Fuzzy cognitive mapping as a scenario approach for information security risk analysis

Shevchenko, Svitlana та Zhdanova, Yuliia та Kryvytska, O. та Shevchenko, H. та Spasiteleva, Svitlana (2024) Fuzzy cognitive mapping as a scenario approach for information security risk analysis Cybersecurity Providing in Information and Telecommunication Systems II 2024, 3826. с. 356-362. ISSN 1613-0073

[thumbnail of S_Shevchenko_Y_Zhdanova_S_Spasiteleva_CPITS_2024_3826_FITM.pdf]

Текст
S_Shevchenko_Y_Zhdanova_S_Spasiteleva_CPITS_2024_3826_FITM.pdf
Download (3MB)

Офіційне посилання: https://ceur-ws.org/Vol-3826/

Анотація

To avoid damaging their reputation in the field of information and cyber security, companies tend to keep incidents and attacks that affect their operations under wraps. Insufficient information prevents a more accurate risk assessment; as statistical analysis requires a large volume of historical data. Thus, a quantitative-qualitative approach to risk analysis in cybersecurity, particularly scenario analysis, is most commonly applied. The scenario approach to information security risk assessment is a powerful tool for proactive information protection. Forecasting potential consequences, rather than responding to them, allows companies to avoid significant and unnecessary costs. Scenario analysis enables the modeling of various cyberattack situations, risk assessment, and management of information security risks. This research is dedicated to the application of the “What-if” scenario analysis method for assessing information security risks. The paper presents a detailed description of this methodology and the stages of the process. The advantages and disadvantages of the scenario approach and its potential use in information security risk management are identified. The scenarios are modeled using fuzzy cognitive maps. An influence matrix was developed, and the key concepts were calculated. Potential scenarios were generated using the Mental Modeler software tool.

Тип елементу :	Стаття
Ключові слова:	information security risk; information security system; cybersystem; cyber risk; cognitive modeling; scenario analysis; fuzzy cognitive map
Типологія:	Статті у базах даних > Scopus
Підрозділи:	Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки ім. професора Володимира Бурячка
Користувач, що депонує:	Павло Миколайович Складанний
Дата внесення:	06 Груд 2024 08:54
Останні зміни:	06 Груд 2024 08:54
URI:	https://elibrary.kubg.edu.ua/id/eprint/50182

Actions (login required)

Перегляд елементу