитрівна and Шевченко, Світлана Миколаївна and Спасітєлєва, Світлана Олексіївна and Сокульський, О.Є. (2024) Decision-making on the Base of Linear Optimization in the Process of Management of Information Security Risks Кібербезпека: освіта, наука, техніка (1(25)). pp. 330-343. ISSN 2663-4023

[thumbnail of Yu_Zhdanovа_S_Shevchenko_S_Spasiteleva_O_Sokulsky_СEST_1_25_2024.pdf] Text
Yu_Zhdanovа_S_Shevchenko_S_Spasiteleva_O_Sokulsky_СEST_1_25_2024.pdf - Published Version

Download (928kB)

Abstract

Information security is a critical field in which many different factors and constraints must be taken into account to ensure that data and infrastructure are protected. One of the main challenges in this area is the optimal allocation of limited resources between different security measures, which requires the use of mathematical methods to find optimal solutions. This article discusses the use of linear programming methods to solve problems related to optimizing the costs of information security risk reduction measures. The article reviews scientific sources on the applied aspect of linear programming for risk assessment and information security risk management. The article shows the process of building a model based on a linear programming problem, starting with the formalization of the problem, selection of the objective function and constraints, and ending with obtaining an optimal solution with its analysis and interpretation. The model in the form of a linear programming problem allows optimizing the total costs of information security, taking into account the chosen direction of optimization and given the given constraints on resources—budget, time, technical and other. The article presents the use of linear optimization based on the SWOT analysis of information security risks, which allows organizations to systemize and specify the risk management process, directing limited resources to the most critical areas and ensuring optimal protection of data and information systems. The obtained results show that the use of linear programming methods allows to achieve a significant optimization of information security costs, providing a high level of protection. Among the promising directions for further research are multi-criteria optimization and dynamic planning with consideration of time changes in risks and costs. This study can be used as an illustrative example of intersubject connections of the disciplines of the specialty 125 Cybersecurity and information protection in the educational activities of students of this specialty.

Item Type: Article
Uncontrolled Keywords: decision-making; information security; information security risks; information security risk management; linear optimization
Subjects: Статті у періодичних виданнях > Фахові (входять до переліку фахових, затверджений МОН)
Divisions: Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки ім. професора Володимира Бурячка
Depositing User: Ю. Д. Жданова
Date Deposited: 12 Nov 2024 12:04
Last Modified: 12 Nov 2024 12:04
URI: https://elibrary.kubg.edu.ua/id/eprint/50164

Actions (login required)

View Item View Item