Measuring the information security risk in an infrastructure

Most information attacks come from the Internet these days; they spread through networks of different types and extensions. The quantity of malware of a size of several hundred millions require more and more refined and complex solutions and tools of protection. The products sold as virus protection programs in the 80s have become complex systems by today. The situation is made even more difficult by the fact that the continually appearing threats are active for a very short time only-for 2-3 hours or a few days. The multilevel protection systems provide protection of the computers in diverse user situations. The continuous development and complexity of the operation systems, the applications running on them, the forms and possibilities of attacks taking advantage of them and the protection solutions result in the fact that the users of computers are not aware of what sources of danger are threatening their machines and what the protection systems are capable of and to what extent they can protect the IT systems from the attacks. The independent testers specialized in the investigation of protection systems assess the protection solutions only but they can hardly answer the question to what extent the set of the protection systems used by the user can protect the infrastructure of the user against cyber-attacks. In this paper the possibilities how antimalware testing industry can provide more valuable and usable information for the protection of IT infrastructures are discussed. In order to do this we need to rise above the assessment of the protection systems and examine the vulnerability and protection of an infrastructure.