cyber security, cyber resilience, critical infrastructure, information protection, cyberattack, cyberrisks, cyberthreat, cyberincidents


Due to the increase in the number of cyber-attacks and incidents on critical infrastructure facilities, specialists face the problem of improving the effectiveness of security measures that will be able to ensure reliable and uninterrupted operation of critical infrastructure facilities as a whole. Therefore, the concepts of cyber resilience, cyber resilience management, cyber resilience provision, and cyber resilience assessment are gaining further relevance. The concept of cyber resilience, in addition to security, includes a number of tasks and processes related to information technology (e.g., backup and recovery after failures) and brand protection. Moreover, the issue of stability and continuity of services in this concept refers both to the company itself and to external contractors who provide such services. The prerequisite for the emergence of cyber resilience as a direction of corporate cyber security was the acceptance by companies of the fact that a cyber-attack is inevitable. The concept of cyber resilience also includes the ability to prepare for an attack, ensure effective operations and countermeasures during an attack, and reduce the possible consequences of an attack on a company. It is important for enterprises to assess the cyber resilience of their critical infrastructures to plan investments that enable them to provide the required level of cyber resilience. However, in order to implement the evaluation process, it is necessary to clearly understand what is behind this concept. Therefore, the analysis of the concept of cyber resilience of critical infrastructure is an urgent task. The purpose of the article is to analyse the concept of cyber resilience for critical information infrastructures. To achieve this goal, it is necessary to define a set of criteria characterizing the concept of cyber resilience. This will make it possible to formulate definitions of "cyber resilience" for its further use in solving the tasks of cyber security and information protection. The article analyses the concept of cyber resilience, which is based on the formed set of criteria consisting of 31 components. This makes it possible to formulate definitions related to cyber resilience for its further use in solving cybersecurity and information protection problems. Based on the subsequent definition of the concept of cyber resilience, it is possible, for example, to develop methods and models for assessing its level.


SPILNO [Electronic resource] of access:// https: // /article/kiberstiikist-sc¬ho-tse-yak-zabezpechyty-ta-yak-upravlyaty //(date of access: 20.12.2023).

INTRACOM-UKRAINE [Electronic resource] of access:// https:// of access: 20.12.2023).

EGA [Electronic resource] Mode of access:// of access: 20.12.2023).

ПЛАТФОРМА ЛІГА:ЗАКОН [Electronic resource] of access: //https:// / document / TM065903 / (date of access: 20.12.2023).

Онищенко С.В., Глушко А.Д., Маслій О.А. Кібе-рстійкість як основа національної безпеки Украї-ни / Innovations and prospects of world science : Proceedings of XI International Scientific and Practical Conference, Vancouver, Canada, 22-24 June 2022. Vancouver: Perfect Publishing, 2022. С. 551-556.

ts2 [Electronic resource] // Mode of ac-cess:// %D0%B1%D0%B5%D1%80%D1%81%D1%82%D1%96%D0%B9%D0%BA%D1%96%D1%81%D1%82%D1%8C//(date of access: 20.12.2023).

Мальцева І. Р., Черниш Ю. О., Овсянніков В. В. Аналіз методик оцінки кіберстійкості критичної інфраструктури. Кібербезпека: освіта, наука, тех-ніка :електронне наукове видання. 2021. N 12. С. 29-35. Режим доступу: of access: 20.12.2023).

ECB [Electronic resource] Mode of access:// resilience%20refers%20to%20the,case%20of%20a%20successful%20attack//(date of access: 20.12.2023).

NIST [Electronic resource] of access: // https: // / glossary/term/ cy¬ber_resiliency//(date of access: 20.12.2023).

Спеціальна публікація NIST 800-53В "NIST Cybersecurity Framework [Electronic resource] // Mode of access: //https://csrc.nist. gov/projects/cprt/catalog#/cprt/framework/version/ SP_800_53_5_1_1 /home// (date of access: 20. 12.2023).

