Organization of response to information security incidents

• Published in: Vestnik Dagestanskogo gosudarstvennogo tehničeskogo universiteta. Tehničeskie nauki (Online) Vol. 50; no. 4; pp. 148 - 157
• Main Authors: Trofimov, D. O., Shepelev, M. S., Reznichenko, S. A.
• Format: Journal Article
• Language: English; Russian
• Published: Dagestan State Technical University 23.01.2024
• Subjects: analyse; detection; incident; information security; reaction; threat
• ISSN: 2073-6185; 2542-095X
• DOI: 10.21822/2073-6185-2023-50-4-148-157

Objective . Development of practical recommendations for creating an effective information security incident response system. Method . The article includes an analysis of existing methods and tools for detecting and analyzing information security incidents, as well as a study of the consequences of such incidents and their impact on the work of a company or organization. Result . Development of a set of practical recommendations aimed at creating an effective information security incident response system. During the analysis of existing methods and tools for the detection and analysis of information security incidents, the most effective and adapted approaches were identified. These methods include both technical means of detection and rapid incident response processes. The recommendations were created taking into account the characteristics of companies and organizations of various industries and are also intended for use by persons who do not have deep knowledge in the field of information security. The recommendations include clear step-by-step instructions, resources and tips that will allow companies to easily implement the proposed measures in their practice. Conclusion . The development of an effective information security incident response system is critically important for companies and organizations, as they face an increasing number of cyber-attacks and threats to information security. Creating an effective information security incident response system is an integral part of a successful business strategy. The developed practical recommendations have the potential to significantly reduce the risks and damage associated with information security, even for companies and organizations without prior experience in this field. These recommendations focus not only on technical aspects, but also on organizational measures to ensure timely detection, analysis and response to incidents.