Assessment of the information security risk model: characteristics, problems and prospects

The rapid development of information technology also increases the risk of information breaches, calling for the development of a strategy for systematic information protection. In today's environment, organizations must develop and implement a comprehensive strategy to protect against security risks and protect sensitive data. Conducting risk assessments using special models allows you to holistically consider information technology from the point of view of attackers, make informed decisions about resource allocation, tools, and the implementation of security measures. The purpose of the study is to assess the information security risk model, characterize the risks, identify the main problems of protection against their occurrence and consider the prospects for the development of the organization's risk management process. During the study, various general scientific and special methods were used. The following tasks of the study were set and successfully solved: an analysis of existing mechanisms and tools for protection against threats in the information sphere was carried out, the main models for assessing information security risks of protection against threats in the information sphere were considered, a description was given to them and problems of assessing information risks were identified, and the main directions in the application of risk assessment models were named.