METHODOLOGY FOR ASSESSMENT THE SUM OF CYBERSECURITY RISKS OF THE INFORMATION SYSTEM OF OBJECTS OF CRITICAL INFRASTRUCTURE
DOI:
https://doi.org/10.18372/2410-7840.25.17941Keywords:
cybersecurity, risk, critical infrastructure, information system, methodologyAbstract
To determine the economic feasibility of the application and selection of certain measures to handle the risk of the project as a whole, including both organizational and technical, it is necessary to make an estimated comparison of the cost of such measures with the maximum amount of losses resulting from several risks. The paper proposes a methodology for assessing the amount of cybersecurity risks of the information system of critical infrastructure facilities. The methodology proposed in the article is based on the application of methods for calculating the sum of risks and calculating complex risk. Based on the methodology proposed in this article, structural solutions of computing systems for assessing the risk of cybersecurity of information systems that implement methods for calculating the sum of risks and calculating complex risk are presented, as well as software systems are built. The results can be used to determine the risk of a complex project (there may be a complex information system), characterized by the consequences of the project and the likelihood of these consequences.
References
Petar Radanlieva, David Charles De Rourea, Razvan Nicolescub, Michael Huthb, Rafael Mantilla Montalvoc, Stacy Cannadyc, Peter Burnap. Future develop-ments in cyber risk assessment for the internet of things. Computers in Industry. Vol. 102. 2018. pp.14-22.
Мохор В.В., Гончар С.Ф., Дибач О.М. Методи оцінки сумарного ризику кібербезпеки об’єктів критичної інфраструктури // Ядерна та радіаційна безпека. 2019. №2(82). С. 57-61.
MansourAlali, AhmadAlmogren, Mohammad MehediHassan, Iehab A.L. Rassan, Md Zakirul Alam Bhuiyan. Improving risk assessment model of cyber security using fuzzy logic inference system. Computers & Security. Vol. 74. 2018. pp. 323-339.
Derek Young, Juan Lopez Jr., Mason Rice, Benjamin Ramsey, Robert McTasney. A framework for incorporating insurance in critical infrastructure cyber risk strategies. International Journal of Critical Infrastruc-ture Protection. Vol. 14. 2016. pp. 43-57.
Martin Eling, Jan Wirfs. What are the actual costs of cyber risk events? European Journal of Operational Research. 2019. Vol. 272, Issue 3. pp. 1109-1119.
Jain P., Pasman H. J., Waldram S., Pistikopoulos E. N., Mannan M. S. Process Resilience Analysis Framework (PRAF): A systems approach for im-proved risk and safety management. Journal of Loss Prevention in the Process Industries. 2018. Vol. 53. pp. 61-73.
Rowe W. D. An Anatomy of Risk. Environmental Protection Agency. Washington, 1975. 125 р.
Мохор В.В., Гончар С.Ф. Идея построения ал-гебры рисков на основе теории комплексных чисел // Електронне моделювання. 2018. Т.40. №4. С. 107-111.
Downloads
Published
How to Cite
Issue
Section
License
The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.
All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.
Copyright
Authors who publish their works in the journal:
-
retain the copyright to their publications;
-
grant the journal the right of first publication of the article;
-
agree to the distribution of their materials under the CC BY 4.0 license;
-
have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.
