Problems of forming the structure of functions of the information security management system of a significant object of critical information infrastructure

Abstract

In such a tense geopolitical situation, and as a result, the tightening of the legislation of the Russian Federation regarding the requirements for information protection systems for critical information infrastructure objects, it becomes especially important to ensure the security of critical information infrastructure. Every year, the requirements for the information security system of significant objects of critical information infrastructure become more and more serious. The use of heterogeneous information security tools creates a contradiction, which consists in the presence of such information security tools and the impossibility of their centralized management. Such a contradiction can be resolved by developing an information security management system with a formed structure of the functions of such a system. This article presents the concept of solving the problem of forming the structure of the functions of the information security management system of a significant object of critical information infrastructure, the concept of building an information security management system of a significant object of critical information infrastructure, as well as the concept of checking the effectiveness of such a system.