【24h】

The new aspects for the instantaneous information security audit

机译:瞬时信息安全审核的新方面

获取原文

摘要

This publication discusses the problem concerning the concept of the instantaneous information security (IT-Security) audits directed, including providing protection against “zero-day” threats. It is noted that effective “zero-day” counteraction based on implementation a set of preventive IT-Security controls, but not limited new technical facilities installation only. A key feature of this concept of instantaneous IT-Security audits is to assess how the left limit of the protection level in the process of IT-Security audits performing. Methodological basis of the concept of instantaneous IT-Security audits are ISO 27001 and 19011 standards series, supplemented by many (expandable) IT-Security metrics to quantify the object protection level. The obtained results can find application in create of models and methods of IT-Security audits performing and continuous improvement of an object protection under the influence of IT-Security violation threats.
机译:本出版物讨论了关于瞬时信息安全(IT-Security)审计的概念的问题,包括提供对“零日”威胁的保护。有人指出,基于实施的一套预防IT安全控制,但仅限新技术设施安装,有效的“零日”响应。这种瞬间IT安全审计概念的一个关键特征是评估IT-Security审核过程中保护级别的左限制如何。瞬时IT安全审计概念的方法基础是ISO 27001和19011标准系列,补充了许多(可扩展的)IT安全度量,以量化对象保护级别。所获得的结果可以在IT - 安全审计的模型和方法的创建中找到应用程序,并在IT安全违规威胁的影响下对对象保护进行持续改进。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号