Abstract
The COVID-19 pandemic has accelerated the digitization of business processes, remote work/ access to sensitive data and critical corporate resources. There is a fast expansion of cloud computing services. The cybercrime follows the same trend: the sudden rise of global ransomware attacks, theft and disclosure of personal data, attacks on news sites, phishing email attacks, etc. The cybercrime increase reported since the beginning of the pandemic is about 300%. As a result, cyber security has become very important for all organizations,of all types and sizes. This paper aims to elucidate modern trends in the assessment and treatment of cyber security risks of an entity, automatize the cyber security processes to remove repetitive tasks and reduce the influence of the human factor.
Highlights
Since the advent of COVID-19 the most organizations have moved to online activities in the global cyberspace, and almost every company has to assess and manage cyber risks
This paper aims to elucidate modern trends in the assessment and treatment of cyber security risks of an entity, automatize the cyber security processes to remove repetitive tasks and reduce the influence of the human factor
Risks can be assessed at the level of the entity, process, The research focuses on methods of qualitative-quantitative analysis of information security risk based on ISO/IEC 27005 [12] and ISO 31000 [13], aiming to combat the complexity and diminish the influence of the prime factor to automate risk analysis to the greatest extent possible
Summary
Riscuri inerente în acest sens, riscuri, cu care, până în era digitală şi cea a pandemiei COVID-19, companiile nu s-au confruntat cu adevărat. Conform Hacking Statistics 2020 [1] şi altor statistici alarmante privind securitatea cibernetică [2], criminalitatea informatică constituie cea mai mare ameninţare pentru fiecare companie din lume. Printre alte constatări notabile privind tendinţele ameninţărilor, Webroot [3] menţionează că unu din 50 de site-uri este răuintenţionat; aproximativ 25% dintre acestea sunt găzduite de domenii de încredere; unu din trei site-uri de phishing utilizează protocolul HTTPS (Hyper Text Transfer Protocol/Secure), pentru a oferi încredere. Systematic investigations of CS and a modern, proactive approach to the analysis, assessment and treatment of SC risks are required, which have a negative impact on information assets valuable to the business. This subject is the leitmotif of present paper.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have