Modern cyber systems acquire more emergent system properties, as far as their complexity increases: cyber resilience, controllability, self-organization, proactive cyber security and adaptability. Each of the listed properties is the subject of the cybernetics research and each subsequent feature makes sense only if there is a previous one.
Cyber resilience is the most important feature of any cyber system, especially during the transition to the sixth technological stage and related Industry 4.0 technologies: Artificial Intelligence (AI), Cloud and foggy computing, 5G +, IoT/IIoT, Big Data and ETL, Q-computing, Blockchain, VR/AR, etc. We should even consider the cyber resilience as a primary one, because the mentioned systems cannot exist without it. Indeed, without the sustainable formation made of the interconnected components of the critical information infrastructure, it does not make sense to discuss the existence of 4.0 Industry cyber-systems. In case when the cyber security of these systems is mainly focused on the assessment of the incidents' probability and prevention of possible security threats, the cyber resilience is mainly aimed at preserving the targeted behavior and cyber systems' performance under the conditions of known (about 45 %) as well as unknown (the remaining 55 %) cyber attacks.
This monograph shows that modern Industry 4.0. Cyber systems do not have the required cyber resilience for targeted performance under heterogeneous mass intruder cyber-attacks. The main reasons include a high cyber system structural and functional complexity, a potential danger of existing vulnerabilities and “sleep” hardware and software tabs, as well as an inadequate efficiency of modern models, methods, and tools to ensure cyber security, reliability, response and recovery. A new formulation of the cyber resilience problem under heterogeneous mass cyber-attacks is proposed, in which the cyber system performance recovery in destructive software impacts prevents significant or catastrophic consequences. Here, the idea of ensuring the cyber resilience is to give the cyber systems the ability to develop immunity to disturbances of the computational processes under destructive influences, by analogy with the immune system protecting a living organism.
The book contains three chapters, devoted to the following topics:
- Development of the Cyber Resilience Management Concept of modern technological platforms and cyber-systems of 4.0 Industry;
- Development of a corporate cyber risk management methodology;
- Technical implementation of the corporate program of business sustainability management based on the best practices (standards).
Author Biography:
Sergei Petrenko was born in 1968 in Kaliningrad (the Baltic). In 1991 he graduated with honors from the Leningrad State University with a degree in mathematics and engineering. In 1997 - adjuncture and 2003 doctorate. The designer of information security systems of critical information objects: - Three national Centers for Monitoring Information Security Threats and two Situational-Crisis Centers (RCCs) of domestic state; - Three operators of special information security services MSSP (Man- aged Security Service Provider) and MDR (Managed Detection and Response Services) and two virtual trusted communication operators MVNO; - More than 10 State and corporate segments of the System for Detec- tion, Prevention and Elimination of the Effects of Computer Attacks (SOPCA) and the System for Detection and Prevention of Computer Attacks (SPOCA); - Five monitoring centers for information security threats and respond- ing to information security incidents CERT (Computer Emergency Response Team) and CSIRT (Computer Security Incident Response Team) and two industrial CERT industrial Internet IIoT/IoT. Head of the State Scientific School "Mathematical and Software Support of Critical Objects of the Russian Federation".Expert of the Section on Information Security Problems of the Scientific Council under the Security Council of the Russian Federation. Scientific editor of the magazine "Inside. Data protection". Doctor of Technical Sciences, Professor. It is part of the management of the Interregional Public Organi- zation Association of Heads of Information Security Services (ARSIB), an independent non-profit organization Russian Union of IT Directors (SODIT ). Author and co-author of 14 monographs and more than 350 articles on information security issues (Proceedings of ISA RAS and SPIIRAS, journals "Cybersecurity issues", "Information security problems", "Open systems", "Inside: Information protection", "Security systems", "Electronics", "Com- munication Bulletin", "Network Journal", "Connect World of Connect", etc.). Including, monographs and practical manuals of publishing houses "River Publishers", "Springer Nature Switzerland AG", "Peter", "Athena" and "DMK-Press" "Big Data Technologies for Monitoring of Computer Security: A Case Study of the Russian Federation", "Cyber Security Innovation for the Digital Economy: A Case Study of the Russian Federa- tion", "Methods of information protection in the Internet", "Methods and technologies of information security of critical objects of the national infras- tructure", "Methods and technologies of cloud security", "Audit of corporate Internet/Internet security", "Information Risk Management", "Information Security Policies" and others. Awarded the "Big ZUBR" and "Golden ZUBR" in 2014 for the national projects of the Russian Federation in the field of information security
