FUNCTIONS OF THE INFORMATION SECURITY AND CYBERSECURITY SYSTEM OF CRITICAL INFORMATION INFRASTRUCTURE

• Published in: Kìberbezpeka. osvìta, nauka, tehnìka Vol. 3; no. 15; pp. 124 - 134
• Main Authors: Khlaponin, Yuri, Kozubtsova, Lesya, Kozubtsov, Igor, Shtonda, Roman
• Format: Journal Article
• Language: English
• Published: 2022
• ISSN: 2663-4023; 2663-4023
• DOI: 10.28925/2663-4023.2022.15.1241341

The subject of research in the scientific article is the system of Information Protection and cybersecurity of critical information infrastructure objects. An information security and cybersecurity system is a complex set of software, cryptographic, organizational, and other tools, methods, and measures designed to protect information and cybersecurity. Since the system of Information Protection and cybersecurity of critical information infrastructure facilities is relatively new, there is no single view on what functions this system should perform. As a result, the process of its formation and formation as a system continues. There was a need to define functions for further evaluation of the effectiveness of its functioning as a system. Evaluation is supposed to be carried out both in the process of creation, acceptance, and daily operation. Partial performance indicators are required to implement the procedure for evaluating the effectiveness of the information security system and cybersecurity of critical information infrastructure facilities. Using these indicators, it is possible to characterize the degree of achievement of the system's tasks assigned to it. The following performance indicators are proposed according to the functions: ID identification of cybersecurity risks; PR Cyber Defense; DE detection of cyber incidents; RS response to cyber incidents; RC restoration of the state of cybersecurity. The scientific novelty of the obtained result lies in the fact that Universal functions are proposed that the information security and cybersecurity system should implement at critical information infrastructure facilities. The presented study does not exhaust all aspects of this problem. The theoretical results obtained in the course of scientific research form the basis for further justification of indicators and criteria for evaluating the effectiveness of the information security and cybersecurity system.