Decision-making process model for cybersecurity protection of critical infrastructure objects under the hybrid threats influence

Abstract

Purpose: is to develop a model and mathematical framework for the decision-making process regarding the cybersecurity of information systems of critical infrastructure objects, taking into account the properties and requirements of objects that have strategic importance for the state. Method: is based on a comprehensive approach that combines analysis of contemporary information sources, expertise, and analytical data from leading cybersecurity professionals, as well as linear mathematical modeling. Theoretical implications: include proposing an adapted decision-making model for protecting critical infrastructure from hybrid threats by integrating frameworks and emphasizing adaptability, it enhances the understanding of decision-making processes in cybersecurity. Practical consequences. It represents an innovative decision-making model aimed at protecting critical infrastructure and enabling rapid response to cyber threats. It combines the frameworks of existing models, the OODA (Observe, Orient, Decide, Act) loop and PDCR (Plan, Do, Check, React), widely applied in cybersecurity across various industries. This adaptive model allows for observation, analysis, and response to emerging cyber risks, ensuring the necessary level of cyber resilience. The developed model provides a practical tool for safeguarding critical infrastructure and minimizing damage in a growing threat landscape Paper type: theoretical.