The Ministry of Finance is testing a methodology for identifying risks in the field of cybersecurity
"In general, any risks in information security should be excluded. But still, for example, it should be dramatically important for the head of a large company that he is guaranteed to eliminate the most significant risks. Such events are called invalid.
A methodology for determining such events has been developed. And now we are engaged in pilot testing of the application of this technique and taking into account its results when building information security systems," Shoytov said. According to him, there are general, typed unacceptable events, and they can be clarified for companies of a certain industry.
Комментарии