© Skiter I. 2021 ISSN 2663 - 4023 № 1 (13), 2021 DOI 10.28925/2663-4023.2020.13.158169 UDC 004.056.5 Ihor S. Skiter PhD in Physical and Mathematical Sciences, Associate Professor, Senior Researcher National Academy of Science of Ukraine The Institute for Safety Problems of Nuclear Power Plants, Chornobyl, Ukraine ORCID ID 0000-0003-2334-2276 i.skiter@ispnpp.kiev.ua CYBER SECURITY CULTURE LEVEL ASSESSMENT MODEL IN THE INFORMATION SYSTEM Abstract. The paper sets the task of formalizing the processes of assessing the culture of cybersecurity of the information system of the organization. The basis is a comprehensive model that takes into account the technical and organizational parameters of the information system and the risks associated with them. The level of security culture of the information system is assessed on the basis of building an additive model. The model includes the characteristics of system state clusters. Clusters are formed on the basis of arrays of factors that correspond to different classes of information security culture. Classes are formed on the basis of sets of factors. Their impact is assessed using the severity of the consequences for the level of cybersecurity of the information system. In addition, the probability of manifestation of this factor in a particular information system is determined. The value of coefficients and probability distributions for each cluster and set of factors is estimated by expert methods and on the basis of a survey. A feature of the formation of arrays of factors is the inclusion in each cluster of a factor that reflects the passive behavior of the user to negative factors. Thus, the model introduces the probability of rejection of negative factors and the probability of ideal behavior for the formation of the appropriate class of threats. It is proposed to determine the average weights of the factors of the level of influence on the cybersecurity of the information system on the basis of the weighted average indicator. A method of estimating weights based on the equally probable distribution of negative factors within the cluster is proposed. The proposed technique does not depend on the number of factors in the cluster. Keywords: cybersecurity of the information system; security state clusters; severity of consequences; the average weight of the cluster. INTRODUCTION In relation to the information system, its cybersecurity (СS) in the general sense can be defined as a state of security of the information space of the system, in which it is impossible to damage the properties of the object in relation to information and system`s infrastructure [1]. The level of security of the information system today is carried out mainly by risk-based analysis in accordance with ISO / IEC 27001 [2]. Cybersecurity of the information system, as a rule, is carried out according to the methods of assessment of organizational, technological and technical risks, aimed at assessing the threats and vulnerabilities of the system. This practically does not take into account the problems of analysis of a set of factors associated with human-machine interaction - the culture of cybersecurity (CSС) of the information system. Problem statement. One of the urgent tasks that are solved by administrators of cybersecurity management systems is to assess the effectiveness of the implemented measures to ensure the basic functions of the information system. Thus information on results of the carried-out actions can have not only quantitative, but also qualitative character. Assessment of the culture of cybersecurity of information systems of enterprises, organizations, etc. is