Use of Approaches to the Methodology of Factor Analysis of Information Risks for the Quantitative Assessment of Information Risks Based on the Formation of Cause-And-Effect Links
Ihor Dobrynin, Tamara Radivilova, Nadiia Maltseva, Dmytro, Ageyev

TL;DR
This paper introduces a Bayesian network-based method to quantitatively assess information risks, improving upon traditional qualitative factor analysis by providing measurable risk estimates.
Contribution
It develops a new methodology for quantifying information risks using Bayesian networks, enhancing the existing factor analysis approach.
Findings
The proposed method enables risk quantification.
It provides a comparative analysis showing improved accuracy.
Application example demonstrates practical utility.
Abstract
The paper suggests methods to the assessment of information risks, which makes the transition from a qualitative assessment of information risks (according to the factor analysis of information risks methodology) to a quantitative assessment. The development factor analysis of information risks methodology of the methodology was carried out using the mathematical apparatus of probability theory, namely Bayesian networks. A comparative analysis of the standard factor analysis of information risks methodology and the developed methodology using statistical data was carried out. During the analysis, the cause and effect relationships of the confidentiality violation have been formed, defined and given in the corresponding table and in the form of the Ishikawa diagram. As an example, it was calculated the amount of risk the company may be exposed to in case of violation of information…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
