SYSTEM OF CYBER RESISTANCE ASSESSMENT INDICATORS INFORMATION SYSTEMS OF CRITICAL INFRASTRUCTURE OBJECTS

Authors

  • Volodymyr Shypovskyi Department of Information and Analytical Technologies of the Institute of Information and Telecommunication Technologies and Cyber Defense of the National Defense University of Ukraine named after Ivan Chernyakhovsky https://orcid.org/0000-0003-3743-3064

DOI:

https://doi.org/10.18372/2410-7840.25.17597

Keywords:

cyber resistance, information system, critical objects, methods of assessing the level of cyber protection, critical infrastructure

Abstract

In today's world, where computer technology is an integral part of most aspects of our lives, cyber security is becoming more and more relevant and critical. This is especially true for critical facilities such as power plants, transportation systems, medical facilities, banks, and other systems where insufficient cyber resilience can lead to serious consequences, including loss of life and property damage. The article provides a comparative analysis of the main approaches to assessing the level of cyber protection of information systems, analyzes the main criteria and indicators of these approaches, and develops a general model of the system of indicators for assessing the cyber resistance of information systems of critical objects. Evaluating the cyber resistance of such systems is a complex and responsible task, as it requires the analysis of a large number of factors that affect the security of information systems. Therefore, the selection of indicators and criteria for assessing the cyber resilience of information systems of critical objects is a very important and urgent problem for scientific research in the field of cyber security.

References

Cybersecurity in the Internetof Things in Indus-trial Management. R.J. Raimundo, A.T. Rosário. URL: https://www.mdpi.com/2076-3417/ 12/3/ 1598 (дата звернення: 12.02.2023).

Evaluation of Cybersecurity Management Control sand Metrics of Critical Infrastructures: A Litera-ture Review Consideringthe NIST Cybersecurity Framework. Barbara Krumay, Edward W. N. Bernroider, Roman Walser URL: https: // link. springer. com / chapter/10.1007/978-3-030-0363 8-6_23 (дата звернення: 12.02.2023).

Evaluation of Cybersecurity Management Control sand Metrics of Critical Infrastructures: A Litera-ture Review Considering the NIST Cybersecurity Framework. Barbara Krumay, Edward W. N. Bernroider, Roman Walser URL: https: // link. springer .com / chapter/ 10.1007 / 978-3-030-0363 8-6_23 (дата звернення: 12.02.2023).

A comprehensive framework for the assessment of Governmen tprojects J. Rhoda, C. Joseph b URL: https: // www. sciencedirect. com/science/ arti-cle/abs/pii/S0740624X07000603 (дата звернення: 18.02.2023).

Національний інститут стандартів та технологій (NIST) США. URL: https://www.nist.gov/ cyberframework / cybersecurity-framework (дата звернення: 10.02.2023).

Європейське агентства з кібербезпеки (ENISA). URL: https: // www.enisa.europa.eu/topics/cybersecurity-act/cybersecurity-certification (дата звернення: 15.02.2023).

Міжнародна організація зі стандартизації (ISO). URL:https://www.nist.gov/cyberframework/cybersecurity - framework (дата звернення: 10.02. 2023).

NIST Cybersecurity Framework, NIST. URL: https://www.nist.gov/cyberframework (дата звернення: 11.02.2023).

Introduction to the Cybersecurity Capability Ma-turity Model (C2M2), NIST. URL: https://www. nist. gov/services-resources/software/cybersecurity-evaluation-tool-cset (дата звернення: 11.03. 2023).

Cybersecurity Evaluation Tool, CSET.URL: https: //www.nist.gov/cyberframework/cybersecurity-framework (дата звернення: 10.02.2023).

Cybersecurity of AI and Standardisation. URL: https:// www. enisa. europa.eu / publications /cybersecurity-of-ai-and-standardisation (дата звернення: 22.02.2023).

Embedded Sim Ecosystem, Security Risksand-Measures. URL: https: //www.enisa.europa. eu/ publications/embedded-sim-ecosystem-security-risks-and-measures (дата звернення: 11.03.2023).

Building Effective Governance Frameworksfor the Implementation of National Cybersecurity Strategies. URL: https: // www. enisa. europa.eu /publications/building-effective-governance-fra-meworks-for-the-implementation-of-national-cybersecurity - strategies (дата звернення: 10.02. 2023).

Стандарты управления информационной безопасностью ISO/IEC 27001:2013. URL:https:// learn.microsoft. com / ru-ru /compliance/regulatory/offering-iso-27001 (дата звернення: 20.02. 2023).

Сертифікація систем управління інформаційною безпекою. URL: https://www.bureauveritas.com.ua/needs/iso-27001-sertifikaciya-sistem-upravlinnya-informaciynoyu-bezpekoyu (дата звернення: 21.02.2023).

Розробка системи ISO 27001. URL: https: // atestor.ua / uk / services / vnedrenie-standarta-ISO-27001 / (дата звернення: 20.02.2023).

Downloads

Published

2023-05-25

How to Cite

Shypovskyi, V. (2023). SYSTEM OF CYBER RESISTANCE ASSESSMENT INDICATORS INFORMATION SYSTEMS OF CRITICAL INFRASTRUCTURE OBJECTS. Ukrainian Information Security Research Journal, 25(1), 37–45. https://doi.org/10.18372/2410-7840.25.17597

Issue

Vol. 25 No. 1 (2023): Ukrainian Information Security Research Journal

Section

Articles

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.