Method for Managing IT Incidents in Critical Information Infrastructure Facilities - volodymyr-sokolov/publications GitHub Wiki
Conference Paper
Sergiy Gnatyuk 
,
Viktoria Sydorenko ,
Artem Polozhentsev ,
Volodymyr Sokolov
Protecting Critical Information Infrastructure (CII) is essential in today’s digitized world, where the growing number of cyber threats poses significant risks to national security, the economy, and public safety. CII includes vital sectors such as energy, transport, finance, and healthcare. Disruptions to these systems can have serious consequences, requiring effective identification, assessment, and management of IT threats. Despite the importance of IT security to CII, existing methods for managing IT threats remain underdeveloped. This paper presents a novel method for IT incident management in CII, combining the STRIDE model and TODIM multi-criteria decision-making. The method is designed to identify, assess, and prioritize threats, taking into account the criticality of CII objects at different levels. Through experimental validation, this method demonstrates its ability to improve CII security by providing a systematic approach to prioritizing and managing IT threats. This study provides a practical solution for improving CII protection against evolving cyber risks.
critical information infrastructure facilities; critical infrastructure; cybersecurity; incident management; STRIDE; TODIM
Air Navigation; Pilotless Aircraft; Antenna
2024 Cybersecurity Providing in Information and Telecommunication Systems II (CPITS-II)
26 October 2024 
Kyiv, Ukraine
First Online: 9 November 2024
-
ISSN: 1613-0073
-
EID: 2-s2.0-85210245160
-
DBLP: conf/cpits/GnatyukSPS24
-
KUBG: 50181
Gnatyuk, S., Sydorenko, V., Polozhentsev, A., & Sokolov, V. (2024). Method for Managing IT Incidents in Critical Information Infrastructure Facilities. In Cybersecurity Providing in Information and Telecommunication Systems II (Vol. 3826, pp. 326–333).
S. Gnatyuk, V. Sydorenko, A. Polozhentsev, and V. Sokolov, “Method for Managing IT Incidents in Critical Information Infrastructure Facilities,” Cybersecurity Providing in Information and Telecommunication Systems II, vol. 3826, pp. 326–333, 2024.
S. Gnatyuk, et al., Method for Managing IT Incidents in Critical Information Infrastructure Facilities, in: Cybersecurity Providing in Information and Telecommunication Systems II, vol. 3826 (2024) 326–333.