Translate 
Abstract
Modern trends in the decentralization and branching of systems that process, store, and transmit information enhance system resilience. Increasingly, technological systems and operational technologies rely on electronic communications from third-party operators and cyberspace. However, these trends introduce new cybersecurity challenges and contradictions. This article presents risk-informed approaches to designing and modernizing the topology of critical information infrastructure (CII). Such approaches involve making decisions and implementing security measures based on a thorough assessment of organizational risks. By evaluating the likelihood and impact of threats, vulnerabilities, and potential consequences, resources are prioritized to achieve a balance between security, functionality, and cost-effectiveness. The recommendations focus on practices for assessing cybersecurity risks, particularly those arising from cyberattacks targeting external (cyberspace) connections of CII. They also emphasize enhancing the protection of critical information assets from such threats. Unlike general cybersecurity measures, these recommendations specifically address risks associated with CII’s cyberspace topology, providing additional or supplementary measures to existing procedures within the information security lifecycle.
Published Version
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
