Цирканюк, Діана Андріївна and Sokolov, V. Y. (2024) Methodology for Investigating Information Security Incidents Електронне фахове наукове видання «Кібербезпека: освіта, наука, техніка», 2 (26). pp. 140-154. ISSN 2663-4023
![]() |
Text
D_Tsyrkaniuk_V_Sokolov_CEST_2_26.pdf Download (418kB) |
Abstract
The development and implementation of a comprehensive information security strategy during times of war are critical tasks for ensuring national security and protecting vital resources and information. The article analyzes various types of incidents in the field of information security, their mitigation, and recovery methods. It demonstrates the mechanics of investigating information security incidents at stages such as monitoring, indexing, data collection, mitigation, recovery, and closure. The publication presents a formalized description of an incident-handling plan in the form of a state machine, enabling the systematization and automation of the incident response process. Using examples of attacks targeting critical infrastructure, it illustrates the application of this mechanism and identifies measures aimed at enhancing the information security system, which can be employed to protect both governmental and commercial institutions and organizations. As a result, the recommended strategies for effectively countering cyberattacks and ensuring information security for organizations or nations include the implementation of monitoring tools and coordination with governmental and international response teams. It is also crucial to regularly train employees and develop mechanisms for collaboration with partners to achieve efficient protection against cyber threats. These measures contribute to strengthening cybersecurity and reducing potential damages. Future research may encompass the development of new threat detection algorithms, evaluating the effectiveness of information security measures for governmental and commercial institutions, implementing automated incident response systems, as well as studying the impact of war on critical infrastructure and international cooperation in this field, exploring opportunities for international cooperation and information exchange in the realm of information security during conflicts for the collective defense of national interests.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | cybersecurity; security incident; information protection; quality assurance; bug bounty; security forensics; troubleshooting; fraud |
Subjects: | Статті у періодичних виданнях > Фахові (входять до переліку фахових, затверджений МОН) |
Divisions: | Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки ім. професора Володимира Бурячка |
Depositing User: | Volodymyr Sokolov |
Date Deposited: | 26 Dec 2024 08:12 |
Last Modified: | 26 Dec 2024 08:12 |
URI: | https://elibrary.kubg.edu.ua/id/eprint/50886 |
Actions (login required)
![]() |
View Item |