2. Home
  3. ARCHIVE
  4. 2024
  5. VOL 46, NO 6 (2024)
  6. pp. 72-96

APPROACHES TO THE ANALYSIS OF SETS OF CYBER STATISTICS INDICATORS

M.M. Khydyntsev, V.Yu. Zubok, I.L. Palazhchenko

Èlektron. model. 2024, 46(6):72-96

https://doi.org/10.15407/emodel.46.06.072

ABSTRACT

The work is devoted to solving the urgent problem of assessing cybersecurity, the state of cyber defense, cyber resilience (cyber resilience) at the facility, sectoral, national and international levels by forming sets and analyzing cyber statistics data, which is gradually being separated into a special area of cybersecurity.

The terminological base for collecting and processing cyber statistics data was analyzed and developed as well as the existing and new approaches to the formation of sets of cyber statistics indicators were proposed. Existing practices (established practices, frameworks) in the field of cybersecurity are used to form a domain structure and a system of cyber statistics indicators. The structure of cyberstatistics data was developed by the structure of the organizational and technical model of cyber defense (2021) in the sectors of organizational and management infrastructure of cyber defense, at the levels of the technological infrastructure of cyber defense, as well as for elements of the basic infrastructure of cyber defense (including critical information infrastructure). The result of the study's testing was a draft methodology for collecting and processing cyber statistics, the development of which is envisaged by the Cybersecurity Strategy of Ukraine (2021).

KEYWORDS

cybersecurity, cyber statistics, cyber statistics data, indicator sets, and domain structure.

