The book discusses the activities involved in developing an Enterprise Continuity Program (ECP) that will cover both Business Continuity Management (BCM) as well as Disaster Recovery Management (DRM). The creation of quantitative metrics for BCM are discussed as well as several models and methods that correspond to the goals and objectives of the International Standards Organisation (ISO) Technical Committee ISO/TC 292 ""Security and resilience". Significantly, the book contains the results of not only qualitative, but also quantitative, measures of Cyber Resilience which for the first time regulates organizations' activities on protecting their critical information infrastructure. The book discusses the recommendations of the ISO 22301: 2019 standard "Security and resilience - Business continuity management systems - Requirements" for improving the BCM of organizations based on the well-known "Plan-Do-Check-Act" (PDCA) model. It also discusses the recommendations of the following ISO management systems standards that are widely used to support BCM. The ISO 9001 standard ""Quality Management Systems""; ISO 14001 ""Environmental Management Systems""; ISO 31000 ""Risk Management"", ISO/IEC 20000-1 ""Information Technology - Service Management"", ISO/IEC 27001 ""Information Management security systems", ISO 28000 "Specification for security management systems for the supply chain", ASIS ORM.1-2017, NIST SP800-34, NFPA 1600: 2019, COBIT 2019, RESILIA, ITIL V4 and MOF 4.0, etc. The book expands on the best practices of the British Business Continuity Institute's Good Practice Guidelines (2018 Edition), along with guidance from the Disaster Recovery Institute's Professional Practices for Business Continuity Management (2017 Edition). Possible methods of conducting ECP projects in the field of BCM are considered in detail. Based on the practical experience of the author there are examples of Risk Assessment (RA) and Business Impact Analysis (BIA), examples of Business Continuity Plans (BCP) & Disaster Recovery Plans (DRP) and relevant BCP & DRP testing plans. This book will be useful to Chief Information Security Officers, internal and external Certified Information Systems Auditors, senior managers within companies who are responsible for ensuring business continuity and cyber stability, as well as teachers and students of MBA's, CIO and CSO programs.

Cyber Security Innovation for the Digital Economy considers possible solutions to the relatively new scientific-technical problem of developing innovative solutions in the field of cyber security for the Digital Economy. The solutions proposed are based on the results of exploratory studies conducted by the author in the areas of Big Data acquisition, cognitive information technologies (cogno-technologies), new methods of analytical verification of digital ecosystems on the basis of similarity invariants and dimensions, and "computational cognitivism," involving a number of existing models and methods. In practice, this successfully allowed the creation of new entities - the required safe and trusted digital ecosystems - on the basis of the development of digital and cyber security technologies, and the resulting changes in their behavioral preferences. Here, the ecosystem is understood as a certain system of organizations, created around a certain Technological Platform that use its services to make the best offers to customers and access to them to meet the ultimate needs of clients - legal entities and individuals. The basis of such ecosystems is a certain technological platform, created on advanced innovative developments, including the open interfaces and code, machine learning, cloud technologies, Big Data collection and processing, artificial intelligence technologies, etc. The mentioned Technological Platform allows creating the best offer for the client both from own goods and services and from the offers of external service providers in real time. This book contains four chapters devoted to the following subjects: - Relevance of the given scientific-technical problems in the cybersecurity of Digital Economy - Determination of the limiting capabilities - Possible scientific and technical solutions - Organization of perspective research studies in the area of Digital Economy cyber security in Russia

Cyber immune systems try to mimic the adaptive immune system of humans and animals because of its capability to detect and fend off new, unseen pathogens. Today's current cyber security systems provide an effective defense mechanism against known cyber-attacks but are not so good when it comes to defending against unknown attacks. This book describes the possible development and organization of self-healing computing based on cyber immunity techniques and aimed at working in the new realm of Industry 4.0. Industry 4.0 is the trend towards automation and data exchange in manufacturing technologies and processes which include cyber-physical systems (CPS), the internet of things (IoT), industrial internet of things (IIOT), cloud computing, cognitive computing and artificial intelligence. The book describes the author's research and development of cyber-immunity systems that will prevent the destruction of critical information infrastructure by future unknown cyber-attacks and thus avoid the significant or catastrophic consequences of such attacks. The book is designed for undergraduate and post-graduate students, for engineers in related fields as well as managers of corporate and state structures, chief information officers (CIO), chief information security officers (CISO), architects, and research engineers in the field of cybersecurity. This book contains four chapters 1. Cyber Immunity Concept of the Industry 4.0; 2. Mathematical Framework for Immune Protection of Industry 4.0; 3. Trends and prospects of the development of Immune Protection of Industry 4.0; 4. From detecting cyber-attacks to self-healing Industry 4.0;

