Аннотации:
This paper presents a significant advancement in information security risk assessment
by introducing a flexible and comprehensive model. The research integrates established standards,
expert knowledge, machine learning, and ontological modeling to create a multifaceted approach for
understanding and managing information security risks. The combination of standards and expert
insights forms a robust foundation, ensuring a holistic grasp of the intricate risk landscape. The
use of cluster analysis, specifically applying k-means on information security standards, expands
the data-driven approach, uncovering patterns not discernible through traditional methods. The
integration of machine learning algorithms in the creation of information security risk dendrogram
demonstrates effective computational techniques for enhanced risk discovery. The introduction
of a heat map as a visualization tool adds innovation, facilitating an intuitive understanding of
risk interconnections and prioritization for decision makers. Additionally, a thesaurus optimizes
risk descriptions, ensuring comprehensiveness and relevance despite evolving terminologies in the
dynamic field of information security. The development of an ontological model for structured risk
classification is a significant stride forward, offering an effective means of categorizing information
security risks based on ontological relationships. These collective innovations enhance understanding
and management of information security risks, paving the way for more effective approaches in the
ever-evolving technological landscape.
