Comparison of Information Security Systems for Asymptotic Information Security Management Critical Information Infrastructures

The article reviews the options for critical information infrastructures (CII) protection management and discusses approaches to developing security policies that don't lean on assessing residual risks and identifying a fixed list of threats. We examine and substantiate the possibility of building information security management systems based on monitoring of security events. A formal description of security events as well as relevant protection methods is proposed. The paper introduces an order relation for information security systems comparison and asymptotic CII security control implementation paper.