Introduction: in the design of information security systems importance is the modeling of security threats, which implies the definition of a list of software threats to the information system, on the basis of which decisions are made to neutralize actual threats. Today the number of urgent threats to information security is increasing, due to the complexity of the infrastructure, information processing technologies, and unprotected communication channels. In this regard, the goal is to simulate security threats in geographically distributed information systems. The analysis of foreign and Russian methodologies for threat modeling showed problems associated with a large amount of data for modeling, as well as expert methods. It has been established that to solve the problem posed use machine learning methods, the theory of adaptive fuzzy neural production systems with fuzzy inference algorithms and the use of Data Science technologies when processing large amounts of data. The paper uses such data protection methods as data protection tools, based on fuzzy neural security systems, it is proposed to determine the actual threats to information security. The proposed methodology is automated and hypothetically eliminates expert errors, increases the number of frequently used topical threats to information security, reduces financial costs for the purchase of information security tools, differs in that the process is automated, has low computational complexity, there is no need attracting highly qualified specialists, allows you to determine the list of actual threats in systems of various types and classes, can be adapted to work with databases. The practical significance lies in the automation of the process — the development of a computer program that implements the proposed methodology. Discussion: further research is advisable to continue determining the best parameters of adaptive fuzzy neural production systems and fuzzy inference algorithms.