Безопасность информационных технологий (Dec 2020)

Features of the risk-based approach to ensure cyber security of industrial facilities

  • Sergey E. Pareve,
  • Dmitry I. Pravikov,
  • Vladimir G. Karataev

DOI
https://doi.org/10.26583/bit.2020.4.04
Journal volume & issue
Vol. 27, no. 4
pp. 37 – 52

Abstract

Read online

We analyze a relationship between the concept of "security" and derived concepts. The objective scientific and practical need for scientific and regulatory consolidation of the term "cybersecurity" is highlighted, and its definition is given. As a result of the analysis of promising approaches to security, the risk-based approach remains relevant. At the same time, expert methods based on possible damage will be considered as methods for assessing cybersecurity risks in the near future. It is concluded that it is necessary to develop tools for automating cybersecurity risk assessment when using engineering calculation methods cyberPHA, Security PHA Review, and others. In academic terms, the most priority area of research remains the problem of modeling and developing models for calculating the probability of occurrence of cybersecurity risks in cyberphysical systems.

Keywords