Critical infrastructure describes physical assets and cyber systems that are so vital to the nation that their incapacitation or destruction would have an important impact on our physical and economic security or public health and safety. The critical infrastructure of country provides essential services that are the foundation of Ukrainian society. Being in the current state of hybrid war significantly increases the threat to critical infrastructure. National security largely depends on the protection of such facilities. The article proposes a method for managing the protection state against external cyberattacks on information systems of critical infrastructure facilities based on distributive identification and dynamic programming. The essence of the method is to use the distributive identification of the external cyberattacks parameters with the choice of applying measures to protect the system with a complete description of the information system and taking into account the strategies of influence on it based on dynamic programming. Unlike similar methods, the developed method makes a management decision on the security state of information resources with a set of input external cyber attacks parameters based on parallel-distributive identification and dynamic programming. The method allows to increase the reliability of making a management decision on assessing the security state of information resources in the information system of a critical infrastructure facility, provided that the time of making a management decision on assessing the security state is no more than similar methods.