Information security management model

The article discusses the problem of information protection in information systems of organizations in conditions of limited available resources. It has been shown that traditional information security management models do not take into account the increasing number of modern cyber threats, as well as the risks of achieving goals. A comprehensive information security management model has been proposed and the need to implement it in the organization has been justified. Proposals to improve the strategic management of information security of production organizations have been formulated.