METHOD FOR ASSESSING CONSEQUENCES OF LOS A CRITICAL INFORMATION INFRASTRUCTURE OBJECT BY GENERALIZED CRITERIA

Authors

DOI:

https://doi.org/10.28925/2663-4023.2024.25.487504

Keywords:

critical information infrastructure object, consequences of loss, method of assessment, criteria of consequences.

Abstract

On the basis of the conducted analysis and research of the criteria for the definition and assessment of critical infrastructure sectors, the criticality of critical infrastructure objects and critical information infrastructure objects, objects of information activity, the social, public, and economic significance of these critical infrastructure objects, the relationship between them, including to ensure the national security and defense capability of the country, taking into account the complexity categories of the object by classes of consequences (responsibility) of buildings and structures, provision of vital functions and/or basic services, levels of possible emergency or crisis situations in case of loss, etc., developed a method for assessing consequences of loss a critical information infrastructure object by generalized criteria (international and national impact, functions and/or services, significance, responsibility, information, cyber security, protection and guarantees, cyber resilience). This method is one of the ways to prevent, detect, prevent and neutralize threats to the security of a critical infrastructure object and to maintain the state of cyber security of a critical information infrastructure object at a level that ensures the continuity of operation and the stability of the provision of basic services and/or vital functions for the timely minimization and elimination of the estimated consequences. In the future, for experimental and practical implementation, it is necessary to develop method for assessing the risk of loss a critical information infrastructure object.

Downloads

Download data is not yet available.

References

Monografia.

Ermenchuk, O. (2018). Basic approaches to the organization of critical infrastructure protection in European countries: experience for Ukraine. Monograph.

Bobro, D., et al. (2019). Organizational and legal aspects of ensuring the safety and stability of critical infrastructure of Ukraine. Analyst add.

Korchenko, О., et al. (2017). Analysis problems in the field of state’s critical infrastructure. Projekt interdyscyplinarny projektem XXI wieku: Monografia, 1, 397–402.

Korchenko, О., et al. (2019). Criteria for assigning objects to critical infrastructure of Ukraine. Przetwarzanie, transmisja i bezpieczenstwo informacij: Monografia, 2, 189–196.

Korchenko, O., et al. (2018). Model of the classifier of objects of critical information infrastructure of the state. Ukrainian Information Security Research Journal, 20(1), 5–11.

Korchenko, O., et al. (2017). Ukrainian critical information infrastructure: terms, sectors and consequences. Ukrainian Information Security Research Journal, 19(4), 303–309.

Korchenko, O. (2017). Applied information security risk assessment systems. Monograph.

Mohor, V., & Honchar, S. (2019). Assessment of cyber security risks of information systems of critical infrastructure objects. Electronic Modeling, 41(6), 65–76.

Gnatyuk, S., et al. (2021). The method of forming a functional security profile of branch information and telecommunication systems. Cyber security: education, science, technology, 3(11), 166–182.

Komarov, M. (2021). Method and means of protecting information from cyber influences in computer systems and networks of critical infrastructure objects. Diss. Ph.D. in Eng.

Dreis, Yu. (2017). Analysis of basic terminology and negative consequences of cyberattacks on information and telecommunication systems of critical state infrastructure objects. Ukrainian Information Security Research Journal, 19(3), 214–222.

Dreis, Yu., et al. (2022). Restricted Information Identification Model. In: CEUR Workshop Proceedings, vol. 3288, 89–95.

The Global Industry Classification Standard (GICS)–S&P Global. (2018). https://www.spglobal. com/marketintelligence/en/documents/112727-gics-mapbook_2018_v3_letter_digitalspreads.pdf

International Standard Industrial Classification of All Economic Activities. (2008). Revision 4. United Nations. New York, https://unstats.un.org/unsd/publication/seriesM/seriesm_4rev4e.pdf

Classification of types of economic activity. National Classifier of Ukraine SK 009:2010. (n. d.). https://zakon.rada.gov.ua/rada/show/vb457609-10

Buildings and structures. Determination of the class of consequences (responsibility). SSTU 8855:2019. (2019). http://www.utsks.com/images/My_pdf/8855_2019.pdf

Information security criteria in computer systems against unauthorized access. (n. d.). ND TPI 2.5-004-99.

Classification of automated systems and standard functional profiles of protection of processed information against unauthorized access. (n. d.). ND TPI 2.5-005-99.

The procedure for carrying out work on state examination of means of technical protection of information from unauthorized access and complex systems of information protection in information and telecommunication systems. (n. d.). ND TPI 2.6-001-11.

Provisional provision on the categorization of objects. PPCO-95. (n. d.). https://zakon.rada.gov.ua/rada/ show/v0035267-95#Text

On the main principles of ensuring cyber security of Ukraine. (2017). Law of Ukraine, http://zakon2.rada.gov.ua/laws/show/2163-19

On the protection of information in information and communication systems. (1994). Law of Ukraine, https://zakon.rada.gov.ua/laws/show/80/94-%D0%B2%D1%80#Text

On the critical infrastructure. (2021). Law of Ukraine. https://zakon.rada.gov.ua/laws/show/1882-20#Text

On the approval of the Rules for ensuring the protection of information in information, electronic communication and information and communication systems. (2020). Resolution https://zakon.rada.gov.ua/laws/show/373-2006-%D0%BF#Text

Some issues of critical infrastructure objects. (2020). Resolution, https://zakon.rada.gov.ua/rada/show/1109-2020-%D0%BF#n94

Some issues of objects of critical information infrastructure. (2020). Resolution, https://zakon.rada.gov.ua/ laws/show/943-2020-%D0%BF#Text

On the approval of General requirements for cyber protection of critical infrastructure objects. (2019) Resolution. https://zakon.rada.gov.ua/laws/show/518-2019-%D0%BF#Text

On the approval of the Procedure for the classification of emergency situations by their levels. (2004). Resolution. https://zakon.rada.gov.ua/laws/show/368-2004-%D0%BF

On approval of the Procedure for Monitoring the Security Level of Critical Infrastructure Objects. (2022). Resolution. https://zakon.rada.gov.ua/laws/show/821-2022-%D0%BF#n8

Downloads


Abstract views: 92

Published

2024-09-25

How to Cite

Dreis, Y. (2024). METHOD FOR ASSESSING CONSEQUENCES OF LOS A CRITICAL INFORMATION INFRASTRUCTURE OBJECT BY GENERALIZED CRITERIA. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 1(25), 487–504. https://doi.org/10.28925/2663-4023.2024.25.487504