A MODEL OF THE INFORMATION SECURITY EVENT PROCESSING PROCESS AT A CRITICAL INFORMATION INFRASTRUCTURE FACILITY

Abstract

The article presents a model of the information security event processing process at a critical information infrastructure facility. The information system of one of the medical institutions of the city was chosen as an object of critical information infrastructure. It contains a huge amount of confidential information about patients, medications and medical procedures. The "as is" model was built before the implementation of decision support and the "as it should be" model after its use. The model was built in the ERwin Data Modeler CASE tool, which implements the industry modeling standards IDEF0 and IDEF3, which made it possible to fully cover all aspects of the system and create a visual representation of its operation. The shortcomings of the information security event processing process at the critical information infrastructure facility have been identified and a new approach to their elimination has been identified, providing for the use of a decision support subsystem based on the use of machine learning models using analytical models, which leads to a reduction in the time for identifying incidents and making various management decisions on them. This will allow you to quickly respond to possible threats and minimize the likelihood of incidents. This approach will make it possible to create a system that is adaptive to changes in the operation of the information infrastructure and offer solutions to optimize data processing processes, will increase the security level of storage, processing and transmission of confidential information.