The invention discloses a
threat data processing method for an
information system. The method comprises the steps that an obtained
information security incident is mapped into a potential
threat index and an existing
threat index; threat frequency calculation is performed on the existing threat index, the result of the frequency calculation is assigned to the
security index threat index related to the
information security incident; according to a preset period, information collection, formation and correlation are performed on the potential threat index according to a preset threat source to obtain a threat multi-component
system; each threat element in a log of a target
information system is indexed, the threat multi-component
system is used for working out the
occurrence probability of the multi-component
system on the basis of an
indexation calculation method, and assignment and mapping are performed to obtain a threat value; according to the
security domain threat index and the threat value, a corresponding
data model is generated so as to evaluate the security of the
information system. By building the
data model, a user can conveniently and visually observe the
occurrence probability of each threat in the
information security incident, and the threat with which the information system is faced can be evaluated objectively.