Redirigiendo al acceso original de articulo en 15 segundos...
ARTÍCULO
TITULO

Risk assessment methodology based on penetration testing

S.E. Golikov    

Resumen

The digitalization of the economy is associated with an increase in threats to the security of individuals, society and the state in the information sphere.Risk assessment is part of a comprehensive approach to cybersecurity and a requirement of most IT standards. The use of an integrated approach in the field of cybersecurity allows us to consider all the elements that are parts of cybersecurity as a complex, interconnected system. The ultimate goal of this approach to cybersecurity is to organize a continuous process of protection against any physical, software, hardware, network and human influences on the target system. The integration of various layers and means of protection provides a more complete understanding of vulnerabilities and more comprehensive protection against various threats.Information security management is a subsidiary process of a broader risk management process: if an organization, after analyzing and evaluating all its business risks, makes a conclusion about the relevance of information security risks, then information security becomes a means of minimizing some of them.In this paper, it is proposed to use penetration testing as a method of risk assessment, a comparative characteristic of various approaches to testing for assessing risk events is given, types of testing and assessment of their risks are described, advantages and disadvantages are shown, recommendations for testing are given, the use of which allows you to get the most objective result. 

 Artículos similares

       
 
Ashraf Abdelkarim and Ahmed F.D. Gaber    
This study aims to assess the impact of flash floods in the Wadi Nu?man basin on urban areas, east of Mecca, which are subjected to frequent floods, during the period from 1988?2019. By producing and analyzing the maps of the regions, an integrated appro... ver más
Revista: Water

 
Bilgin Metin, Sefa Duran, Eda Telli, Meltem Mutlutürk and Martin Wynn    
In today?s technology-centric business environment, where organizations encounter numerous cyber threats, effective IT risk management is crucial. An objective risk assessment?based on information relating to business requirements, human elements, and th... ver más
Revista: Information

 
José-Luis Molina, Santiago Zazo, Fernando Espejo, Carmen Patino-Alonso, Irene Blanco-Gutiérrez and Domingo Zarzo    
Floods are probably the most hazardous global natural event as well as the main cause of human losses and economic damage. They are often hard to predict, but their consequences may be reduced by taking the right precautions. In this sense, hydraulic inf... ver más
Revista: Water

 
Jiju Guo, Wengeng Cao, Guohui Lang, Qifa Sun, Tian Nan, Xiangzhi Li, Yu Ren and Zeyan Li    
The presence of high concentrations of geogenic arsenic (As) in groundwater poses a serious threat to the health of millions of individuals globally. This paper examines the research progress of groundwater with high concentrations of geogenic As through... ver más
Revista: Water

 
Xiaorong Wang, Boyue Liu, Shaolin He, Hongying Yuan, Dongli Ji, Ruolin Li, Yang Song, Wei Xu, Bo Liu and Yingjun Xu    
To clarify the risk posed to groundwater in oil shale in situ mining areas, we examine five leached pollutants: Fe, Mn, Cr, sulfate, and ammonia nitrogen. Potential groundwater contents of these five pollutants were evaluated using an improved Nemero com... ver más
Revista: Water