Shevchenko, Svitlana and Zhdanova, Yuliia and Shevchenko, Halina and Nehodenko, Оlena and Spasiteleva, Svitlana (2023) Information Security Risk Management using Cognitive Modeling. CEUR Workshop Proceedings. pp. 297-305.
![[thumbnail of Information Security Risk Management using Cognitive.pdf]](https://eprints.oa.edu.ua/style/images/fileicons/application_pdf.png) |
PDF
- Published Version
Download (593kB) |
Анотація
Making decisions by an individual is an element of managing any process in society; therefore, theories of cognitive science are applicable in various fields, including information and cyber security systems. This study proposes the development of a cognitive model of “danger-risk” in the process of managing information risks in information and cyber security systems. Based on the analysis of scientific literature, the concepts of “cognitive modeling” and “cognitive map” are defined. The views of scholars on methods for creating cognitive maps and mechanisms for simulating problem situations are presented. The main tasks addressed within cognitive analysis and modeling are outlined, and the advantages and disadvantages of cognitive models are identified. In the second part of the study, the main stages of developing the cognitive model of “danger-risk” in the field of information and cyber security are considered: identification of complex situations and issues, construction of a cognitive map, modeling and verification of model adequacy, and dynamic situation analysis. A theoretical model of “danger-risk” is developed, and its elements are highlighted. A list of risk management concepts in information security is characterized, and cause-andeffect relationships between them are justified using SWOT analysis. As an example, for a specific information asset (a database), threats and vulnerabilities are identified, and the risk level for each connection is calculated as the product of the probability of each threat's realization and the probability of corresponding damages. The model of cognitive risk maps in information security is represented in a static form as an oriented graph, with a subsequent selection of methods for handling these risks.
| Тип файлу: | Стаття |
|---|---|
| Ключові слова: | Information security risks, information security system, cyber system, cyber risks, cognitive modeling, cognitive danger-risk model, SWOT analysis |
| Теми: | За напрямами > Комп’ютерна наука і технологія |
| Підрозділи: | Економічний факультет > Кафедра економіко-математичного моделювання та інформаційних технологій |
| Розмістив/ла: | заввідділу Наталя Денисенко |
| Дата розміщення: | 29 Бер 2024 20:48 |
| Остання зміна: | 29 Бер 2024 20:48 |
| URI: | https://eprints.oa.edu.ua/id/eprint/9099 |
Actions (login required)
 |
Переглянути елемент |