SPLUNK [Electronic resource] // Mode of access:// learn/ cyber-resilience.html // (date of access: 20.12. 2023).

itgovernance [Electronic resource] itgovernance. //Mode of access: // https: // of access: 20.12.2023).

CISCO [Electronic resource] of access: // https: // / c / en / us/ solutions/hybrid-work/what-is-cyber-resilience.html // (date of access: 20.12.2023).

PNNL [Electronic resource] of access://https: // /explainer-articles/ cyber-resilience(date of access: 20.12.2023).

MIMECAST [Electronic resource] Mode of access:// of access: 20.12.2023).

SPRINGER LINK [Electronic resource] link. Mode of access: // https:// link. //(date of access: 20.12.2023).

Deborah, B., Graubart, R. (2011), “Cyber Resiliency Engineering Framework”, MITRE Report, p. 37.

COHESITY [Electronic resource] Mode of access:// of access: 20.12.2023).

THALESGROUP [Electronic resource] // Mode of access:// of access: 20. 12.2023).

FSB [Electronic resource] // Mode of ac-cess:// of access: 20.12.2023).

DELOITTE [Electronic resource] // Mode of access: // ru/ en/pages/risk/solutions/cyberresilience.html//(date of access: 20.12.2023).

ISO/IEC 27032:2012 [Electronic resource] //Mode of access:// (date of access: 20.12.2023).

ENISA [Electronic resource] enisa.europa // Mode of access:// (date of access: 20. 12.2023).

CyberResilienceReview [Electronic resource] //Mode of access:// / cyber-resilience-review-crr (date of access: 20.12.2023).

Шиповський В. Система показників оцінювання кіберстійкості інформаційних систем об’єктів критичної інфраструктури. Захист Інформації, Том 25, № 1, Січень-Березень 2023. С. 37-45.

Juan F. Carías, SaioaArrizabalaga, LeireLabaka and JosuneHernantes. Cyber Resilience Progression Model. Applied Scitnces. 2020. Vol.10(21), 7393.

R.S. Ross, R. Graubart, D. Bodeau, R. McQuaid, SystemsSecurityEngineering: CyberResiliencyCon-siderationsfortheEngineeringofTrustworthySecureSystems. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-160, 2019, Vol. 2. // Mode of access://https: // (date of access: 20.12.2023).

Brian West. Data Breach Preparation and Response. Breaches Are Certain, Impact Is Not. 2016, pp. 167-185. //Mode of access:// B978-0-12-803451-4.00007-1 (date of access: 20.12. 2023).

Benoît Dupont, Clifford Shearinga, Marilyne Bernier, Rutger Leukfeldt. The tensions of cyber-resilience: From sensemaking to practice. Computers & Securi-ty Volume 132, September 2023, 103372//Mode of access: // https:// //(date of ac-cess: 20.12.2023).

Carlos Espinoza-Zelaya, Young Bai Moon. Frame-work for enhancing the operational resilience of cyber-manufacturing systems against cyber-attacks. Manufacturing Letters. Volume 35, Supplement, Au-gust 2023, pp 843-850. //Mode of access: //https: // / 10.1016/j.mfglet.2023.07.004// (date of access: 20.12.2023).

UPGUARD [Electronic resource] Mode of access:// cyber-resilience//(date of access: 20.12.2023).

ZERTO [Electronic resource] //Mode of access:// (date of access: 20.12.2023).

DRUVA [Electronic resource] //Mode of access:// of access: 20.12.2023).

TECHTARGET [Electronic resource] techtarget. com // Mode of access: // https: //www.techtarget. com/whatis / definition / cyber-resilience // (date of access: 20.12.2023).

MICROSOFT [Electronic resource] // Mode of access:// uk-ua /security / business/ microsoft-digital-defense-report-2022-cyber-resilience (date of access: 20.12. 2023).