Problems and prospects of implementing assessment of the level of maturity of cyber security processes of critical infrastructure objects of the energy sector of Ukraine in accordance with the NIST Cybersecurity Framework

M.M. Chaikin, PhD student
G.E. Pukhov Institute for Modeling in Energy Engineering
National Academy of Sciences of Ukraine
Ukraine, 03164, Kyiv, Str. General Naumov 15
e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

Èlektron. model. 2023, 45(5):81-88

https://doi.org/10.15407/emodel.45.05.081

ABSTRACT

Existing problems regarding compliance with requirements in the field of cyber security of Ukraine's critical infrastructure in the energy sector, prospects for the implementation of the NIST Cybersecurity Framework and ways to solve the identified problems are described. The Ukrainian legislative framework was analyzed and compared with European and American practices, and the issue of compliance with the requirements of the legislation of various jurisdictions was determined.

KEYWORDS

information security, information security standards, cybersecurity, critical infrastructure.

REFERENCES

  1. Putin’s Asymmetric Assault on Democracy in Russia and Europe: Implications for U.S. National Security. A Minority Staff Report Prepared for the Use of the Committee on Foreign Relations United States Senate, One Hundred Fifteenth Congress, Second Session, URL: https://www.hsdl.org/?view&did=806949 (Application date: May 15, 2023).
  2. Russia’s war on Ukraine spotlights critical energy infrastructure. EnergyMonitor. Anna Gumbau, MA degree in International Relations from the Universitat Autònoma de Barcelona, URL: https://www.energymonitor.ai/tech/networks-grids/russias-war-on-ukraine-spotlights-critical-energy-infrastructure (Application date: May 15, 2023).
  3. A year of devastating cyber attacks in Ukraine: how threats attacked users and organizations, URL: https://www.eset.com/ua/about/newsroom/press-releases/malware/god-razrushitelnykh-kiberatak-v-ukraine-kak-ugrozy-atakovali-polzovateley-i-organizatsii/ (Application date: May 15, 2023).
  4. Law of Ukraine On the Basic Principles of Cybersecurity in Ukraine, URL: https://zakon.rada.gov.ua/laws/show/2163-19?lang=en#Text (Application date: May 15, 2023).
  5. Law of Ukraine On information protection in information and communication systems, URL: https://zakon.rada.gov.ua/laws/show/80/94-вр?lang=en#Text (Application date: May 15, 2023).
  6. Resolution of the Cabinet of Ministers of Ukraine On Approval of General Requirements for Cyber Protection of Critical Infrastructure Objects, URL: https://zakon.rgov.ua/laws/show/518-2019-п?lang=en#Text (Application date: May 15, 2023).
  7. Law of Ukraine On Critical Infrastructure, URL: https://zakon.rada.gov.ua/laws/show/1882-20#Text (Application date: May 15, 2023).
  8. Order No. 601 dated October 6, 2021 of Administration of the State Service for Special Communications and Information Protection of Ukraine "Methodical recommendations on increasing the level of cyber protection of critical information infrastructure", URL: https://cip.gov.ua/ua/news/nakaz-ad-2021-10-06-601 (Application date: May 15, 2023).
  9. NIST Cybersecurity Framework, URL: https://www.nist.gov/cyberframework (Application date: May 15, 2023).
    https://doi.org/10.6028/NIST.CSWP.29.ipd
  10. Resolution of the Cabinet of Ministers of Ukraine "Some issues of conducting an independent audit of information security at critical infrastructure facilities", URL: https://kmu.gov.ua/npas/deiaki-pytannia-provedennia-nezalezhnoho-audytu-informatsiinoi-bezpeky- na-s257-240323 (Application date: May 15, 2023).
  11. Regulation (EU) 2019/943 of the European Parliament and of the Council of 5 June 2019 on the internal market for electricity (recast), URL: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019R0943&from=EN (Application date: May 15, 2023).
  12. Network Code on Cybersecurity Drafting Status, URL: https://www.entsoe.eu/network_codes/nccs/ (Application date: May 15, 2023).

Full text: PDF