Review of national and international standards for categorizing of critical information infrastructure objects
Journal: Scientific and Technical Journal of Information Technologies, Mechanics and Optics (Vol.23, No. 3)Publication Date: 2023-06-21
Authors : Livshitz I.I.;
Page : 519-529
Keywords : critical information infrastructure; categorization of critical information infrastructure objects; significance criteria; information security; information security management system; risks; residual risks;
Abstract
Ensuring the security of critical information infrastructure facilities is an actual developing area of information security both at the national and global level. Categorization of critical infrastructure objects is an integral part of the common and holistic security process. With a dynamically changing threats level, the process of determining the category of an object is still not optimal enough. Based on the existing requirements both of Russian and International standards, the assessment of critical infrastructure facilities not always be carried out promptly and correctly, in addition, numerical estimates are not formed, the objectivity of the assessment and subsequent reassessment by independent experts is not ensured. This article presents an analysis of the current requirements in the field of categorization of critical infrastructure objects used in the Russian Federation. A comparative analysis of the national regulatory legal acts of the Russian Federation and the system of International standards in the field of IT-security is presented. Regulation of categorization processes of critical infrastructure objects is considered. The necessity of forming numerical values of significance criteria for the correct determination and subsequent independent evaluation (reassessment) of the category of critical infrastructure objects is substantiated. Recommendations for improving the process of categorizing critical infrastructure objects and the formation of numerical estimates are presented. The implementation of the recommendations made will improve the accuracy, objectivity and reliability of the process of creating modern information security systems.
Other Latest Articles
- Facial keypoints detection using capsule neural networks
- Tensegrity Structures
- Attacker group detection method based on HTTP payload analysis
- The Effect of Leverage, Financial Distress and Profitability on Accounting Conservatism
- Method for increasing the information value of video data based on the removal of redundant frames and entropy estimation
Last modified: 2023-07-10 19:46:17