Bookmarks
Pagelist
Guide
halftitle
Cyber Resilience
RIVER PUBLISHERS SERIES IN SECURITY AND DIGITAL FORENSICS
Series Editors:
WILLIAM J. BUCHANANEdinburgh Napier University, UK
ANAND R. PRASADNEC, Japan
Indexing: All books published in this series are submitted to the Web of Science Book Citation Index (BkCI), to SCOPUS, to CrossRef and to Google Scholar for evaluation and indexing.
The River Publishers Series in Security and Digital Forensics is a series of comprehensive academic and professional books which focus on the theory and applications of Cyber Security, including Data Security, Mobile and Network Security, Cryptography and Digital Forensics. Topics in Prevention and Threat Management are also included in the scope of the book series, as are general business Standards in this domain.
Books published in the series include research monographs, edited volumes, handbooks and textbooks. The books provide professionals, researchers, educators, and advanced students in the field with an invaluable insight into the latest research and developments.
Topics covered in the series include, but are by no means restricted to the following:
- Cyber Security
- Digital Forensics
- Cryptography
- Blockchain
- IoT Security
- Network Security
- Mobile Security
- Data and App Security
- Threat Management
- Standardization
- Privacy
- Software Security
- Hardware Security
For a list of other books in this series, visit www.riverpublishers.com
Cyber Resilience
SergeiPetrenko Innopolis University Russia
Published 2019 by River PublishersRiver PublishersAlsbjergvej 10, 9260 Gistrup, Denmark www.riverpublishers.com
Distributed exclusively by Routledge 4 Park Square, Milton Park, Abingdon, Oxon OX14 4RN 605 Third Avenue, New York, NY 10017, USA
Cyber Resilience / by Sergei Petrenko.
2019 River Publishers. All rights reserved. No part of this publication may be reproduced, stored in a retrieval systems, or transmitted in any form or by any means, mechanical, photocopying, recording or otherwise, without prior written permission of the publishers.
Routledge is an imprint of the Taylor & Francis Group, an informa business
DOI: 10.1201/9781003337300
ISBN 978-87-7022-116-0 (print)
While every effort is made to provide dependable information, the publisher, authors, and editors cannot be held responsible for any errors or omissions.
Contents
Foreword
Dear Readers!
Modern cyber systems acquire more emergent system properties, as far as their complexity increases: cyber resilience, controllability, self-organization, proactive cyber security and adaptability. Each of the listed properties is the subject of the cybernetics research (comes from Greek >> the art of governance) and each subsequent feature makes sense only if there is a previous one.
Cyber resilience is the most important feature of any cyber system, especially during the transition to the sixth technological stage and related Industry 4.0 technologies: Artificial Intelligence (AI), Cloud and foggy computing, 6G, IoT/IIoT, Big Data and ETL, Q-computing, Blockchain, VR/AR, etc. We should even consider the cyber resilience as a primary one, because the mentioned systems cannot exist without it. Indeed, without the sustainable formation made of the interconnected components of the critical information infrastructure, it does not make sense to discuss the existence of 4.0 Industry cyber-systems. In case when the cyber security of these systems is mainly focused on the assessment of the incidents probability and prevention of possible security threats, the cyber resilience is mainly aimed at preserving the targeted behavior and cyber systems performance under the conditions of known (about 45%) as well as unknown (the remaining 55%) cyber-attacks.
This monograph presents a valuable experience and an exploratory study practical results of the Innopolis University Information Security Center on the solution of the scientific problem of the cyber-resilient critical information infrastructure organization under the conditions of previously unknown heterogeneous mass cyber-attacks of intruders based on similarity invariants. This monograph is the first work on the mentioned problem. At the same time, it contains the qualitative and quantitative results of cyber resilience study, which makes possible the discovery of the limiting law of the effectiveness of ensuring the cyber resilience of the 4.0 Industry cyber systems for the first time. For this reason, the monograph performs the undoubted theoretical and practical interest for cybernetics, cyber stability and information security specialists.
The modern development level of information and communication technologies (ICT) realizes the opportunity to take industrial production and scientific research in information security to a fundamentally higher plane, but the effectiveness of such a transition directly depends on the availability of highly qualified specialists. About 5,000 Russian information security specialists graduate every year, whereas the actual industrial demand is estimated at 21,000 per year until 2025. For this reason, the Russian Ministry of Education and Science, along with executive governmental bodies, has created a high-level training program, which they continually develop, for state information security employees. This initiative includes 170 universities, 40 institutions of continuing education, and 50 schools of secondary vocational training. In evaluating the universities performance over 30 academic disciplines, information security has scored the highest for three consecutive years on the Russian Unified State Examination. In addition, employee training subsystems operating in the framework of the Russian Federal Security Service, the Russian Ministry of Defense, the Russian Federal Protective Service, Russian Federal Service for Technical and Export Control, and the Russian Emergencies Ministry of Emergency Situations are similar to the general system for training information security specialists at the Russian Ministry of Education and Science, which trains personnel according to the concrete needs of individual departments.
Yet, there remains the well-known problem that the vast majority of educational programs in information security struggle to keep pace with the rapid development in the ICT sphere, where significant changes occur every 6 months. As a result, existing curricula and programs do not properly train graduates for the practical reality of what it means to efficiently solve modern information security problems. For this reason, graduates often find themselves lacking the actual skills in demand on the job market. In order to ensure that education in this field truly satisfies modern industrial demands, Innopolis University students and course participants complete actual information security tasks for commercial companies as well as governmental bodies (e.g., for the universitys over 100 industrial partners