REFERENCES

  1. Cybersecurity Strategy of Ukraine.Decree of the President of UkraineAug 26, 2021, 447/2021 (2021). https://zakon.rada.gov.ua/laws/show/447/2021#Text
  2. Plan for the Implementation of the Cybersecurity Strategy of Ukraine. Decree of the President of Ukraine Feb 1, 2022, No. 37/2022(2022). https://zakon.rada.gov.ua/ laws/ show/37/2022#n5
  3. Top 15 Cybersecurity Metrics and KPIs for Better Security. https://cybertalents.com/blog/top-15-cybersecurity-metrics-and-kpis-for-better-security
  4. Tunggal A.T. 14 Cybersecurity Metrics + KPIs You Should Be Tracking in 2023. https://www.upguard.com/blog/cybersecurity-metrics
  5. Jonville P.-A. Top 20 Cybersecurity Metrics for Boards and Teams. https://mindflow.io/cybersecurity-metrics-for-the-board/
  6. Top 10 Cybersecurity Metrics and KPIs. https://www.mimecast.com/blog/top-10-cybersecurity-metrics-and-kpis/
  7. Computing Technology Industry Association (CompTIA). Watters E. Top 50 Cybersecurity Statistics, Figures and Facts. https://connect.comptia.org/blog/cyber-security-stats-facts
  8. ASTRA IT James N. 160 Cybersecurity Statistics. https://www>.getastra.com/blog/ security-audit/cyber-security-statistics/.
  9. net.Nick G. The most telling cyber security statistics in 2023. https://techjury.net/blog/cyber-security-statistics/#gref
  10. Marmoza, A.T. (2013). Theory of statistics. Center of Educational Literature.
  11. Khudyntsev, M.M., Zhilin, A.V., Davidyuk, A.V. (2021). Global indices of cybersecurity: overview and methods of formation (Global report / Catalogue). International Cybersecurity University, G.E. Pukhov Institute for Modelling in Energy Engineering.
  12. Davidyuk, A., Zubok, V., Khokhlacheva, Yu., Khudyntsev, M., Komarov, M. (2023). Cyberstatistics in Ukraine. Current state. Cybersecurity and protection of critical information infrastructure. Ukrainian Scientific Journal of Information Security, 29(2), 53-
  13. National Institute of Standards and Technology. (2007). Recommendations of the National Institute of Standards and Technology. Guide to Secure Web Services (NIST Special Publication 800-95).
  14. Some issues of response by cyber security entities to various types of events in cyberspace. Decree of the Cabinet of Ministers of Ukraine, Apr. 4,2023, No. 299 (2023). https://zakon.rada.gov.ua/laws/show/299-2023-%D0%BF#Text
  15. On the approval of Methodological recommendations regarding the response of cyber security entities to various types of events in cyberspace. Order of the Administration of the State Service for Special Communications and Information Protection of Ukraine, July 3, 2023, No. 570 (2023). https://cip.gov.ua/ua/news/nakaz-administraciyi-derzhspeczv-yazku- vid-03-07-2023-570-pro-zatverdzhennya-metodichnikh-rekomendacii-shodo-reaguvannya- sub-yektami-zabezpechennya-kiberbezpeki-na-rizni-vidi-podii-u-kiberprostori
  16. Methodological recommendations for increasing the level of cyber protection of critical information infrastructure. Order of the Administration of the State Service for Special Communications and Information Protection of Ukraine, Nov 6, 2021, No. 601 (2021). https://cip.gov.ua/ua/news/nakaz-ad-2021-10-06-601
  17. National Institute of Standards and Technology. (2006). Minimum Security Requirements for Federal Information and Information Systems (NIST FIPS PUB 200).
  18. Committee on National Security Systems. (2015). Committee on National Security Systems (CNSS) Glossary (CNSSI No. 4009).
  19. The procedure for conducting a review of the state of cyber protection of critical information infrastructure, state information resources and information, the requirement for the protection of which is established by law. Resolution of the Cabinet of Ministers of Ukraine, 11.11.2020, No. 1176 (2020). https://zakon.rada.gov.ua/laws/show/1176-2020-%D0%BF#Text
  20. State Cyber Protection Center of the State Service for Special Communications and Information Protection of Ukraine. (2021). Report on the work of the system for detecting vulnerabilities and responding to cyber incidents and cyber attacks (TLP:WHITE).
  21. Khudyntsev, M. (2022). Cybersecurity Indices: Review and Classification. M. Khu-dyntsev, A. Davydiuk, O. Lebid, O. Trofymchuk, A. Zhylin. Workshop on Cybersecurity Providing in Information and Telecommunication Systems (CPITS 2021-2): Proceedings of Selected Papers (p.117-126). CEUR Workshop Proceedings. https://ceur-ws.org/Vol-3187/paper11.pdf
  22. Khudyntsev M. (2022). Network Monitoring Index in the Information Security Management System of Critical Information Infrastructure Objects. M.Khudyntsev, O. Lebid, M. Bychenok, A. Zhylin, A. Davydiuk. Information and Communication Technologies and Sustainable Development. ICT&SD 2022. Lecture Notes in Networks and Systems (Ed. by Dovgyi S., Trofymchuk O., Ustimenko V., Globa L., vol.809, p.270-290). Springer https://link.springer.com/chapter/10.1007/978-3-031-46880-3_17
  23. Forum of Incident Response and Security Teams. (2019). Computer Security Incident Response Team (CSIRT) Services Framework (Version 2.1.0.)(CSIRT SF 2.1.0.). https://www.first.org/standards/frameworks/csirts/FIRST_CSIRT_Services_Framework_v2.1.0_bugfix1.pdf
  24. S. Department of Homeland Security, U.S. Customs and Border Protection.Indicators of Compromise and Other Cyber Incident Reporting Guidance. https://www.cbp.gov/sites/default/files/assets/documents/2024-Mar/For%20Pub%20508%20IOC%20Slick%20 Sheet_PBRB%203526-0124.pdf
  25. Cyber Threat Alliance Institute for Security and Technology Chainalysis Ciphertrace. Cyber Incident Reporting Framework. https://www.cyberthreatalliance.org/wp-content/uploads/2023/04/Cyber-Incident-Reporting-Framework-Global-Edition.pdf.
  26. Meland, P.H., Tokas, S., Erdogan, G., Bernsmed, K., Omerovic, A.A. (2021). Systematic Mapping Study on Cybersecurity Indicator Data. Electronics, 10. 1092.
    https://doi.org/10.3390/electronics10091092
  27. National Institute of Standards and Technology.Quinn, S, Barrett, M, Ivy, N, Feldman, L, Gardner, R.K. (2022). Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management
    https://doi.org/10.6028/NIST.IR.8286A
  28. McKinsey & Company.Boehm, J., Curcio, N., Merrath, P., Shenton, L., Stähle, T. Risk Practice: The risk-based approach to cybersecurity. https://www.mckinsey.com/~/media/ McKinsey/Business%20Functions/Risk/Our%20Insights/The%20risk%20based%20approach %20to%20cybersecurity/The-risk-based-approach-to- cybersecurity.pdf
  29. European Telecommunications Standards Institute. (2015). Information Security Indicators (ISI); Event Model. A security event classification model and taxonomy. V.1.2.1(ETSI GS ISI 002).
  30. International Electrotechnical Commission. (2016). Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation. International Standard (ISO/IEC 27004:2016(E)).
  31. National Institute of Standards and Technology. (2024). Cybersecurity Framework (CSF). Version 2.0.(NIST CSF 2.0).
  32. S. Department of Energy, Office of Cybersecurity. (2022). Cybersecurity Capability Maturity Model. Version 2.1. (C2M2 2.1).
  33. S. Department of Energy, Office of Cybersecurity. (2022). Cybersecurity Capability Maturity Model. PDF-Based Tool User Guide (C2M2 2.1. Tool).
  34. Carnegie Mellon University, Institute for Software Development. (2010). CMMI for development. Improving processes to develop better products and services. CMMI-DEV Technical Report.Version 1.3. (CMU/SEI-2010-TR-033).
  35. S. Department of Homeland Security. (2014). Cybersecurity Capability Maturity Model White Paper. Version 1.0. (C2M2 WP 1.0).
  36. Spruit, M., Roeling, M. (2014). ISFAM: The Information Security Focus Area Maturity Researchgate.net. https://www.researchgate.net/publication/288134391_ISFAM_The_ information_security_focus_area_maturity_model
  37. Cybersecurity and Infrastructure Security Agency Cybersecurity Division. (2023). Zero Trust Maturity Model. Version 2.0. (CISA ZTMM 2.0).
  38. European Union Agency for Cybersecurity. (2022). CSIRT Maturity Framework Update Final (TLP WHITE) (ENISA MF TLP WHITE).
  39. Methodological recommendations for the design of statistical methodology. Order of the State Statistics Service, Dec. 28, 2020, No. 361 (2020). https://ukrstat.gov.ua/norm_doc/2022/68/mp_68.pdf
  40. On the main principles of ensuring cyber security of Ukraine. Law of Ukraine, Oct. 5, 2017, No. 2163-VIII (2017). https://zakon.rada.gov.ua/laws/show/2163-19#Text

Full text: PDF