Безопасность информационных технологий (Apr 2021)
A model for assessing information security incidents damage
Abstract
Any information system requires the funds reservation for the elimination of the consequences of information security incidents in the event of their occurrence. To estimate the amount of damage, we used multi-modal probability densities distribution laws for the damage in a single information security incident, while the information security incidents are considered as Poisson flow events. The paper defines the relationships between the intensity of information security events, the characteristics of the distribution of probability densities of damage, and the required amount of reserved funds. The presented model of damage assessment from information security incidents allows a more accurate approach for estimation of the required amount of reserved funds. It is shown that the cost saving reaches 40-50% in comparison with the damage assessment approach using only on the average number of incidents and the average damage from a single incident of information security.
