The approach of clustering threats to information security of enterprises
Abstract
The approach of clustering threats to information security of enterprises
Incoming article date: 20.03.2018As a result of the implementation of threats to information security, enterprises suffer significant material and reputational losses. The paper suggests a methodologyAs a result of the implementation of threats to information security, enterprises suffer significant material and reputational losses. The paper suggests an approach to conducting a cluster analysis of information security threats, which allows to obtain groups of similar threats and to identify the possibility of reducing the damage from their implementation. The data on the realized threats are analyzed by using different clustering methods for a different number of clusters in order to share the threats in the best possible way. Realized threats are described by the damage that arose from the implementation of the threat and the duration of the elimination of the consequences of the threat. Clustering allows you to identify common characteristics of threats in each group. Analysis of the resulting breakdown of a variety of information security threats into clusters will allow separating threats into groups with the identification of those threats, the implementation of which leads to the most negative consequences and causes the greatest material damage. Thus, security specialists of the enterprise can take measures to protect information, direct efforts to provide protection from threats with the greatest negative consequences. The proposed approach to the clustering of threats to information security made it possible to analyze the enterprise protection system, identify approaches to reduce losses from vulnerability, and identify ways to improve the level of protection. for conducting a cluster analysis of information security threats, which allows to obtain groups of similar threats and to identify the possibility of reducing the damage from their implementation. The data on the realized threats are analyzed by using different clustering methods for a different number of clusters in order to share the threats in the best possible way. Realized threats are described by the damage that arose from the implementation of the threat and the duration of the elimination of the consequences of the threat. Clustering allows you to identify common characteristics of threats in each group. Analysis of the resulting breakdown of a variety of information security threats into clusters will allow separating threats into groups with the identification of those threats, the implementation of which leads to the most negative consequences and causes the greatest material damage. Thus, security specialists of the enterprise can take measures to protect information, direct efforts to provide protection from threats with the greatest negative consequences. The proposed approach to the clustering of threats to information security made it possible to analyze the enterprise protection system, identify approaches to reduce losses from vulnerability, and identify ways to increase the level of protection.
Keywords: information security, the threat of information security, the damage from the implementation of the threat of information security, cluster analysis