Pregled bibliografske jedinice broj: 1140857
Use Case: Information Security Risk Assessment for Providers of Services in a Virtual Environment
Use Case: Information Security Risk Assessment for Providers of Services in a Virtual Environment // 5th EAI International Conference on Management of Manufacturing Systems / Knapčíková, Lucia ; Peraković, Dragan ; Behúnová, Annamáriá ; Periša, Marko (ur.).
Cham: Springer, 2022. str. 379-395 doi:10.1007/978-3-030-67241-6_30 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
CROSBI ID: 1140857 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Use Case: Information Security Risk Assessment for
Providers of Services in a Virtual Environment
Autori
Musa, Mario ; Zorić, Petra ; Kuljanić, Tibor Mijo ; Gabelica, Nikolina
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni
Izvornik
5th EAI International Conference on Management of Manufacturing Systems
/ Knapčíková, Lucia ; Peraković, Dragan ; Behúnová, Annamáriá ; Periša, Marko - Cham : Springer, 2022, 379-395
ISBN
978-3-030-67240-9
Skup
5th EAI International Conference on Management of Manufacturing Systems (EAI MMS 2020)
Mjesto i datum
Online, 27.10.2020. - 28.10.2020
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
Information systems ; Probabilistic risk assessment ; Service availability ; Security threats
Sažetak
Information and data in today’s world are the most valuable assets of an organization. Every business system, and thus the information and data that are part of such a system, is exposed to certain risks and threats. For this reason, organizations are forced to protect their assets. One of the key parameters that affect an organization’s exposure to risk is information security. Its goal is to protect information from threats. The information security risk management system establishes a mechanism for controlling and managing an acceptable level of risk in the organization. Selecting an appropriate risk assessment methodology allows the organization’s managers to prioritize risks according to their severity or some other criteria. Given the complexity of today’s information business, the Probabilistic Risk Assessment methodology has begun to be applied in information security risk assessment. By creating a use-case scenario, it is possible to conduct qualitative and quantitative risk assessments. Event trees and stable errors as part of the above methodology are used to indicate possible scenarios, as well as to find the causes of their occurrence and to model the possible failure of controls applicable to risk mitigation. This paper will present one of the use cases of information security risk assessment using these trees. Also, their application in the conditions of a complex information system will be presented on the example of an organization in the Republic of Croatia.
Izvorni jezik
Engleski
Znanstvena područja
Tehnologija prometa i transport
Napomena
Part of the EAI/Springer Innovations in Communication and Computing book series (EAISICC)
POVEZANOST RADA
Ustanove:
Fakultet prometnih znanosti, Zagreb
Citiraj ovu publikaciju:
Časopis indeksira:
- Scopus
