The article defines that cybersecurity of critical infrastructure in the context of digitalization is a set of measures, technologies and processes aimed at protecting systems, services and data that ensure the functioning of critical infrastructure facilities (energy, transport, water supply, telecommunications, etc.), in the context of their transition to digital platforms. Digitalization is understood as the gradual introduction of information and communication technologies (ICT), automated control systems (SCADA), IoT devices and cloud solutions to increase the efficiency, efficiency and scalability of management. At the same time, this transition opens up new vulnerabilities: each element of the network, from the controller of pumping stations to the sensor of a "smart" meter, becomes a potential access point for cybercriminals. Therefore, cybersecurity in this context encompasses both the protection of physical components (PLC controllers, servers, routers) and software (operating systems, SCADA applications), network protocols and data circulating within and between these systems. Taken together, technical and economic challenges form a complex context for ensuring cybersecurity of critical infrastructure during digitalization. They can only be solved through a multidisciplinary approach that combines state regulation (equipment and process certification requirements), the involvement of international standards (ISO/IEC 27001, IEC 62443), the stimulation of private investment (through partnerships with state infrastructure access fees) and the development of our own human capital through specialized educational programs and pilot routes for the integration of engineers. The subject of the article is the disclosure of economic tools for assessing risks and investments in the development of cybersecurity of critical infrastructure, which is caused by digitalization processes. Research methods. When studying economic tools for assessing risks and investments in the development of cybersecurity of critical infrastructure, which is caused by digitalization processes, classical research methods were used (dialectical materialism, abstraction, analysis and synthesis, functional, systems analysis, synergistic, comparative law, interpretation and hermeneutics, dogmatic and statistical methods). The purpose of the article is the disclosure of economic tools for assessing risks and investments in the development of cybersecurity of critical infrastructure, which is caused by digitalization processes. Conclusions. The development of cybersecurity of critical infrastructure in conditions of active digitalization requires the comprehensive application of economic tools for assessing risks and planning investments. The use of quantitative risk analysis methods, cost-benefit analysis estimates, and scenario modeling allows critical infrastructure entities to justify the amount of resources needed to implement protective technologies. Regression and economic-mathematical models allow you to project the scale of cyber threats and predict potential financial losses from incidents, while allowing you to compare the effectiveness of alternative options for measures - from upgrading legacy PLC controllers to implementing SIEM/IDS systems. Thanks to a multi-criteria approach and analysis of real options, business leaders can allocate the budget in such a way as to ensure the optimal balance between preventive investments in security and current operating costs, minimizing both direct and indirect losses from failures and reputational risks. At the same time, the success of a critical infrastructure cyber protection strategy largely depends on effective government regulation and international harmonization of standards. In particular, the implementation of the NIS 2 Directive and approximation to the provisions of the EU DORA stimulate the development of unified audit, monitoring and operational response procedures. Tax incentives, grant mechanisms for co-financing and cyber risk insurance can become an additional tool for economic incentives for CI operators to modernize their digital systems. The development of human capital is also of key importance: investments in the training of cybersecurity specialists, the establishment of cooperation between universities, industrial enterprises and international organizations will ensure the sustainability and adaptability of protective measures. As a result, such a synergy of economic instruments, the legal environment and human resources support will allow achieving a high level of resilience of critical infrastructure to cyber threats and ensuring the uninterrupted functioning of key industries in the face of any challenges of the digital world.