ANALYSIS OF THE CONDITIONS FOR THE IMPLEMENTATION OF INFORMATION SECURITY THREATS THROUGH THE EXPLOITATION OF INFORMATION ASSET VULNERABILITIES
Abstract and keywords
Abstract (English):
The purpose of the study is to analyze the prerequisites and conditions for the implementation of security threats through the exploitation of vulnerabilities of information assets. The research methods consist in generalizing and analyzing the established approach to preventing threats to information security in the public authorities of the Russian Federation through the exploitation of vulnerabilities, as well as in predicting trends and prospects for the growth of vulnerabilities of information assets. The scientific novelty of the research lies in the analysis of the effectiveness of existing information infrastructure vulnerability management processes implemented without the use of specialized process automation tools.

Keywords:
threat to information security, vulnerability of an information asset, cyber threat, computer attack, vulnerability elimination
Text
Publication text (PDF): Read Download
References

1. Maksimova E.A. Kognitivnoe modelirovanie destruktivnyh zloumyshlennyh vozdejstvij na ob"ektah kriticheskoj informacionnoj infrastruktury // Trudy uchebnyh zavedenij svyazi. 2020. T. 6. № 4. S. 91–103. DOI:https://doi.org/10.31854/1813-324X-2020-6-4-91-103.

2. Kuz'min V.N., Menisov A.B. Issledovanie putej i sposobov povysheniya rezul'tativnosti vyyavleniya komp'yuternyh atak na ob"ekty kriticheskoj informacionnoj infrastruktury // Informacionno-upravlyayushchie sistemy. 2022. № 4. S. 29–43. DOI:https://doi.org/10.31799/1684-8853-2022-4-29-43.

3. Razrabotka special'noj klassifikacii informacionnyh aktivov v sfere informacionnoj bezopasnosti / A.V. Manzhosov [i dr.] // Vestnik Permskogo universiteta. Matematika. Mekhanika. Informatika. 2022. № 4 (59). S. 54–60. DOI:https://doi.org/10.17072/1993-0550-2022-4-54-60.

4. Baksheev A.S., Livshic I.I. Razrabotka metodiki kontrolya urovnya zashchishchennosti informacionnyh ob"ektov kriticheskoj informacionnoj infrastruktury // Voprosy kiberbezopasnosti. 2023. № 2 (54). S. 85–95. DOI:https://doi.org/10.21681/2311-3456-2023-2-85-98.

5. Gas'kova D.A., Massel' A.G. Tekhnologiya analiza kiberugroz i ocenka riskov narusheniya kiberbezopasnosti kriticheskoj infrastruktury // Voprosy kiberbezopasnosti. 2019. № 2 (30). S. 42–49. DOI:https://doi.org/10.21681/2311-3456-2019-2-42-49.

6. Lapsar' A.P., Nazaryan S.A., Vladimirova A.I. Povyshenie ustojchivosti ob"ektov kriticheskoj informacionnoj infrastruktury k celevym komp'yuternym atakam // Voprosy kiberbezopasnosti. 2022. № 2 (48). S. 43–51. DOI:https://doi.org/10.21681/2311-3456-2022-2-39-51.

7. Suhanov I.D., Rybkina O.V. Novye podhody k modelirovaniyu ugroz bezopasnosti informacii. Nauchno-tekhnicheskoe i ekonomicheskoe sotrudnichestvo stran ATR v XXI veke: trudy Vseros. nauch.-prakt. konf. Habarovsk, 2021. S. 277–282.

8. Aktual'nye voprosy problematiki ocenki ugroz komp'yuternyh atak na informacionnye resursy znachimyh ob"ektov kriticheskoj informacionnoj infrastruktury / S.V. Skryl' [i dr.] // Bezopasnost' informacionnyh tekhnologij. 2021. T. 28. № 1. S. 84–94. DOI:https://doi.org/10.26583/bit.2021.1.07.

9. Zaharchenko R.I., Korolev I.D. Metodika ocenki ustojchivosti funkcionirovaniya ob"ektov kriticheskoj informacionnoj infrastruktury, funkcioniruyushchej v kiberprostranstve // Naukoemkie tekhnologii v kosmicheskih issledovaniyah Zemli. 2018. T. 10. № 2. S. 52–61.

10. Solov'ev S.V., Yazov Yu.K. Informacionnoe obespechenie deyatel'nosti po tekhnicheskoj zashchite informacii // Voprosy kiberbezopasnosti. 2021. № 1 (41). S. 69–79. DOI:https://doi.org/10.21681/2311-3456-2021-1-69-79.

11. Sostoyanie i perspektivy razvitiya metodicheskogo obespecheniya tekhnicheskoj zashchity informacii v informacionnyh sistemah / S.V. Solov'ev [i dr.] // Voprosy kiberbezopasnosti. 2022. № 1 (53). S. 41–57. DOI:https://doi.org/10.21681/2311-3456-2023-1-41-57.

12. Model' ocenki ushcherba ot incidentov informacionnoj bezopasnosti / M.O. Tanygin [i dr.] // Bezopasnost' informacionnyh tekhnologij. 2021. № 2. S. 98–106. DOI:https://doi.org/10.26583/bit.2021.2.09.13.

13. Mikidenko N.L., Storozheva S.P., Strukova E.G. Kadrovoe obespechenie obrazovatel'nyh programm v oblasti informacionnoj bezopasnosti: problemy proektirovaniya i razvitiya // Vestnik SibGUTI. 2022. № 3. S. 84–100. DOI:https://doi.org/10.55648/1998-6920-2022-16-3-84-100.

14. Obespechenie informacionnoj bezopasnosti kiberfizicheskih ob"ektov na osnove prognozirovaniya i obnaruzheniya anomalij ih sostoyaniya / V.I. Vasil'ev [i dr.] // Sistemy upravleniya, svyazi i bezopasnosti. 2021. № 6. S. 90–119. DOI:https://doi.org/10.24412/2410-9916-2021-6-90-119.

15. Maslova M.A. Analiz i opredelenie riskov informacionnoj bezopasnosti // Nauchnyj rezul'tat. Informacionnye tekhnologii. 2019. T. 4. № 1. S. 31–37. DOI:https://doi.org/10.18413/2518-1092-2019-4-1-0-5.

Login or Create
* Forgot password?