Abstract:
The paper considers the questions of filling the relevant SIEM nodes based on
calculations of objective assessments in order to improve the reliability of subjective expert
assessments. The proposed methodology is necessary for the most accurate security risk
assessment of information systems. This technique is also intended for the purpose of
establishing real-time operational information protection in the enterprise information
systems. Risk calculations are based on objective estimates of the adverse events
implementation probabilities, predictions of the damage magnitude from information security
violations. Calculations of objective assessments are necessary to increase the reliability of the
proposed expert assessments.
