2518-1092Research result. Information technologies2518-109210.18413/2518-1092-2019-4-1-0-51641SYSTEM ANALYSIS AND PROCESSING OF KNOWLEDGEANALYSIS AND DEFINITION OF INFORMATION SECURITY RISKSANALYSIS AND DEFINITION OF INFORMATION SECURITY RISKSMaslovaMaria AleksandrovnaMaslovaMaria Aleksandrovnainfo@sevsu.ru20194100

Any information requires an effective system of protection and is to ensure the sustainable development and functioning of the object. The costs necessary to protect the information are not always justified. Therefore, an important condition for information security is the task of finding the appropriate level of protection at an acceptable cost. The importance of identifying risks in different areas is crucial for the development and stability of enterprises, which makes it possible to understand and assess possible dangerous events, to identify their causes and consequences, the probability of occurrence and decision-making, which is one of the challenges. To do this, it is necessary to conduct an analysis of information security risks, with which it will be possible to assess the existing level of security of resources of any organization. There are various approaches, methods and tools for assessing information security risks, leading to the end result, both with advantages and disadvantages of management. We will evaluate and analyze these methods and identify more acceptable, effective and less costly.

Any information requires an effective system of protection and is to ensure the sustainable development and functioning of the object. The costs necessary to protect the information are not always justified. Therefore, an important condition for information security is the task of finding the appropriate level of protection at an acceptable cost. The importance of identifying risks in different areas is crucial for the development and stability of enterprises, which makes it possible to understand and assess possible dangerous events, to identify their causes and consequences, the probability of occurrence and decision-making, which is one of the challenges. To do this, it is necessary to conduct an analysis of information security risks, with which it will be possible to assess the existing level of security of resources of any organization. There are various approaches, methods and tools for assessing information security risks, leading to the end result, both with advantages and disadvantages of management. We will evaluate and analyze these methods and identify more acceptable, effective and less costly.

information risksinformation securitythreatdamagevulnerabilityqualitative methodquantitative methodrisk assessmentinformation risksinformation securitythreatdamagevulnerabilityqualitative methodquantitative methodrisk assessmentСписок литературыBilozerova A.A., Mikova S.Yu.. Nesterenko M.A. Risk assessment of is when using ERP-systems // M.: Molodoy ucheny 2016. №15. p. 152-155.Buldakova T.I., Mikov D.A. Implementation of information security risk assessment methodology in Matlab environment M.: Voprosy kiberbezopasnosti // Voprosy kiberbezopasnosti 2015. №4(12). p. 53-61.Information security management issues Kurilo A.P., Miloslavska N.G., Senatorov M.Yu., Tolstoy A.I. Goryachaya liniya – Telekom, 2015. 234 p.Gerasimenko V.A., Malyuk A.A. Framework for the protection of information by information protection M.: Inkombuk. 1997.Lvova A.V. Methods of analysis and management of security risks protected information system: Avtoref. Dis. Kand. Tekh. Nauk. M.: 2009. 198 p.Methodology for determining information security threats in information systems, 2015 y. URL: https://fstec.ru/component/attachments/download/812 (data obrashcheniyaya 07.01.2019).Sibikina I.V. Information security risk analysis using fuzzy inference system // Nauchnyy vestnik NGT Science Bulletin of the NSTU tome 65, 2016. № 4. p. 121–134.Khoffman L.Dzh. Modern methods of information security. M: Sovetskoye radio. 1980.International Standard ISO/IEC 27000, 2009 y. URL: http://pqm-online.com/assets/files/lib/std/iso_iec_27000-2009.pdf (data obrashcheniyaya 15.11.18)Information security risks assessment: a case study / Samuel С.А., Bonaventure N, Olasunkanmi A., RobinLlal Khoshi, Samarappulige I.M. // Р 13 [Electronic resource]: file:///D:/англоязычные%20стаатьи/1812_04659.pdfInformation security risk management: an intelligence-driven approach // Jeb Webb, Sean Maynard, Atif Ahmad, Graeme Shanks. Australasian Journal of Information Systems. Volume 18 Number 3, 2014.Reversible Recurrent Neural Networks // Matthew MacKay, Paul Vicol, Jimmy Ba, Roger Grosse, University of Toronto, Vector Institute [Electronic resource]: https://arxiv.org/pdf/1810.10999.pdf