Receipt date:
01.07.2021
Year:
2021
Journal number:
УДК:
330.322.54
DOI:
10.26731/2658-3704.2021.3(11). 67-76
Article File:
Pages:
67
76
Abstract:
The article presents practical recommendations and a mechanism for justifying investment in information security for business enterprises. The scientific and practical approach to this problem is analyzed, the main economic methods of investment justification are given. A methodology for justifying investments in information security is proposed, based on the assessment and probability of the implementation of threats to information security and the total cost of costs for eliminating the consequences of the implementation of threats.
Keywords:
List of references:
- Positive Technologies. Company website. Moscow, 2002. Access mode: https://www.ptsecurity.com.
- Petrenko, S. A., & Simonov, S. V.Upravlenie informacionnymi riskami. Economicheski opravdannaya bezopasnost. Moscow, DMK Press, 2018, 396 p.
- Regionalnaya organizaciya «Sankt-Peterburgskoye obshestvo informatiki, vychislitelnoj tehnici, system cvyazi i upravleniya». Website. St. Petersburg, 1991. Access mode: http://spoisu.ru.
- Metodika ocenki ugroz bezopasnosti. Methodological document. FSTEK Rossii. Moscow, 2021, 83 p.
- Drobotun, E. B., & Cvetkov, O.B. Postroyenie modeli ugroz bezopasnosti informacii v avtomatizirovannoj sisteme upravleniya kriticheski vazhnymi objektami na osnove scenariev dejstvij narushitelya. Tver, 2016, 9 p.