METHOD FOR OPTIMIZING INFORMATION SECURITY POLICIES BASED ON USER BEHAVIOUR PATTERNS Russian patent published in 2024 - IPC G06F21/00 

FIELD: information security.

SUBSTANCE: risk management tools in enterprise information security, as well as decision support systems in the field of information security. A method for optimizing information security policies based on user behaviour patterns includes the following actions: ranking assessment of the resources of user workstations available for information security tools (hereinafter referred to as IST); monitoring user behaviour, vulnerability index and behaviour anomalies in real time; detection of behaviour patterns; assessing complexity of information security policies; optimization of hardware and software information protection systems. To do this, all user workstations are first ranked according to the level of available hardware resources. Also, for workstations, an additive level of complexity of information security policies and the level of response of the information security service are introduced. Then, a list of user behaviour patterns is entered, i.e. such categories of users that require an increase in the level of information security policies or the level of response. Optimization criteria for these levels are introduced for the previously measured assessment of free hardware resources of workstations.

EFFECT: reduced level of requirements for enterprise information security hardware resources and reduced labour costs of information security officers and administrators in providing response measures to incidents identified by information security.

2 cl, 6 dwg