Дата поступления:
01.07.2021
Год:
2021
Номер журнала (Том):
УДК:
330.322.54
DOI:
10.26731/2658-3704.2021.3(11). 67-76
Файл статьи:
Страницы:
67
76
Аннотация:
The article presents practical recommendations and a mechanism for justifying investment in information security for business enterprises. The scientific and practical approach to this problem is analyzed, the main economic methods of investment justification are given. A methodology for justifying investments in information security is proposed, based on the assessment and probability of the implementation of threats to information security and the total cost of costs for eliminating the consequences of the implementation of threats.
Ключевые слова:
Список цитируемой литературы:
- Positive Technologies. Company website. Moscow, 2002. Access mode: https://www.ptsecurity.com.
- Petrenko, S. A., & Simonov, S. V.Upravlenie informacionnymi riskami. Economicheski opravdannaya bezopasnost. Moscow, DMK Press, 2018, 396 p.
- Regionalnaya organizaciya «Sankt-Peterburgskoye obshestvo informatiki, vychislitelnoj tehnici, system cvyazi i upravleniya». Website. St. Petersburg, 1991. Access mode: http://spoisu.ru.
- Metodika ocenki ugroz bezopasnosti. Methodological document. FSTEK Rossii. Moscow, 2021, 83 p.
- Drobotun, E. B., & Cvetkov, O.B. Postroyenie modeli ugroz bezopasnosti informacii v avtomatizirovannoj sisteme upravleniya kriticheski vazhnymi objektami na osnove scenariev dejstvij narushitelya. Tver, 2016, 9 p.