Forming the Abilities of Designing Information Security Maintenance Systems in the Implementation of Educational Programmes in Information Security

Part 3: Information Security Courses and CurriculaInternational audienceThe paper shares the NRNU MEPhI’s experience in forming the abilities to design the Information Security Maintenance Systems (ISMaS) in training Bachelors, Masters and Engineers in the field of Information Security (IS). It is proposed to form their abilities and teamwork skills when executing a course project by a team of students under supervision of their Professor within the framework of the “IS Management” discipline. Course projects help to reinforce the students’ theoretical knowledge and develop their ability to apply this knowledge to the solution of practical problems. They are assigned at a group basis and in our case are aimed at designing the ISMaS of a particular object, which automates the implementation of a separate organization’s process. A brief description of the process model for ensuring IS of such objects is given and the regulations for implementing the course project are presented in detail, indicating the types of abilities that are gained at each stage

ISO/IEC 27004:2009 International Standard on Information Security Management Organizational Activity Assessment

Main concepts of ISO/IEC 27004:2009 International Standard, devoted to assessment of organizational activity on Information Security Management, is examined

The Security Operations Center as a Basis for Automated Bank System Adaptive Protection

Different automated bank systems adaptive protection implementations are discussed. The necessity for migration from independent adaptive systems to collaborative adaptive systems based on security operations center (SOC) is explained. The description and working principles of automated bank system security based on SOC are provided

Intercorporate Security Event Correlation

Security controls are prone to false positives and false negatives which can lead to unwanted reputation losses for the bank. The reputational database within the security operations center (SOC) and intercorporate correlation of security events are offered as a solution to increase attack detection fidelity. The theses introduce the definition and structure of the reputation, architectures of reputational exchange and the place of intercorporate correlation in overall SOC correlation analysis

Information Security Management Aspects in Curriculum for Training in the Field of Information Security

The requirements for training in the field of information security (IS) in terms of IS management aspects are defined. A regulatory framework is selected. A list of themes’ blocks to study the basic approaches to IS management systems development is formed. The recommendations for development and implementation of the relevant disciplines’ curricula are given

Masters Training Program “Maintenance Continuity and Information Security Business”

Experience in developing master’s program “Maintenance continuity and information security business” is presented. Justification of the choice of educational direction for the preparation of professionals in this field is given. Master of Information Security Model, which was held for this course, is described. Features of the curriculum are considered

Data Lakes: Trends and Perspectives

International audienceAs a relatively new concept, data lake has neither a standard definition nor an acknowledged architecture. Thus, we study the existing work and propose a complete definition and a generic and extensible architecture of data lake. What's more, we introduce three future research axes in connection with our health-care Information Technology (IT) activities. They are related to (i) metadata management that consists of intra- and inter-metadata, (ii) a unified ecosystem for companies' data warehouses and data lakes and (iii) data lake governance