EFFECTIVENESS ASSESSMENT METHODOLOGY OF INFORMATION SECURITY MANAGEMENT SYSTEM THROUGH THE SYSTEM RESPONSE TIME TO INFORMATION SECURITY INCIDENTS
Read the full article
Quality assessment of information security management system is an important step for obtaining baseline data for analysis of the security system control effectiveness, and evaluating implementation of the specified information security requirements of the organization. Proceeding from current analysis practice of information security management systems effectiveness assessment, it can be concluded that, in most cases, independent measurement of security control is carried out without regard to their interaction. The uncertainty of the stochastic nature of the measured security controls is not taken into account. There is a list of related measures for control and management; however, structural elements for measuring of these interactions are absent. Thus, there is an important and urgent task of improving the effectiveness assessing methodology for information security management system that can be solved by introducing a new integral effectiveness indicator of the system, which would give the possibility to take into account the above-mentioned shortcomings.
The author proposes the usage of a new integral efficiency indicator - system response time to information security incidents. This efficiency indicator will make it possible to pass from the binary effectiveness assessment of the system "approve or disapprove" to a quantitative one. New performance indicator gives the possibility to take into account the uncertainty of the stochastic nature of the attributes and measures of management and control, provides a quantitative assessment of the information security state and has a clear physical interpretation for the organization management and information security officers. Dynamics of the indicator change from test to test will assess the information security management system state in general and effectiveness of taken control and management measures. The method for calculating of the new information security management system performance indicator is based on the experimental design theory. Its advantages are: information security service staff has an opportunity to control the attributes measurement, the same accuracy of estimates for attribute parameters during the measurement is provided, interaction degree between attributes and their importance in the computation of the effectiveness of information security management is revealed by means of the regression coefficients, and also an analytical model of performance indicator can be obtained.