Methodology for Determining Means of Monitoring Information Security by the Method of Expert Assessment

Authors

  • Svitlana Lehominova
  • Mykhailo Zaporozhchenko
  • Yurii Shchavinsky
  • Tetiana Muzhanova
  • Vitalii Tyshchenko
  • Matvii Yushchenko

DOI:

https://doi.org/10.47839/ijc.23.4.3770

Keywords:

information security, information security monitoring, cyber security, event management

Abstract

The article examines and analyzes the numerous advantages of using information technologies to ensure the information security of organizations in connection with the wide spread of the number of modern methods of cyber attacks. It is established that effective cyber protection requires an information security management system with a set of modern event monitoring tools depending on the specifics of each organization. To select an appropriate system and evaluate the effectiveness of its tools, the method of expert evaluation is used in the work. In order to improve the determination of the weight coefficient of each tool of the system, a composite indicator is proposed, based on the sum of the products of individual indicators of the system tools and their priority coefficients. The features of the modern widely used solutions considered in the study confirmed the feasibility of the proposed methodology for determining effective tools of the information security monitoring system. The resulting data allows us to help organizations make an evidence-based decision about the optimal composition of the information security monitoring system.

References

R. Leszczyna, “Review of cybersecurity assessment methods: Applicability perspective,” Computers & Security, vol. 108, 102376, 2021. https://doi.org/10.1016/j.cose.2021.102376.

G. Wangen, C. Hallstensen and E. Snekkenes, “A framework for estimating information security risk assessment method completeness: Core Unified Risk Framework, CURF,” International Journal of Information Security, vol. 17, pp. 681-699, 2018. https://doi.org/10.1007/s10207-017-0382-0.

R. Leszczyna, “Standards on cyber security assessment of smart grid,” International Journal of Critical Infrastructure Protection, vol. 22, pp. 70-89, 2018. https://doi.org/10.1016/j.ijcip.2018.05.006.

Q. S. Qassim, N. Jamil, M. Daud, A. Patel and N. Ja’affar, “A review of security assessment methodologies in industrial control systems,” Information and Computer Security, vol. 27, no. 1, pp. 47-61, 2019. https://doi.org/10.1108/ICS-04-2018-0048.

N. A. Abu Othman, A. A. Norman and M. L. Mat Kiah, “Systematic literature review of security control assessment challenges,” Proceedings of the 2022 IEEE 12th International Conference on Control System, Computing and Engineering (ICCSCE), Penang, Malaysia, 2022, pp. 31-36. https://doi.org/10.1109/ICCSCE54767.2022.9935661.

E. W. N. Bernroider, S. Margiol and A. Taudes, “Towards a general information security management assessment framework to compare cyber-security of critical infrastructure organizations,” Lecture Notes in Business Information Processing, vol. 268, pp. 127-141, 2016. https://doi.org/10.1007/978-3-319-49944-4_10.

J. Zuo, Z. Guo and Y. Lu, “An information security evaluation model supporting measurement model adaptation,” Proceedings of the 2020 Int. Wirel. Commun. Mob. Comput. IWCMC, 2020, pp. 1435-1439, https://doi.org/10.1109/IWCMC48107.2020.9148083.

A. Georgiadou, M. Spiros, and A. Dimitrios, “Towards assessing critical infrastructures cyber-security culture during Covid-19 crisis,” A Tailor-Made Survey. 2020, pp. 71-80. https://doi.org/10.5121/csit.2020.101806.

Z. Sun, J. Zhang, H. Yang and J. Li, “Research on the effectiveness analysis of information security controls,” Proceedings of the 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), Chongqing, China, 2020, pp. 894-897, https://doi.org/10.1109/ITNEC48623.2020.9084809.

ISO/IEC 27004:2016. Information Technology. Security methods. Information security management. Monitoring, measurement, analysis and evaluation. [Online]. Available at: https://www.iso.org/standard/64120.html.

A. Cadena, F. Gualoto, W. Fuertes, L. Tello-Oquendo, R. Andrade, F. Tapia, and J. Torres, “Metrics and indicators of information security incident management: A systematic mapping study,” In: Rocha, Á., Pereira, R. (eds) Developments and Advances in Defense and Security. Smart Innovation, Systems and Technologies, 2019, vol. 152, pp. 507-519. Springer, Singapore. https://doi.org/10.1007/978-981-13-9155-2_40.

R. Diesch and H. Krcmar, “SoK: linking information security metrics to management success factors,” Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES'20). Association for Computing Machinery, New York, NY, USA, Article 98, 2020, pp. 1–10. https://doi.org/10.1145/3407023.3407059.

A. I. Al-Darwish and P. Choe, “A framework of information security integrated with human factors,” In: Moallem, A. (eds) HCI for Cybersecurity, Privacy and Trust. HCII 2019. Lecture Notes in Computer Science, vol. 11594, 2019. Springer, Cham. https://doi.org/10.1007/978-3-030-22351-9_15.

S. F. Aboelfotoh and N. A. Hikal, “A review of cyber-security measuring and assessment methods for modern enterprises,” JOIV: International Journal on Informatics Visualization, vol. 3, issue 2, pp. 157-176, 2019. http://dx.doi.org/10.30630/joiv.3.2.239.

