Nations and individuals are becoming increasingly dependent on information communication systems as they continue to evolve rapidly. As the number of information systems requiring protection increases, the costs also increase proportionally. Cyber attacks have the characteristic that preventive measures are not quite effective even when comprehensive information security measures are taken in advance, because the system's vulnerability is exploited. This paper presents a method of selecting an information communication system with high damage propagation to protect with priority, by measuring the ripple effect of damage to information communication system when a violation incident occurs. This paper may be referred to when selecting a system that will provide excellent cost-effectiveness by forecasting the degree of damage propagation in advance.