New Methods of the Cybersecurity Knowledge Management Analytics

The article discusses the possibilities of using Master Data Management (MDM) technology to solve the problem of developing a corporate (institutional) state system segment to detect, prevent and eliminate the cyber - attack consequences (hereinafter - SOPKA). Typical objectives of semantic cyber security MDM is identified in article. The semantic cyber security MDM means a data management system that operates rules of the object behavior and interaction in cyberspace to solve the SOPKA problems in order to prevent the protected critical infrastructure transition to catastrophic states. Cyber security ontology (meta-ontology) as the knowledge presentation way about qualitative characteristics and quantitative patterns of information confrontation is proposed. Shown, that by combining cyber security data from various external and internal information sources and corresponding rules to detect, prevent, and eliminate the cyber-attacks consequences into a single semantic domain model, it is possible to build the required intellectual (and, in the future, cognitive) information space, then to develop the appropriate artificial cognitive agents and the corresponding intelligent “semantic cyber security MDM” software and hardware complex to support SOPKA operations as a whole. The basic development principles of the “semantic cyber security MDM” software and hardware complex are formulated. The possible architecture of the “Warning-2016” software and hardware complex that is intended for early cyber-attack warning on corporate and institutional information resources of the Russian Federation is shown. It is based on SAP HANA, and the required semantic MDM is implemented on the basis of SAP NetWeaver Master Data Management (SAP NW MDM).