Вестник Дагестанского государственного технического университета: Технические науки (Jul 2024)
Architecture of the Information Security Incident Management System at Oil and Gas Enterprises
Abstract
Objective. Currently, enterprises are widely implementing information security incident management systems, which are designed to solve such problems as timely identification of the fact of an incident, analysis and research of cause-and-effect relationships that lead to an increase in the likelihood of violations, modification or creation of new regulatory documents describing organizational activities, implementation of technical and software tools that provide preventive protection measures. An enterprise in the oil and gas sector that has been attacked by attackers may face various problems, among which the complete or partial shutdown of production and the failure of expensive equipment are especially significant for the production process. In addition, the relevance of information security incident management processes for enterprises in the oil and gas sector is due to the fact that the implementation of threats can lead not only to financial losses, but also to serious environmental damage.Method. The developed architecture of the information security incident management system is based on the use of the Shewhart-Deming cycle.Result. A model of the architecture of an information security incident management system has been obtained, which can be used at enterprises in the oil and gas sector for effective and timely tracking and analysis of emerging incidents, planning measures to eliminate the consequences of incidents, and preventing their reoccurrence.Conclusion. The proposed architecture of the information security incident management system allows us to take into account the characteristics of oil and gas sector enterprises associated with the impact of information security on the production process due to the high automation of the production process and high man-made risks.
Keywords