KIBERXAVFSIZLIK: TIZIMLAR, TARMOQLAR VA MAXFIY MA’LUMOTLARNI RUXSATSIZ KIRISH, FOYDALANISH, OSHKOR QILISH, BUZISH, O‘ZGARTIRISH YOKI YO‘Q QILISHDAN HIMOYA QİLİSH
Keywords:
Kiberxavfsizlik, himoya, tizimlar, tarmoqlar, maxfiy ma’lumotlar, ruxsatsiz kirish, foydalanish, oshkor qilish, buzish, o‘zgartirish, yo‘q qilish, kiber tahdidlar, viruslar, zararli dasturlar, fishing hujumlari, to‘lov dasturi, ijtimoiy muhandislik, insayder tahdidlar, maxfiylik, yaxlitlik, mavjudlik, amaliyotlar, texnologiyalar, siyosatlar, ma’lumotlarning buzilishi, moliyaviy yo‘qotishlar, obro‘ga zarar.Abstract
Ushbu mavzu kompyuter tizimlari, tarmoqlar, dasturiy ta’minot va ma’lumotlar kabi axborot texnologiyalari (IT) aktivlarini kiber tahdidlardan himoya qilishni nazarda tutadi. Kiber tahdidlar turli shakllarda bo‘lishi mumkin, jumladan viruslar, zararli dasturlar, fishing hujumlari, to‘lov dasturi, ijtimoiy muhandislik va insayder tahdidlar. Kiberxavfsizlik ushbu tahdidlarning IT aktivlarining maxfiyligi, yaxlitligi va mavjudligini buzishining oldini olishga qaratilgan. Bu AT aktivlarini ruxsatsiz kirish, foydalanish, oshkor qilish, buzish, o‘zgartirish yoki yo‘q qilishdan himoya qilishni ta’minlash uchun bir qator amaliyotlar, texnologiyalar va siyosatlarni amalga oshirishni o‘z ichiga oladi. Samarali kiberxavfsizlik choralari jismoniy shaxslar, tashkilotlar va hukumatlar uchun kiberhujumlardan himoyalanish hamda maʼlumotlarning buzilishi, moliyaviy yoʻqotishlar va obroʻga putur yetkazish xavfini minimallashtirish uchun zarurdir.
References
Whitman, M. E., & Mattord, H. J. (2019). Principles of information security. Cengage Learning.
Anderson, R., & Moore, T. (2009). The economics of information security. Science, 314(5799), 610-613.
Clarke, R. (1999). Internet privacy concerns confirm the case for intervention. Communications of the ACM, 42(2), 60-67.
Schneier, B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. WW Norton & Company.
NIST Cybersecurity Framework. (2018). National Institute of Standards and Technology.
ISO/IEC 27001:2013. Information technology - Security techniques - Information security management systems - Requirements.
European Union Agency for Cybersecurity (ENISA). (2018). Cybersecurity Culture in Organizations.
D’Arcy, J., Hovav, A., & Galletta, D. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research, 20(1), 79-98.
Lee, J., Lee, M., & Lee, I. (2014). The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons, 57(4), 431-440.
Siponen, M., & Vance, A. (2010). Neutralization: New insights into the problem of employee information systems security policy violations. MIS Quarterly, 34(3), 487-502.