Share:


Methodology for assessing the risk associated with information and knowledge loss management

    Hanna Yarovenko   Affiliation
    ; Yuriy Bilan   Affiliation
    ; Serhiy Lyeonov   Affiliation
    ; Grzegorz Mentel   Affiliation

Abstract

In practice, there is a massive time lag between data loss and its cause identification. The existing techniques perform it comprehensively, but they consume too much time, so there is a need for fast and reliable methods. The article’s purpose is to develop a rapid methodology to assess the risk of information and knowledge loss management. It provides the implementation of eight steps and combines a risk mapping method modified by assessments based on risk factors and incidents as elements from set theory and using formalization via binary estimates. The methodology includes five significant events caused by the company staff, technical problems, software, cybercriminals, viral attacks, and 66 factors influencing company incidents. As a result, a risk map of 9 groups was built for a Ukrainian enterprise. Only two groups with the minimum number of incidents and low losses are represented by all five incidents. The defined overall level of each risk group ranges from 0.14 to 0.26, which indicates a low probability of all happenings in the group. In general, the resulting map shows the existence of specific security problems of the company under investigation. The proposed assessment allows us to interpret the level of risk in the company quickly, identify weaknesses in the information security system, and predict future losses.

Keyword : risk, information loss, knowledge loss management, factor and incident, binary estimate, risks map

How to Cite
Yarovenko, H., Bilan, Y., Lyeonov, S., & Mentel, G. (2021). Methodology for assessing the risk associated with information and knowledge loss management. Journal of Business Economics and Management, 22(2), 369-387. https://doi.org/10.3846/jbem.2021.13925
Published in Issue
Feb 5, 2021
Abstract Views
2150
PDF Downloads
1505
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

References

Aryani, D. N., & Hussainey, K. (2017). The determinants of risk disclosure in the Indonesian non-listed banks. International Journal of Trade and Global Markets, 10(1), 58–66. https://doi.org/10.1504/IJTGM.2017.082376

AusCERT. (2020). The 19th Annual AusCERT Cyber Security Conference. https://conference.auscert.org.au/

Berzin, P., Shyshkina, O., Kuzmenko, O., & Yarovenko, H. (2018). Innovations in the risk management of the business activity of economic agents. Marketing and Management of Innovations, 4, 221–233. https://doi.org/10.21272/mmi.2018.4-20

Bilan, Y., Kuzmenko, O., & Boiko, A. (2019a, April). Research on the impact of Industry 4.0 on entrepreneurship in various countries worldwide. In 33rd IBIMA Conference Proceedings (pp. 2373–2384). Granada, Spain. https://ibima.org/accepted-paper/research-on-the-impact-of-industry-4-0-on-entrepreneurship-in-various-countries-worldwide/

Bilan, Y., Rubanov, P., Vasylieva, T., & Lyeonov, S. (2019b). The influence of Industry 4.0 on financial services: Determinants of alternative finance development [Wpływ przemysłu 4.0 na usługi finansowe: determinanty rozwoju alternatywnych finansów]. Polish Journal of Management Studies, 19(1), 70–93. https://doi.org/10.17512/pjms.2019.19.1.06

Bilan, Y., Tiutiunyk, I., Lyeonov, S., & Vasylieva, T. (2020). Shadow economy and economic development: A panel cointegration and causality analysis. International Journal of Economic Policy in Emerging Economies, 13(2), 173–193. https://doi.org/10.1504/IJEPEE.2020.107929

Bilan, Y., Vasilyeva, T., Lyeonov, S., & Bagmet, K. (2019c). Institutional complementarity for social and economic development. Business: Theory and Practice, 20, 103–115. https://doi.org/10.3846/btp.2019.10

Bilan, Y., Vasilyeva, T., Lyulyov, O., & Pimonenko, T. (2019d). EU vector of Ukraine development: Linking between macroeconomic stability and social progress. International Journal of Business and Society, 20(2), 433–450. http://www.ijbs.unimas.my/images/repository/pdf/Vol20-no2-paper1.pdf

Boyko, A., & Roienko, V. (2014). Risk assessment of using insurance companies in suspicious transactions. Economic Annals-XXI, 11–12, 73–76. http://soskin.info/userfiles/file/2014/11-12_2014/Boyko_Roienko.pdf

