In the digital age more and more services and data are available over the Internet. Companies and public organizations becoming increasingly vulnerable related to hacks and cyberattacks. In order to provide successful online services, effective security initiatives and targeted protections are necessary to mitigate security risks. Effective cybersecurity more than deploying firewalls and other security software (e.g. antivirus, intrusion detection/prevention systems.). Through risk assessment and risk management practices we can identify critical parts of information systems and can transform them into security tactics. Furthermore in the Distributed Vulnerability Assessment (DVA) model three factors are identified: (1) characteristics and prevalence of cyber-threats, (2) vulnerabilities of IT infrastructure and its components and processes, (3) vulnerabilities deriving from users’ behavior.

In this paper, we examine and improve our mathematical model of Distributed Vulnerability Assessment. This model can be extended for using additional information and considerations. This paper also presents a practical method which can be applied to eGovernment infrastructure and services also to reduce the impact of malware attacks of the information system.