Š. Orehek and G. Petrič, “A systematic review of scales for measuring information security culture,” Information and Computer Security, vol. 29, no. 1, pp. 133-158, 2021. https://doi.org/10.1108/ICS-12-2019-0140.

A. Erulanova, G. Soltan, A. Baidildina, M. Amangeldina and A. Aset, “Expert system for assessing the efficiency of information security,” Proceedings of the 2020 7th International Conference on Electrical and Electronics Engineering (ICEEE), Antalya, Turkey, 2020, pp. 355-359. https://doi.org/10.1109/ICEEE49618.2020.9102555.

S. Khan and S. Parkinson, “Review into state of the art of vulnerability assessment using artificial intelligence,” Guide to Vulnerability Analysis for Computer Networks and Systems, Springer 2018, pp. 3-32, https://doi.org/10.1007/978-3-319-92624-7_1.

V. A. Savchenko and O. D. Shapovalenko, “The main areas of application of artificial intelligence technologies in cyber security,” Modern Information Protection, no. 4(44), рр. 6-11, 2020. (in Ukrainian). https://doi.org/10.31673/2409-7292.2020.040611.

S. Lehominova, Y. Shchavinsky, T. Muzhanova, D. Rabchun, and M. Zaporozhchenko, “Application of sentiment analysis to prevent cyberattacks on objects of critical information infrastructure,” International Journal of Computing, vol. 22, issue 4, pp. 534-540, 2023. https://doi.org/10.47839/ijc.22.4.3362.

C. Schmitz, M. Schmid, D. Harborth and S. Pape, “Maturity level assessments of information security controls: An empirical analysis of practitioners assessment capabilities,” Computers & Security, vol. 108, 102306, 2021. https://doi.org/10.1016/j.cose.2021.102306.

B. Gomez, S. Vargas and J. P. Mansilla, “Maturity model of response protocols to ransomware scenarios in the mining sector,” In: Guarda, T., Portela, F., Diaz-Nafria, J.M. (eds) Advanced Research in Technologies, Information, Innovation and Sustainability, Proceedings of the ARTIIS 2023. Communications in Computer and Information Science, vol. 1936, 2024, Springer, Cham. https://doi.org/10.1007/978-3-031-48855-9_20.

E. F. Da Silva, R. M. de Barros, “Information security maturity model based on ISO 27001 for micro and small software development companies,” J. Inform. Syst. Eng. Manag, vol. 4, issue 1, p. 10, 2019.

L. Englbrecht, S. Meier and G. Pernul, “Towards a capability maturity model for digital forensic readiness,” Wireless Networks, vol. 26, рр. 4895-4907, 2020. https://doi.org/10.3390/ijerph17031023.

F. Y. H. García and L. Lema, “Model to measure the maturity of the risk analysis of information assets in the context of shipping companies,” RISTI - Iberian J. Inform. Syst. Technol., vol. 31, pp. 1–17, 2019. https://doi.org/10.17013/risti.31.1-17.

B. Abazi, A. Kő, “A framework for semiautomatic risk assessment and a security maturity model based on ISO 27001,” J. Comput. Inform. Syst, vol. 59, issue 3, pp. 264–274, 2019.

D. Swift, “A practical application of SIM/SEM/SIEM automating threat identification,” SANS Institute, 2021, 40 р. [Online]. Available at: https://sansorg.egnyte.com/dl/wGohjgzmXb.

M. Cinque, D. Cotroneo and A. Pecchia, “Challenges and directions in security information and event management (SIEM),” Proceedings of the 2018 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), Memphis, TN, USA, 2018, pp. 95-99. https://doi.org/10.1109/ISSREW.2018.00-24.

A. Sridharan and V. Kanchana, “SIEM integration with SOAR,” Proceedings of the 2022 International Conference on Futuristic Technologies (INCOFT), Belgaum, India, 2022, pp. 1-6. https://doi.org/10.1109/INCOFT55651.2022.10094537.

M. Kirsten, R. E. Freeman, “Some problems with employee monitoring,” Journal of Business Ethics, vol. 43, issue 4, pp. 353–361, 2003. https://doi.org/10.1023/A:1023014112461.

J. D. Bustard, “Ethical issues surrounding the asymmetric nature of workplace monitoring,” In: Marinos, L., Askoxylakis, I. (eds) Human Aspects of Information Security, Privacy, and Trust. HAS 2013, Lecture Notes in Computer Science, vol 8030, 2013, Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39345-7_24.

B. Jendruszak, “What is User Activity Monitoring (UAM)? Examples and best practices,” [Online], Available at: https://seon.io/resources/user-activity-monitoring/

2022 Magic Quadrant™ for SIEM released by Gartner® - LogRhythm Responds with New Cloud-Native Offering, [Online], Available at: https://logrhythm.com/blog/2022-gartner-magic-quadrant-siem-logrhythm-responds-with-cloud-native-offering/

Downloads

Published

2025-01-12

How to Cite

Lehominova, S., Zaporozhchenko, M., Shchavinsky, Y., Muzhanova, T., Tyshchenko, V., & Yushchenko, M. (2025). Methodology for Determining Means of Monitoring Information Security by the Method of Expert Assessment. International Journal of Computing, 23(4), 681-691. https://doi.org/10.47839/ijc.23.4.3770

Issue

Section

Articles