Publication:
Network Security Intelligence Centres for Information Security Incident Management

Дата
2021
Авторы
Furnell, S.
Miloslavskaya, N.
Journal Title
Journal ISSN
Volume Title
Издатель
Научные группы
Организационные подразделения
OrgUnit Logo
Организационная единица
Институт интеллектуальных кибернетических систем
Цель ИИКС и стратегия развития - это подготовка кадров, способных противостоять современным угрозам и вызовам, обладающих знаниями и компетенциями в области кибернетики, информационной и финансовой безопасности для решения задач разработки базового программного обеспечения, повышения защищенности критически важных информационных систем и противодействия отмыванию денег, полученных преступным путем, и финансированию терроризма.
Выпуск журнала
Аннотация
© 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.Intensive IT development is driving current information security (IS) trends and require sophisticated structures and adequate approached to manage IS for different businesses. The wide range of threats is constantly growing in modern intranets; they have become not only numerous and diverse but also more disruptive. In such circumstances, organizations realize that IS incidents’ timely detection and prevention in the future (what is more important) are not only possible but imperative. Any delay leaves only reactive actions to IS incidents, putting assets at risk as a result. A properly designed IS incident management system (ISIMS), operating as an integral part of the whole organization’s governance system, reduces IS incidents’ number and limits damage caused by them. To maximally automate IS incident management (ISIM) within one organization and to deepen its knowledge of IS level, this research proposes to unite together all advantages of a Security Intelligence Centre (SIC) and a Network Operations Centre (NOC) with their unique and joint toolkits and techniques in a unified Network SIC (NSIC). This paper presents the research, which is focused upon the designing and evaluating the concept of NSICs, and represents a novel advancement beyond existing concepts of security and network operations centres in current security monitoring scenarios. Key contributions are made in relation to underlying taxonomies of threats and attacks, leading to the requirements for NSICs, the related design, and then evaluation in a practical context and the implications arising from this (e.g. training requirements).
Описание
Ключевые слова
Цитирование
Furnell, S. Network Security Intelligence Centres for Information Security Incident Management / Furnell, S., Miloslavskaya, N. // Advances in Intelligent Systems and Computing. - 2021. - 1310. - P. 270-282. - 10.1007/978-3-030-65596-9_34
URI
https://www.doi.org/10.1007/978-3-030-65596-9_34
 https://www.scopus.com/record/display.uri?eid=2-s2.0-85098162922&origin=resultslist
 https://openrepository.mephi.ru/handle/123456789/23535
Коллекции
Публикации