Decision-making process model for cybersecurity protection of critical infrastructure objects under the hybrid threats influence
Abstract
Purpose: is to develop a model and mathematical framework for the decision-making process regarding the cybersecurity of information systems of critical infrastructure objects, taking into account the properties and requirements of objects that have strategic importance for the state.
Method: is based on a comprehensive approach that combines analysis of contemporary information sources, expertise, and analytical data from leading cybersecurity professionals, as well as linear mathematical modeling.
Theoretical implications: include proposing an adapted decision-making model for protecting critical infrastructure from hybrid threats by integrating frameworks and emphasizing adaptability, it enhances the understanding of decision-making processes in cybersecurity.
Practical consequences. It represents an innovative decision-making model aimed at protecting critical infrastructure and enabling rapid response to cyber threats. It combines the frameworks of existing models, the OODA (Observe, Orient, Decide, Act) loop and PDCR (Plan, Do, Check, React), widely applied in cybersecurity across various industries. This adaptive model allows for observation, analysis, and response to emerging cyber risks, ensuring the necessary level of cyber resilience. The developed model provides a practical tool for safeguarding critical infrastructure and minimizing damage in a growing threat landscape
Paper type: theoretical.
Downloads
References
Election Security Spotlight – Defense in Depth (DiD). (2022). Retrieved from https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-defense-in-depth-did
Risk Management Framework (RMF). (2018). Available from : https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF
The Cyber Kill Chain (CKC) Explained. (2015). Available from : https://heimdalsecurity.com/blog/cyber-kill-chain-model/
What is the plan-do-check-act (PDCA) cycle? (2018). Available from : https://asq.org/quality-resources/pdca-cycle
How to use the OODA loop to improve network security. (2021). Available from : https://www.techtarget.com/searchsecurity/tip/How-to-use-the-OODA-loop-to-improve-network-security
Integrated Sensing and Decision Support. Kenneth Senne, Gary Condon. (2007). Available from : https://www.researchgate.net/publication/270218307_Integrated_Sensing_and_Decision_Support
The Importance of the PDCA Cycle in Driving Continuous Improvement in Organizations. Qualityze. (2013) Available from : https://www.qualityze.com/pdca-cycle-for-continuous-improvement-in-organizations/
The System of Cybersecurity in Ukraine: Principles, Actors, Challenges, Accomplishments. Lev Streltsov. European Journal for Security Research. (2017). Available from : https://heimdalsecurity.com/blog/cyber-kill-chain-model/
Abstract views: 866 PDF Downloads: 642
Copyright (c) 2023 Volodymyr Shypovskyi
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors agree with the following conditions:
1. Authors retain copyright and grant the journal right of first publication (Download agreement) with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
2. Authors have the right to complete individual additional agreements for the non-exclusive spreading of the journal’s published version of the work (for example, to post work in the electronic repository of the institution or to publish it as part of a monograph), with the reference to the first publication of the work in this journal.
3. Journal’s politics allows and encourages the placement on the Internet (for example, in the repositories of institutions, personal websites, SSRN, ResearchGate, MPRA, SSOAR, etc.) manuscript of the work by the authors, before and during the process of viewing it by this journal, because it can lead to a productive research discussion and positively affect the efficiency and dynamics of citing the published work (see The Effect of Open Access).
