A system for assessing the interdependencies of information system agents in information security risk management using cognitive maps

Kostiuk, Yuliia та Skladannyi, Pavlo та Samoilenko, Yuliia та Khorolska, Karyna та Bebeshko, Bohdan та Sokolov, Volodymyr (2025) A system for assessing the interdependencies of information system agents in information security risk management using cognitive maps Cyber Hygiene & Conflict Management in Global Information Networks 2024, 3925. с. 249-264. ISSN 1613-0073

[thumbnail of Y_Kostiuk_P_Skladannyi_Y_Samoilenko_K_Khorolska_B_Bebeshko_V_Sokolov_CH&CMiGIN 2024.pdf] Текст
Y_Kostiuk_P_Skladannyi_Y_Samoilenko_K_Khorolska_B_Bebeshko_V_Sokolov_CH&CMiGIN 2024.pdf

Download (689kB)
Офіційне посилання: https://ceur-ws.org/Vol-3925/

Анотація

To determine the key concepts (information resources, threats, and vulnerabilities) necessary for this study, it is proposed to carry out system modeling of information security risk management processes using the Structured Analysis and Design Technique (SADT). This approach not only facilitates the identification of the relationships and informational content of these processes but also enables the classification of an enterprise’s primary information assets, the identification of critical resources, and the determination of the required level of protection. SADT allows for process modeling and the establishment of relationships between information resources, threats, and vulnerabilities, thereby enhancing the identification of system vulnerabilities and enabling more effective planning of protective measures. Information security risk management is an essential component of ensuring the sustainability and continuity of an enterprise’s business processes. In the face of a rapidly changing technological environment and a growing number of cyber threats, prioritizing the protection of information resources becomes imperative. This process typically involves several stages, including identifying and assessing resources, identifying potential threats, conducting comprehensive risk analyses, and implementing appropriate measures to minimize or eliminate risks. However, to ensure accurate risk assessments, it is crucial not only to understand individual assets but also to account for their interdependencies. Since each resource may be critical to others within the system, studies that consider these dependencies in the context of information security risk management remain limited. The risk assessment methodology utilizing Fuzzy Cognitive Maps (FCM) offers a means to systematize risk factors for deeper resilience analysis while reducing risks through effective countermeasures. Incorporating the core security attributes—confidentiality, integrity, and availability—enables precise risk assessment results and supports effective management decisions, ensuring the prioritization and proper protection of critical resources

Тип елементу : Стаття
Ключові слова: fuzzy cognitive maps; information security risk management; SADT
Типологія: Статті у базах даних > Scopus
Підрозділи: Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки ім. професора Володимира Бурячка
Користувач, що депонує: Павло Миколайович Складанний
Дата внесення: 12 Бер 2025 08:42
Останні зміни: 12 Бер 2025 08:42
URI: https://elibrary.kubg.edu.ua/id/eprint/51242

Actions (login required)

Перегляд елементу Перегляд елементу