articles

The work is devoted to the development of models for the automated formation of competencies of a cybersecurity specialist based on a scenario approach. The relevance of the work is determined by the need to timely update the requirements for professional competencies of a cybersecurity specialist in the context of the development of methods and tools for information warfare and the lack of a theoretical apparatus that allows automating this process. The purpose of this work is to develop models for the automated formation of competencies of a cybersecurity specialist based on a scenario approach, which allow analyzing information about the actions of a cybersecurity violator and, based on this information, determining the current set of professional competencies of a cybersecurity specialist. The task of developing models for the automated formation of competencies of a cybersecurity specialist based on a scenario approach is to develop a model of actions of a cybersecurity violator and an associated model of a countermeasure system that determines the actual set of competencies of a cybersecurity specialist. In contrast to existing expert approaches to determining the professional competence model of a cybersecurity specialist, this paper uses a scenario approach that allows describing scenarios of actions of a cybersecurity violator at a formalized level, integrating the data obtained into the appropriate graph model and forming an activity professional model of a cybersecurity specialist based on optimizing the structure of the system counteraction. The set of developed models for the automated formation of competencies of a cybersecurity specialist based on a scenario approach takes into account many factors of information confrontation, such as: techniques and tactics of cybersecurity offenders, their corresponding methods and tools of counteraction. The proposed approach of structuring the countermeasure system in the form of a set of interrelated modules based on the results of the analysis of attack scenarios, techniques and corresponding tactics used by the violator of cybersecurity allows taking into account the features of attacks that are most often implemented, forming a set of professional actions of a cybersecurity specialist based on the use of appropriate methods and tools to counter these techniques grouped by functional modules. Analysis of the results of the conducted computer experiment showed the operability of the proposed models for the automated formation of competencies of a cybersecurity specialist based on the scenario approach.