Abstract [eng] |
In today’s world, cybersecurity is becoming increasingly popular among everyday IT users and businesses of all sizes. Every year, there are more and more cyber security incidents in the news, which damage the reputation and image of companies and cause significant financial losses. Such events attract the attention of companies and force them to look for ways in which companies can protect the cyber ecosystem of their businesses. One of the steps that helps to do this is to determine the level of cyber security in the company. Various cyber security audits are performed for this purpose, but they only show the cyber security of the company at a certain point in time. To solve this problem, a dynamic method of determining the cyber security rating of a company is being developed. The paper analyses the existence and manifestation of cyber security in companies, defines the company's cyber security rating, its dynamics, variables, evaluation metrics, compares existing cyber security evaluation and audit methods, their problems and benefits. The analysis revealed a real need for a system that would use a dynamic approach to determining a company’s cyber security rating. As a result, a system prototype using this method has been designed and implemented, which is characterized by its flexibility, free access and, most importantly, the ability to assess and monitor the company's cyber security situation. Also, the research of the developed dynamic method of determining the cyber security rating of the company and its system prototype has been performed, during which the application possibilities of this method have been evaluated and observations have been presented. |