BANK TIZIMLARIDA AXBOROT XAVFSIZLIGINI BOSHQARISHNING TEXNIK-TASHKILIY ASOSLARI

Authors

  • Zumrad Zarifova Tashkent University of Information Technologies named after Muhammad al-Khwarizmi Tashkent, Uzbekistan
  • Sirojiddin Salimov Tashkent University of Information Technologies named after Muhammad al-Khwarizmi Tashkent, Uzbekistan

Keywords:

Axborot xavfsizligini boshqarish, bank korporativ boshqaruvi, axborot xavfsizligini boshqarish asoslari.

Abstract

Internet va kompyuter texnologiyalarining takomillashuvi xar bir sohada bo‘lgani kabi, moliya va bank sohasida xam ko‘plab yangiliklarni olib keldi. Biroq, texnologik rivojlanishlar ko‘plab afzalliklar bilan bir qatorda xavfsizlik nuqtai nazaridan ko‘plab muammolarni xam keltirib chiqarmoqda. Korxona va tashkilotlarda ularga qarshi qaratilgan ichki va tashqi hujumlar global miqyosida olib qaraydigan bo‘lsak, yiliga trillonlab dollar yo‘qotilishlarga olib kelmoqda. Shu sababli, bank tizimlarida axborot xavfsizligini tartibga soluvchi tizim zarurligi qatiy belgilanmoqda. Ushbu maqolada axborot aktivlari va bank tizimlari uchun potensial tahdidlar, va axborot xavfsizligini boshqarish bo‘yicha keng tarqalgan tizimlar, standartlar va eng yaxshi ishlanmalar keltirib o‘tiladi.

References

:https://bolster.ai/glossary/phishinghosting#:~:text=Phishing%20hosting%20involves%20offering%20a,like%20passwords%20or%20financial%20data.

: https://www.investopedia.com/terms/i/insider.asp

: https://www.fortinet.com/resources/cyberglossary/trojan-horse-virus

:https://www.techtarget.com/searchsecurity/definition/keylogger#:~:text=A%20keylogger%2C%20sometimes%20called%20a,Apple%20iPhone%20and%20Android%20devices.

: https://hubpages.com/money/forum/109409/imaginary-bank-account

: https://www.investopedia.com/terms/n/nostroaccount.asp

: https://www.ffiec.gov/about.htm

: https://www.isaca.org/resources/cobit

https://ru.wikipedia.org/wiki/Cobit

: https://ru.wikipedia.org/wiki/ISO/IEC_27002

https://www.iso.org/obp/ui/en/#iso:std:iso-iec:27002:ed-3:v2:en

: https://www.pcisecuritystandards.org/about_us/

:https://asic.gov.au/regulatory-resources/corporate-governance/corporate-governance-taskforce/

https://download.asic.gov.au/media/5290879/rep631-published-2-10-2019.pdf

: https://www.issa.org/

:https://library.educause.edu/resources/2004/1/corporate-information-security-working-group

:https://www.researchgate.net/publication/232252326_Comparative_Analysis_of_Information_Security_Governance_Frameworks_A_Public_Sector_Approach

: https://www.bsa.org/about-bsa

: https://www.isaca.org/

: https://www.nist.gov/

Akhmad Syakhroza (2003). Best Practice Corporate Governance Dalam Kontek Perbankan Indonesia. Jakarta: Usahawan No. 06 Thn XXXII. 19.

Allen, J. H. & Westby, J. R. (2007). Governing for Enterprise Security (GES), Implementation Guide: Characteristics of Effective Security Governance1. USA: Carnegie Mellon University. 5-7

Biri, K .& Tentra, G.M. (2004). "Corporate Information Security Governance in Swiss Private Banking," Master’s Thesis University of Zurich

Business Management (2010). Staying off The Hook. Business management Magazine Issue 4, Security & Data. Retrieved July 2010, from http://www.busmanagementme.com/artic le/ Middle East Bank - Security Breaches - Phishing Frauds - IT Security/

Corporate Governance Task Force (2004).'Corporate Governance Task Force Report: Information Security Governance A Call To Action,' National Cyber Security Summit April 2004, USA

Council III, C. (2006). 'An Investigation of a COBIT System Security IT Governance Initiative in Higher Education,' PhD Thesis. Nova Southeastern University

Donaldson, W. H. (2005). 'U.S. Capital Markets in The Post-Sarbanes Oxley World: Why our markets should matter to foreign issuers,' U.S: Securities and Exchange Commission. London School of Economics.

