REVIEW PAPER
Risk management as a determinant of cybersecurity
More details
Hide details
1
Wojskowa Akademia Techniczna, Wydział Cybernetyki
Online publication date: 2019-09-25
Publication date: 2019-09-25
NSZ 2019;14(3):67-80
KEYWORDS
TOPICS
ABSTRACT
The aim of the article is to demonstrate the dependence of security and cyber security on risk and risk management. The article presents the definitions and risk management process defined in the PN EN ISO 27005:2014 Information technology standard – Security technology – Risk management in information security, consisting of context-setting processes, risk assessment, i.e. identification, analysis and risk assessment, risk treatment, information and consultation as well as monitoring and review. In the further part of the article, the author proceeds from the definition of security, cybersecurity, crisis management to strategic, operational and legal documents, presenting the relationship and dependence of risk and risk management with security and cybersecurity and crisis management, as a national security management system, critical infrastructure protec-tion, including ICT systems of cyberspace. The presented relationships indicate undeniably risk management as a determinant of security and cybersecurity
REFERENCES (11)
1.
DOKTRYNA CYBERBEZPIECZEŃSTWA RP, 2015, Kancelaria Prezydenta, Biuro Bezpieczeństwa Narodowego, Warszawa.
2.
KITLER W., 2011, Bezpieczeństwo Narodowe RP. Podstawowe kategorie, uwarunkowania, system, Wydawnictwo Akademii Obrony Narodowej, Warszawa.
3.
NARODOWY PROGRAM OCHRONY INFRASTRUKTURY KRYTYCZNEJ (NPOIK), 2015, Rządowe Centrum Bezpieczeństwa, Warszawa.
4.
PN ISO/EIC 27005:2014 – Technika informatyczna. Zarządzanie ryzykiem w bezpieczeństwie informacji.
5.
Słownik terminów z zakresu bezpieczeństwa narodowego, 2008, Akademia Obrony Narodowej, Warszawa.
6.
STRATEGIA BEZPIECZEŃSTWA NARODOWEGO RP, 2014, Kancelaria Prezydenta, Biuro Bezpieczeństwa Narodowego, Warszawa.
7.
USTAWA z dnia 26.04.2007 o zarządzaniu kryzysowym.