🤖 AI Summary
Large organizations struggle to sustain information security and regulatory compliance in dynamic, evolving environments.
Method: This study models enterprise information security governance as a multidimensional dynamical system and, for the first time, formalizes it as a feedback regulation problem within control-theoretic frameworks. Leveraging the UK BS standard, we construct an enterprise-scale digital twin with 1.2 million parameters and propose a quantification paradigm centered on an integral-type security state metric, enabling real-time security态势 characterization and closed-loop compliance verification.
Contribution/Results: The work transcends traditional static audit paradigms by establishing a novel digital twin–enabled security governance approach—standards-driven, parameter-auditable, quantitatively evaluable, and response-controllable. The solution has been fully deployed across an operational enterprise and integrated with organization-wide capability alignment, yielding significant improvements in security resilience and regulatory response efficiency.
📝 Abstract
The area of research includes control theory, dynamic systems, parameters of the external environment, mode, integral indicators, British standards. The main idea of the article is information security. The activity of a large-scale object (enterprise) is considered. The activity of the enterprise is presented as a multidimensional dynamic system and is displayed as a digital copy of 1.2 million parameters. A British digital copy-based information security standard is being introduced. Information security equipment and software were purchased. The training of the company’s personnel was completed. Evaluation of implementation (activities) is done as an integral indicator. The dynamics of the integral indicator assesses the implementation of the British standard.