EVALUATION OF RISKS OF CYBER SECURITY OF INFORMATION SYSTEMS OF OBJECTS OF CRITICAL INFRASTRUCTURE

V.V. Mokhor, S.F. Honchar

Èlektron. model. 2019, 41(6):

ABSTRACT

The concept of complex cyber security risk of information systems of critical infrastructure objects is substantiated. The vector risk model and the integrated risk model are proposed. The methods of calculation of the total risk, complex risk are offered, the structural solutions of the computer systems are developed for the calculation of the total risk of cybersecurity of infor-mation systems of critical infrastructure objects using the proposed method.

KEYWORDS

risk, complex risk, vector risk model, complex risk model, objective risk, subjective risk.

REFERENCES

1. Eling, M. and Wirfs, J. (2019), “What are the actual costs of cyber risk events?”, European Journal of Operational Research, no. 272, pp. 1109-1119.
https://doi.org/10.1016/j.ejor.2018.07.021
2. Radanliev, P, Charles De Roure, D. and Nicolescu, R. (2018), “Future developments in cyber risk assessment for the internet of things”, Computers in Industry, no. 102, pp. 14-22.
https://doi.org/10.1016/j.compind.2018.08.002
3. Sheehan, B, Murphy, F, Mullins, M. and Ryan, C. (2019), “Connected and autonomous vehicles: A cyber-risk classification framework”, Transportation Research Part A: Policy and Practice, no. 124, pp. 523-536.
https://doi.org/10.1016/j.tra.2018.06.033
4. Renaud, K., Flowerday, S. and Warkentin, M. (2018), “Is the responsibilization of the cyber security risk reasonable and judicious?”, Computers & Security, no. 78. pp. 198-211.
https://doi.org/10.1016/j.cose.2018.06.006
5. Ruan, K. (2019), “Cyber Risk Measurement in the Hyperconnected World”, Digital Asset Valuation and Cyber Risk Management, Chapter 4, pp. 75-86.
https://doi.org/10.1016/B978-0-12-812158-0.00004-1
6. Stine, I., Rice M., Dunlap, S. and Pecarina, J. (2017), “A cyber risk scoring system for medical devices”, International Journal of Critical Infrastructure Protection, no. 19, pp. 32-46.
https://doi.org/10.1016/j.ijcip.2017.04.001
7. Shaun, S.W. (2019), “Integrated framework for information security investment and cyber insurance”, Pacific-Basin Finance Journal, no. 57. pp. 101-173.
https://doi.org/10.1016/j.pacfin.2019.101173
8. Tianlei, Z., Shibin, G. and Baoxu, L. (2019), “Integrated fault propagation model based vulnerability assessment of the electrical cyber-physical system under cyberattacks”, Reliability Engineering & System Safety, no. 189, pp. 232-241.
https://doi.org/10.1016/j.ress.2019.04.024
9. Akinrolabu, O., R.C. Nurse, J., Martin, A. and New, S. (2019), “Cyber risk assessment in cloud provider environments: Current models and future needs”, Computers & Security, no. 87. pp. 101-106.
https://doi.org/10.1016/j.cose.2019.101600
10. Boiko, A., Shendryk, V. and Boiko, O. (2019), “Information systems for supply chain management: uncertainties, risks and cyber security”, Procedia Computer Science, no. 149, pp. 65-70.
https://doi.org/10.1016/j.procs.2019.01.108
11. Mokhor, V., Gonchar, S. and Dybach, О. (2019), “Methods for the Total Risk Assessment of Cybersecurity of Critical Infrastructure Facilities”, Yaderna ta radiatsiyna bezpeka, no. 2, pp. 57-61.
https://doi.org/10.32918/nrs.2019.2(82).01
12. Mokhor, V. and Gonchar, S. (2019), “Research of Validity of Presentation of Risks by Vectors in the Euclide Space”, Elektronne modelyuvannya, Vol.41, no. 4, pp. 73-84.
https://doi.org/10.15407/emodel.41.04.073
13. Mokhor, V. and Gonchar, S. (2018), “The Idea of the Construction of the Algebra of Risks on the Basis of the Theory of Complex Numbers”, Elektronne modelyuvannya, Vol. 40, no. 4, pp. 107-111.
https://doi.org/10.15407/emodel.40.04.107

Full text: PDF