Adaptive Approach to Responding to Cyber Resilience Breaches of Critical Infrastructure Facilities

Abstract

Cyberattacks on critical infrastructure during modern full-scale war have become an integral aspect of pressure on distribution systems and one of the key components of direct military action. In particular, recent attacks in cyberspace are aimed not only at damaging individual local subsystems, but also at destabilising internal processes in the country by affecting energy companies and divisions, water supply networks, financial institutions and other vital facilities. That is why the issue of quantitative assessment of cyber resilience, specifically the ability of a system/enterprise to withstand a certain negative impact and recover to an acceptable functional state in the future, remains relevant. At the same time, it is also important to understand the precise structure and hierarchy of the criticality of such cyber incidents, since, as recent events have shown, they can be of a completely different nature, depending on the field or sector of the state. Thus, the paper analysed the largest existing frameworks and systems for assessing cyber resilience, specifically from the point of view of quantitative rather than qualitative assessment. The paper described the inadequacy of traditional qualitative assessment methods and justified the need to introduce quantitative metrics that allow assessing the level of cyber resilience, modelling and evaluating potential losses. The paper analysed modern approaches to quantitative assessment of cyber resilience, their applicability in the Ukrainian energy sector and proposed a classification of cyber incidents by criticality, response procedure and potential areas of damage