Brahmana, R., & Tan, J. H. (2018). Disclosing risk information by Malaysian firms: A trend and the determinants. International Journal of Economic Policy in Emerging Economies, 11(5), 457–469. https://doi.org/10.1504/IJEPEE.2018.094804

Cimpanu, C. (2020). Exclusive: Details of 10.6 million MGM hotel guests posted on a hacking forum. https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/

Dmitrov, O. S., Goncharov, K. G., Merenkova, O. V., Medvid, T. A., Boyko, A. O., & Vakhnyuk, S. V. (2010). Simulation of commercial bank operational risk assessment [Modeliuvannia otsinky operatsiinoho ryzyku komertsiinoho banku]. State Higher Education Institution “Ukrainian Banking Academy of the National Bank of Ukraine” Press (in Ukrainian).

Dmytrov, S., & Medvid, T. (2017). An approach to the use of indices-based analysis subject to money laundering and terrorist financing national risk assessment. SocioEconomic Challenges, 1(1), 35–47. https://doi.org/10.21272/sec.2017.1-04

Gemalto. (2018). Breached records more than doubled in H1 2018, reveals breach level index. https://blog.gemalto.com/security/2018/10/09/breached-records-more-than-doubled-in-h1-2018-reveals-breach-level-index/

Grenčíková, A., Bilan, Y., Samusevych, Y., & Vysochyna, A. (2019, April). Drivers and inhibitors of entrepreneurship development in central and eastern European countries. In 33rd IBIMA Conference Proceedings (pp. 2536–2547). Granada, Spain. https://ibima.org/accepted-paper/drivers-and-inhibitors-of-entrepreneurship-development-in-central-and-eastern-european-countries/

Gupta, R. (2017). Socioeconomic challenges and its inhabitable global illuminations. SocioEconomic Challenges, 1(1), 81–85. https://doi.org/10.21272/sec.2017.1-10

Hammerström, L., Giebe, C., & Zwerenz, D. (2019). Influence of Big Data & analytics on corporate social responsibility. SocioEconomic Challenges, 3(3), 47–60. https://doi.org/10.21272/sec.3(3).47-60.2019

Hrytsenko, L., Boiarko, I., Ryabenkov, O., & Didenko, O. (2019). Assessment of the value loss risk in response to the enterprise’s innovative transformations. Marketing and Management of Innovations, 1, 229–237. https://doi.org/10.21272/mmi.2019.1-19

Hudáková, M., & Dvorský, J. (2018). Assessing the risks and their sources in dependence on the rate of implementing the risk management process in the SMEs. Equilibrium. Quarterly Journal of Economics and Economic Policy, 13(3), 543–567. https://doi.org/10.24136/eq.2018.027

Hudakova, M., Masar, M., Luskova, M., & Patak, M. R. (2018). The dependence of perceived business risks on the size of SMEs. Journal of Competitiveness, 10(4), 54–69. https://doi.org/10.7441/joc.2018.04.04

IEEE. (2020, September). The 5th IEEE European Symposium on Security and Privacy (EuroS&P). https://www.ieee-security.org/TC/EuroSP2020/index.html

Jin, H.-W. (2019). Analysis of factors affecting the benefits of demand information sharing. E&M Economics and Management, 22(3), 204–219. https://doi.org/10.15240/tul/001/2019-3-013

Karabuto, A. (2020). Ontrack Data Recovery Lab [Laboratoriya vosstanovleniya dannyih Ontrack].
https://www.ixbt.com/storage/ontrack-labtour-f07.shtml (in Russian).

