critical infrastructure | Academic Journals and Conferences

Overview of the Cis Benchmarks Usage for Fulfilling the Requirements From International Standard ISO/IEC 27001:2022

nding to emerging threats through the implementation of recognized standards in the field of information security, such as ISO 27001, was considered. The updated edition of the international standard ISO/IEC 27001 of 2022 and, in particular, the main changes in the structure of controls were analyzed. A detailed analysis of the new security control from Appendix A – A.8.9 – Configuration Management and possible ways of its effective implementation in organizations were carried out.

Development of a Method for Investigating Cybercrimes by the Type of Ransomware Using Artificial Intelligence Models in the Information Security Management System of Critical Infrastructure

In this article, the authors focused on analyzing the possibilities of using artificial intelligence models for effective detection and analysis of cybercrimes. A comprehensive method using artificial intelligence algorithms, such as Random Forest and Isolation Forest algorithms, is developed and described to detect ransomware, which is one of the main threats to information security management systems (ISMS) in the field of critical infrastructure.