Наука Красноярья (Mar 2024)
SUBSTANTIATION OF THE NEED TO IMPLEMENT A CONTINUOUS INFORMATION SECURITY PROCESS AT ENTERPRISES
Abstract
The article discusses information security in the system of an industrial enterprise. Attention is focused on the need to implement a continuous information security process to protect all information assets from leaks, theft and unauthorized disclosure, the main provisions of information security management standards are analyzed. Objective: To optimize the methods of software protection of modern industrial enterprises, as well as to reduce threats and vulnerabilities related to information security at enterprises. Method or methodology of the work: In the process of investigating the problem, analytical methods of analysis were used. Results: The need to use ISO/IEC 27001 standards and the PDCA (Plan-Do-Check-Act) model at industrial enterprises of high-tech sectors of the economy in order to reduce threats and losses of information security, identify critical factors that negatively affect business processes and the enterprises themselves. Practical implications: The results obtained can be used as a theoretical basis for existing assessments of information security tools and automated security systems at high-tech industrial enterprises in modern economic conditions.
Keywords