Karaoulanis, A. (2018). Big Data, what is it, its limits and implications in contemporary life. Business Ethics and Leadership, 2(4), 108–114. https://doi.org/10.21272/bel.2(4).108-114.2018

Kendiukhov, I., & Tvaronavičienė, M. (2017). Managing innovations in sustainable economic growth. Marketing and Management of Innovations, 3, 33–42. https://doi.org/10.21272/mmi.2017.3-03

Kollár, C., & Zsuzsanna Bellász, Z. V. (2017). Terrorism and the information security of media content with special regard to ISIS, the Balkans and Russia. SocioEconomic Challenges, 1(1), 13–19. https://doi.org/10.21272/sec.2017.1-02

Kolomiiets, U., & Petrushenko, Yu. (2017). The human capital theory. Encouragement and criticism. SocioEconomic Challenges, 1(1), 77–80. https://doi.org/10.21272/sec.2017.1-09

Kostyuchenko, N., Starinskyi, М., Tiutiunyk, I., & Kobushko, I. (2018). Methodical approach to the assessment of risks connected with the legalization of the proceeds of crime. Montenegrin Journal of Economics, 14(4), 023–043. https://doi.org/10.14254/1800-5845/2018.14-4.2

Kuzmenko, O., & Bozhenko, A. (2014). Optimization of the risk level of net retention in the insurance market. Economic Annals-XXI, 11–12, 76–79. http://soskin.info/userfiles/file/2014/11-12_2014/Kuzmenko_Bozhenko.pdf

Lazaroiu, G., Kovachova, M., Kliesticova, J., Kubla, P., Valaskova, K., & Dengov, V. (2018). Data governance and automated individual decision-making in the digital privacy General Data Protection Regulation. Administratie si Management Public, 31, 132–141.

Lee, D. (2020). Cathay Pacific fined £500,000 by British privacy watchdog for 2018 data breach but avoids potentially heftier penalty under European regulation. https://www.scmp.com/news/hong-kong/transport/article/3065071/cathay-pacific-fined-ps500000-british-privacy-watchdog

Leonov, S. V., Vasilyeva, T. A., & Shvindina, H. O. (2017). Methodological approach to design the organizational development evaluation system. Scientific Bulletin of Polissia, 3(11), 2, 51–56. https://doi.org/10.25140/2410-9576-2017-2-3(11)-51-56

Leonov, S. V., Vasylieva, T. A., & Tsyganyuk, D. L. (2012). Formalization of functional limitations in functioning of co-investment funds basing on comparative analysis of financial markets within FM CEEC. Actual Problems of Economics, 134(8), 75–85. https://www.researchgate.net/publication/294565974_Formalization_of_functional_limitations_in_functioning_of_co-investment_funds_basing_on_comparative_analysis_of_financial_markets_within_FM_CEEC

Leonov, S., Yarovenko, H., Boiko, A., & Dotsenko, T. (2019, May). Information system for monitoring banking transactions related to money laundering. In Proceedings of the 8th International Conference on Monitoring, Modeling and Management of Emergent Economy: Experimental Economics and Machine Learning for Prediction of Emergent Economy Dynamics, M3E2-EEMLPEED 2019 (pp. 297–307). Odessa, Ukraine. http://ceur-ws.org/Vol-2422/paper24.pdf

Levchenko, V., Boyko, A., Bozhenko, V., & Mynenko, S. (2019). Money laundering risk in developing and transitive economies: Analysis of cyclic component of time series. Business: Theory and Practice, 20, 492–508. https://doi.org/10.3846/btp.2019.46

Limba, T., Stankevičius, A., & Andrulevičius, A. (2019). Towards sustainable cryptocurrency: Risk mitigations from a perspective of national security. Journal of Security and Sustainability, 9(2), 375–389. https://doi.org/10.9770/jssi.2019.9.2(2)

Lyeonov, S., Kuzmenko, O., Yarovenko, H., & Dotsenko, T. (2019). The innovative approach to increasing cybersecurity of transactions through counteraction to money laundering. Marketing and Management of Innovations, 3, 308–326. https://doi.org/10.21272/mmi.2019.3-24

Lyulyov, O., & Shvindina, H. (2017). Stabilization pentagon model: Application in the management at macro- and micro-levels. Problems and Perspectives in Management, 15(3), 42–52. https://doi.org/10.21511/ppm.15(3).2017.04

Morsher, Ch., Horsch, A., & Stephan, J. (2017). Credit information sharing and its link to financial inclusion and financial intermediation. Financial Markets, Institutions and Risks, 1(3), 22–33. https://doi.org/10.21272/fmir.1(3).22-33.2017

Mura, L., Marchevska, M., & Dubravska, M. (2018). Slovak retail business across panel regression model. Marketing and Management of Innovations, 4, 203–211. https://doi.org/10.21272/mmi.2018.4-18

