Intelligent methods are widely used in various areas. The talk is devoted to the development of the intelligent methods for security assessment and response to the cyber security incidents in the critical infrastructures designed for the prospective information security systems. The goal of the research is to decrease the losses from cyber attacks via timely cyber attacks detection, comprehensive and complex security assessment and supporting of explainable security decisions in real time. The core idea of the research consists in thorough analysis of the security related data to reveal semantic and syntactic relations between their characteristics, data objects and subjects, highly informative security metrics answering security related questions and security decisions and construction of novel analytical and semantic models on their basis. Namely, in scope of the research following research tasks were solved: (1) Analysis of heterogeneous security related data and their interrelations; (2) Development of intelligent methods for security data processing to extract their key characteristics and their interrelations for dynamic construction of analytical and semantic models; (3) Analysis of security metrics, algorithms and models for their calculation; (4) Development of the ontology of security metrics connecting heterogeneous security related data, data objects and subjects, and atomic and highly informative security metrics; (5) Development of analytical and semantic models for security assessment and security decision support and methods for their generation; (6) Development of methods, techniques and algorithms for security assessment and decision support that differ by the joint application of such analytical models as attack and service dependency graphs, the proposed set of objective and explainable security metrics, and by the opportunity to get the result any time and enhance it over time depending on the input data; (7) Development and implementation of the system for security assessment and response to the cyber security incidents for critical infrastructures in the conditions of heterogeneous dynamic data.