The article presents a comprehensive methodology for predicting data breaches and assessing the potential risks of harmful effects on critical information infrastructure, using the example of the transport industry. Statistical data on the number of restricted access data leaks in Russia from 2013 to 2022 are analyzed. Within the study, several numerical forecasting methods are compared: linear regression, moving average smoothing, and exponential smoothing. Linear regression was found to be the most accurate method for predicting restricted access data leaks in the transport sector for 2024 to 2028. Additionally, a cognitive model is proposed that allows for assessing the likelihood of data breaches and their potential consequences, considering factors such as attack vectors, system vulnerabilities, user behavior, and implemented security measures. The combined approach, which combines numerical methods and cognitive modeling, provides a comprehensive view of cybersecurity risks. This allows for more accurate predictions and better-informed decisions. The study's results emphasize the importance of considering both technical and human aspects in improving cybersecurity, and offer recommendations for future research that could refine the cognitive model by involving experts from not only the technical field, but also the economic and legal domains.