Nasr, A. K., Alaei, S., Bakhshi, F., Rasoulyan, F., Tayaran, H., & Farahi, M. (2019). How enterprise risk management (ERM) can affect on short-term and long-term firm performance: Evidence from the Iranian banking system. Entrepreneurship and Sustainability Issues, 7(2), 1387–1403. https://doi.org/10.9770/jesi.2019.7.2(41)

Nocoń, A., & Pyka, I. (2019). Sectoral analysis of the effectiveness of bank risk capital in the Visegrad Group countries. Journal of Business Economics & Management, 20(3), 424–445. https://doi.org/10.3846/jbem.2019.9606

Podaras, A. (2017). Risk-based control of the negative effect of discontinued automated processes – a case from the agricultural domain. E&M Economics and Management, 20(4), 251–261. https://doi.org/10.15240/tul/001/2017-4-017

Polak, J. (2019). Determining probabilities for a commercial risk model of Czech exports to China with respect to cultural differences and in financial management. Journal of Competitiveness, 11(3), 109–127. https://doi.org/10.7441/joc.219.03.07

Ponemon Institute. (2014). 2014 cost of data breach study: Global analysis. https://centurybizsolutions.net/wp-content/uploads/2014/12/IBM.pdf

Ponemon Institute. (2017). 2017 cost of data breach study: Global overview. https://www.ibm.com/downloads/cas/ZYKLN2E3

Ponemon Institute. (2018). 2018 cost of a data breach study: Global overview. https://www.ibm.com/downloads/cas/861MNWN2

Ponemon Institute. (2019). Cost of a data breach report 2019. https://www.all-about-security.de/fileadmin/micropages/Fachartikel_28/2019_Cost_of_a_Data_Breach_Report_final.pdf

Riley, D. (2020). Microsoft exposes 250M customer service records via misconfigured Elasticsearch database. https://siliconangle.com/2020/01/22/microsoft-exposes-250m-customer-service-records-via-misconfigured-elasticsearch-database/

Subeh, M. A., & Yarovenko, H. (2017). Data mining of operations with card accounts of bank clients. Financial Markets, Institutions and Risks, 1(4), 87–95. https://doi.org/10.21272/fmir.1(4).87-95.2017

Targett, E. (Ed.) (2020). Decathlon leaks 123 million records via insecure Elasticsearch server. https://www.cbronline.com/news/decathlon-leaks

University of Bristol. (2020). The 15th International Conference on Critical Information Infrastructures Security 2020. https://critis2020.blogs.bristol.ac.uk/

Vasa, L., & Angeloska, A. (2020). Foreign direct investment in the Republic of Serbia: Correlationbetween foreign direct investments and the selected economic variables. Journal of International Studies, 13(1), 170–183. https://doi.org/10.14254/2071-8330.2020/13-1/11

Vasa, L., Baranyai, Z., Kovács, Z., & Szabó, G. G. (2014). Drivers of trust: Some experiences from Hungarian agricultural cooperatives. Journal of International Food & Agribusiness Marketing, 26(4), 286–297. https://doi.org/10.1080/08974438.2013.833567

Vasilyeva, T., Kuzmenko, O., Bozhenko, V., & Kolotilina, O. (2019, May). Assessment of the dynamics of bifurcation transformations in the economy. In Proceedings of the 8th International Conference on Monitoring, Modeling and Management of Emergent Economy: Experimental Economics and Machine Learning for Prediction of Emergent Economy Dynamics, M3E2-EEMLPEED 2019 (pp. 134–146). Odessa, Ukraine. http://ceur-ws.org/Vol-2422/paper11.pdf

Vasyl’eva, T. A., Leonov, S. V., & Makarenko, I. O. (2017). Modern methodical approaches to the evaluation of corporate reporting transparency. Scientific Bulletin of Polissia, 1(9), 2, 185–190. https://doi.org/10.25140/2410-9576-2017-2-1(9)-185-190

Vasylyeva, T. A., Leonov, S. V., & Bohma, S. D. (2014). The impact of implicit bank consolidation on systemic risk in the banking system of Ukraine. Actual Problems of Economics, 159(9), 384–389. https://doi.org/10.2139/ssrn.2538382