This timely book offers rare insight into the field of cybersecurity in Russia -- a significant player with regard to cyber-attacks and cyber war. Big Data Technologies for Monitoring of Computer Security presents possible solutions to the relatively new scientific/technical problem of developing an early-warning cybersecurity system for critically important governmental information assets. Using the work being done in Russia on new information security systems as a case study, the book shares valuable insights gained during the process of designing and constructing open segment prototypes of this system. Most books on cybersecurity focus solely on the technical aspects. But Big Data Technologies for Monitoring of Computer Security demonstrates that military and political considerations should be included as well. With a broad market including architects and research engineers in the field of information security, as well as managers of corporate and state structures, including Chief Information Officers of domestic automation services (CIO) and chief information security officers (CISO), this book can also be used as a case study in university courses.

This timely book offers rare insight into the field of cybersecurity in Russia -- a significant player with regard to cyber-attacks and cyber war. Big Data Technologies for Monitoring of Computer Security presents possible solutions to the relatively new scientific/technical problem of developing an early-warning cybersecurity system for critically important governmental information assets. Using the work being done in Russia on new information security systems as a case study, the book shares valuable insights gained during the process of designing and constructing open segment prototypes of this system. Most books on cybersecurity focus solely on the technical aspects. But Big Data Technologies for Monitoring of Computer Security demonstrates that military and political considerations should be included as well. With a broad market including architects and research engineers in the field of information security, as well as managers of corporate and state structures, including Chief Information Officers of domestic automation services (CIO) and chief information security officers (CISO), this book can also be used as a case study in university courses.

Modern cyber systems acquire more emergent system properties, as far as their complexity increases: cyber resilience, controllability, self-organization, proactive cyber security and adaptability. Each of the listed properties is the subject of the cybernetics research and each subsequent feature makes sense only if there is a previous one. Cyber resilience is the most important feature of any cyber system, especially during the transition to the sixth technological stage and related Industry 4.0 technologies: Artificial Intelligence (AI), Cloud and foggy computing, 5G +, IoT/IIoT, Big Data and ETL, Q-computing, Blockchain, VR/AR, etc. We should even consider the cyber resilience as a primary one, because the mentioned systems cannot exist without it. Indeed, without the sustainable formation made of the interconnected components of the critical information infrastructure, it does not make sense to discuss the existence of 4.0 Industry cyber-systems. In case when the cyber security of these systems is mainly focused on the assessment of the incidents' probability and prevention of possible security threats, the cyber resilience is mainly aimed at preserving the targeted behavior and cyber systems' performance under the conditions of known (about 45 %) as well as unknown (the remaining 55 %) cyber attacks. This monograph shows that modern Industry 4.0. Cyber systems do not have the required cyber resilience for targeted performance under heterogeneous mass intruder cyber-attacks. The main reasons include a high cyber system structural and functional complexity, a potential danger of existing vulnerabilities and "sleep" hardware and software tabs, as well as an inadequate efficiency of modern models, methods, and tools to ensure cyber security, reliability, response and recovery. A new formulation of the cyber resilience problem under heterogeneous mass cyber-attacks is proposed, in which the cyber system performance recovery in destructive software impacts prevents significant or catastrophic consequences. Here, the idea of ensuring the cyber resilience is to give the cyber systems the ability to develop immunity to disturbances of the computational processes under destructive influences, by analogy with the immune system protecting a living organism. The book contains three chapters, devoted to the following topics: - Development of the Cyber Resilience Management Concept of modern technological platforms and cyber-systems of 4.0 Industry; - Development of a corporate cyber risk management methodology; - Technical implementation of the corporate program of business sustainability management based on the best practices (standards).