Consequence evaluation model of leak the state secret from cyberattack directing on critical information infrastructure of the state

Abstract

Today, more and more attention is paying on cybersecurity of critical information infrastructure by leading world state. Ukraine, which has critical infrastructure facilities in information and telecommunication systems of which the information that constitutes a state secret information, is not an exception. Extensive use of modern information and telecommunication technologies in critical infrastructure objects leading a lot of new vulnerabilities and potential cyberattacks. Therefore, the negative consequences for national security in case of a leak the state secret should be evaluated. Well-known approach allows to determine the damage from disclosure or loss of state secret in the score equivalent as well as monetary value, but only on one subject of regime-secret activity without taking into account the information and telecommunication system. Consequently, the question remains about the assessment of the negative consequences of the leakage of information with limited access from cyberattacks to information and telecommunication systems for a complex of critical infrastructure in a given rayon or for the state as a whole. In view of this, was developed the consequence evaluation model of leak the state secret from cyberattack directing on critical information infrastructure of the state which take into account the determined numerous of potential violation, typical threats, secrecy degree, a set of information constituting state secrets, indicators of economic damage, severe consequences and others (included in the corresponding list), affording to create the method of evaluating negative consequences of SS from cyberattacks to the critical information infrastructure of the state.