National Security

Tsaregorodtsev, A.V., Taraskin, M.M., Derbin E.A. One of the approaches to the formalized description of threats, vulnerabilities and risks in the system of information protection at an enterprise.

Abstract: The authors evaluate one of the approaches to the evaluation of threats, vulnerabilities and risks in the systems of information protection of organizations, which allows to have all-inclusive analysis and to formulate the requirements for the guarantees of security of information in an organization. Use of such an approach shall allow one to cut the costs of the excess security measures, which often take place, when the evaluation of risks is taken subjectively. It shall also aid in planning and implementation of the protection at all of the stages of vital cycles of information systems and to guarantee that the necessary means can be taken in short periods of time. The authors offer practical advice for the choice of counter-measures and evaluation of efficiency of their various options.


warfare, security, information, organization, risk, threat, vulnerability, model, method, identification.

1. Tsaregorodtsev A.V. Zashchita informatsionnykh resursov predpriyatiya.-M.: Izd-vo VGNA Minfina Rossii, 2008.
2. Borid'ko S.I., Zabelinskiy A.A., Kovalenko Yu.I., Taraskin M.M. Zashchita informatsii v organizatsiyakh: metodika issledovaniya ugroz, uyazvimostey i riskov.-M.: MINIT, 2011 g.
3. Tsaregorodtsev A.V., Luk'yanchuk A.V. Printsipy tsentralizovannogo upravleniya v sistemakh obnaruzheniya setevykh atak, osnovannykh na mnogoagentnoy tekhnologii // Natsional'naya bezopasnost'.-M.: Izd-vo «NB Media», 2011.-№ 4.-S. 90-95