Ernst & Young (2003). Global Information Security Survey 2003. US: E&Y

Flowerday, S. & Solms, R. V. (2006). Trust an Element of Information Security Securityand Privacy in Dynamic Environments. IFIP/SEC2005; Boston: Kluwer Academic Publishers, 87–97.

Harris, S. (2006). Information Security Governance Guide [online], [Retrieved 03- 04-2008]. www.SearchSecurity.com

Hoekstra, A. & Conradie, N., (2002). CobiT, ITIL and ISO17799, How to Use Them in Conjunction. USA: Price Water House Copper.

Holmquist, E. (2008). "Which Security Governance Framework is The Best Fit?," TechTarget ANZ, Australia [Online]. [Retrieved: August 2008], http://searchcio. techtarget.com. au/articles/24787-Which- security governance-framework-is the-best-fit-.htm,

ISO 27002-2006(2006). International Standard - Information Technology - Security Techniques - Code of Practice for Information Security Management [Online]. [Retrieved May 15, 2009], http://www.iso.org/iso/iso_catalogue/cat alogue_tc/

IT Governance Institute (2001). Information Security Governance: Guidance for Board of Directors and Executive Management. IT Governance Institute, Rolling Meadows, 11

IT Governance Institute (2006), Information Security Governance: Guiding for Board of Director and Executive Management 2nd Edition [online], [Retrieved May 15, 2009], www.itgi.org

IT Governance Institute (2007). CobiT 4.1 Excerpt [Online]. [Retrieved March 20, 2009],http://www.itgi.org/Template_ITGI.cfm?Section=Recent_publications&Tmplate=/Content Management/ ContentDisplay.cfm&ContentID=45948

Ma, Q. (2004). 'A Study on Information Security Objectives and Practices,' PHD Dissertation, Southern Illinois University. 17

Mahncke, R. J., McDermid D. C.& Williams P. A. (2009). "Measuring Information Security Governance within General Medical Practice," Proceedings of the 7th Australian Information Security Management Conference, Perth, Western Australia.

McCarthy, M.P. & Campbell, S. (2001). Security Transformation. New York: McGraw-Hill.

Moulton, R & Coles, R. S. (2003). "Applying Information Security Governance," Elsevier

MSNBC (2010). Massive Bank Security Breach Uncovered in New Jersey [online]. [Retrieved July 2010], from http://www.msnbc.msn.com/id/3303539

OECD. (2004). OECD Principles of Corporate Governance Organisation for Economic Co-Operation and Development. OECD

PCI. (2010). About the PCI Data Security Standard (PCI DSS) [online], [Retrieved July 2010], https://www.pcisecuritystandards.org/sec urity_standards/pci_dss.shtml Publisher

Power, R. (2002). CSI/FBI Computer Crime and Security Survey (2002), Computer Security Issues & Trends, vol. VIII, No.1.

Rastogi, R & Von Solms, R. (2006). Information Security Governance a Redefinition. IFIP International Federation for Information Processing, Volume 193/2006, Springer Boston.

Rogers, M. (2001). A Social Learning Theory and Moral Disengagement Analysis of Criminal Computer Behavior: an Exploration Study. Unpublished dissertation.[online],[RetrievedAugust2007],http://www.mts.net/mkr/cybercrimethesis.pdf

RSA (2010). Information Security Glossary: The Federal Financial Institutions Examination Council (FFIEC)[online].

Von Solms, B. (2000). "Information Security - The Third Wave?," Computers and Security, 19(7). November, 615-620.

Von Solms, R. & Von Solms S. H. (2006). "Information Security Governance: A Model Based on the Direct Control Cycle," Elsevier Ltd: Computers & Security, Volume 25, September 2006, Pp 408-412

Downloads

Published

2023-12-15

How to Cite

Zarifova , Z., & Salimov, S. (2023). BANK TIZIMLARIDA AXBOROT XAVFSIZLIGINI BOSHQARISHNING TEXNIK-TASHKILIY ASOSLARI. Innovative Development in Educational Activities, 2(23), 132–148. Retrieved from https://openidea.uz/index.php/idea/article/view/1864

Issue

Vol. 2 No. 23 (2023): Innovative Development in Educational Activities (IDEA)

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.