The Method for Identifying the Scope of Cyberattack Stages in Relation to Their Impact on Cyber-Sustainability Control over a System

Abstract

Industry X.0 is the new age of digitization, when information and communication systems are strongly linked to other systems and processes and are accessed remotely from anywhere at any time. The existing information systems’ security methods are ineffective because they should focus on and assess a broader range of factors in physical and digital spaces, especially because tactics of cybercrimes are always evolving and attackers are getting more inventive in searching for holes that might be exploited. To fight it, it is a need to be one step ahead of the attacker, including understanding the nature, stages and scope of the upcoming cyberattack. The objective of our research is to identify the impact of the scope of a cyberattack’s stages on the cyber resilience of an information and communication system, assessing the level of cybersecurity based on existing technical and operational measures. The research methodology includes a numerical simulation, an analytical comparison and experimental validation. The achieved results allow for the identification of up to 18 attack stages based on the aggregation of technical and organizational security metrics and detection sources. The analytical comparison proved the proposed method to be 13% more effective in identifying the stage of a cyberattack and its scope. Based on this research, the extensive scoping flexibility of the proposed method will enable additional control measures and methods that would reduce the impact of an attack on the robustness while increasing the cyber-sustainability of a system.