METHOD OF ENSURING RESILIENCE OF CORPORATE INFORMATION SYSTEMS TO COMPLEX CYBER THREATS

Abstract

The article proposes a practical method for ensuring the resilience of corporate information systems to complex cyber threats in modern digital environments. The proposed approach is based on the integration of four interconnected operational circuits: multi-source security event monitoring, real-time risk assessment, adaptive incident response, and managed service recovery. The combination of these components makes it possible to form an integrated cyber resilience management framework that supports the continuous functioning of information systems even under conditions of intensive cyber threat exposure. Within the study, a mathematical model for integrated resilience assessment of a corporate information system is developed. The model takes into account threat characteristics, the current state of the protection mechanisms, the time parameters of incident detection, and service recovery processes. In addition, a reference architecture and execution algorithms for implementing the proposed method in practical information and communication infrastructures are presented.

The results of the study demonstrate that the implementation of the proposed approach reduces the average detection and recovery time for cyber incidents and significantly improves the overall system resilience index. An important advantage of the method is the possibility of quantitative assessment of the processes occurring within the protected corporate information system. This capability enables a higher level of formalization of security management processes and improves the justification of decision-making in cybersecurity management. The developed models and methods can be effectively applied for high-level formalization of operational processes of corporate information systems in production enterprises, social institutions, transport facilities, shopping centers, and other organizations where the continuity and reliability of information infrastructure are critically important.

Furthermore, the proposed models and methods can be successfully used in planning and selecting countermeasures against cyber threats within organizational networks. The validity of the proposed approach is justified by the correctness of the initial assumptions, the consistency of the modeling results with general principles of complex information system functioning, and the possibility of practical implementation within modern cybersecurity management frameworks.