Why we need a new definition of information security

Based on the analysis of scientific concepts and legal principles the author has provided the definition of information security, provision of information security in Ukraine and has characterized its components. The current state of legal regulation of the organization and activity of cyberpolice units of the National Police of Ukraine has been analyzed. Particular attention has been paid to the legal analysis of the tasks, functions and structure of the Cyberpolice Department of the National Police of Ukraine. Special attention has been drawn to certain shortcomings of Ukrainian legislation in the field of ensuring information security by the police, its compliance with the norms and standards of international law. Taking into account the specifics of the tasks, the author has provided characteristics of the functions of cyberpolice units in the information sphere, which should be divided according to the purpose into: 1) basic (external), which are focused on law enforcement and preventive aspects; 2) auxiliary (intrasystem), which are focused on promoting the implementation of basic functions, the introduction of appropriate management mechanisms within the system. It has been stated that the modern system of ensuring information security and cybersecurity in Ukraine should be one effective system, consisting of such mandatory components as legal, educational and technical. It has been concluded that in order to improve the legal principles for the organization and activities of cyberpolice units of the National Police in the field of ensuring information security and counteracting cyber threats, first of all, it is necessary to optimize the organizational structure of cyberpolice, reasonably distribute the functions (powers) between cyberpolice units and other subjects combating cyber threats in Ukraine, to create appropriate conditions for reaching a qualitatively new level of interaction between them and coordination of their activities in the field of ensuring information security in modern conditions.

Download Full-text

A definition of Information Security Classification in cybersecurity context

2017 11th International Conference on Research Challenges in Information Science (RCIS) ◽

10.1109/rcis.2017.7956520 ◽

2017 ◽

Cited By ~ 1

Author(s):

Guillaume Collard ◽

Stephane Ducroquet ◽

Eric Disson ◽

Guilaine Talens

Keyword(s):

Information Security ◽

Definition Of ◽

Definition Of Information

Download Full-text

ANALYSIS AND DEFINITION OF INFORMATION SECURITY RISKS

Research Result Information Technologies ◽

10.18413/2518-1092-2019-4-1-0-5 ◽

2019 ◽

Vol 4 (1) ◽

pp. 31-37

Author(s):

M.A. Maslova ◽

Keyword(s):

Information Security ◽

Security Risks ◽

Definition Of ◽

Definition Of Information

Download Full-text

Tasks and powers of the National police of Ukraine in ensuring information security of the state

Revista Amazonia Investiga ◽

10.34069/ai/2021.37.01.8 ◽

2021 ◽

Vol 10 (37) ◽

pp. 86-92

Author(s):

Vitalii Makarchuk

Keyword(s):

Information Security ◽

Cyber Security ◽

The State ◽

Legal Method ◽

Modeling And Forecasting ◽

The Subject ◽

Definition Of ◽

Definition Of Information ◽

National Police

The purpose of the article is to examine the role of the National Police of Ukraine in ensuring the information security of Ukraine. The subject of the study: The subject of the study is the competence of the National Police of Ukraine in ensuring the information security of Ukraine. Methodology: Dialectical method, epistemological method, analytical method, formal and legal method, normative and dogmatic method, the methods of legal modeling and forecasting were used in the research. The results of the study: The definition of “information security” and “cyber security” is provided. The main factors that negatively affect the information space in Ukraine, as well as current threats to Ukraine’s national security in the information sphere are identified. Practical implications: It is established that the number of crimes in the information sphere is growing every year. In this regard, the task of the National Police is to combat crimes and other offenses in this area, as well as to protect relevant rights and freedoms of citizens, society and the State. Value/originality: The tasks and powers in the area of information security protection of the National Police in general and the Department of Cyber Security, in particular, are defined.

Download Full-text

Terrorism: informational and legal dimension

INFORMATION AND LAW ◽

10.37750/2616-6798.2021.2(37).238337 ◽

2021 ◽

pp. 60-66

Author(s):

B. LEONOV

Keyword(s):

Information Security ◽

Legal Aspects ◽

Information Space ◽

Definition Of ◽

Definition Of Information ◽

Types Of Information

The article highlights the theoretical and legal aspects of information terrorism. The classification of types of information terrorism in the information space is given. The analysis of regulatory acts of Ukraine in the field of information security is provided. The definition of information terrorism is offered.

Download Full-text

Organisational Information Security Strategy: Review, Discussion and Future Research

Australasian Journal of Information Systems ◽

10.3127/ajis.v21i0.1427 ◽

2017 ◽

Vol 21 ◽

Cited By ~ 1

Author(s):

Craig A. Horne ◽

Sean B. Maynard ◽

Atif Ahmad

Keyword(s):

Information Security ◽

Future Research ◽

Security Strategy ◽

Security Breaches ◽

Antecedent Conditions ◽

Comprehensive Information ◽

Future Research Directions ◽

Definition Of ◽

Definition Of Information ◽

Information Security Strategy

Dependence on information, including for some of the world’s largest organisations such as governments and multi-national corporations, has grown rapidly in recent years. However, reports of information security breaches and their associated consequences indicate that attacks are escalating on organisations conducting these information-based activities. Organisations need to formulate strategy to secure their information, however gaps exist in knowledge. Through a thematic review of academic security literature, (1) we analyse the antecedent conditions that motivate the adoption of a comprehensive information security strategy, (2) the conceptual elements of strategy and (3) the benefits that are enjoyed post-adoption. Our contributions include a definition of information security strategy that moves from an internally-focussed protection of information towards a strategic view that considers the organisation, its resources and capabilities, and its external environment. Our findings are then used to suggest future research directions.

Download Full-text

A Review on Privacy Issues in Hotels: A Contribution to the Definition of Information Security Policies and Marketing Strategies

Global Security, Safety and Sustainability - The Security Challenges of the Connected World - Communications in Computer and Information Science ◽

10.1007/978-3-319-51064-4_17 ◽

2016 ◽

pp. 205-217

Author(s):

Maria José Magalhães ◽

Sérgio Tenreiro de Magalhães ◽

Kenneth Revett ◽

Hamid Jahankhani

Keyword(s):

Information Security ◽

Marketing Strategies ◽

Security Policies ◽

Definition Of ◽

Definition Of Information ◽

Privacy Issues

Download Full-text

SAFE APPROACH IN LEGAL REGULATION OF INFORMATION RELATIONS

Law Journal of Donbass ◽

10.32366/2523-4269-2021-77-4-116-126 ◽

2021 ◽

Vol 77 (4) ◽

pp. 116-126

Author(s):

Mykola Veselov ◽

◽

Tetyana Rekunenko ◽

Daria Volkova ◽

◽

...

Keyword(s):

Information Security ◽

Public Relations ◽

National Security ◽

Modern Science ◽

Legal Regulation ◽

Human Society ◽

Analysis And Synthesis ◽

Basic Approaches ◽

Definition Of ◽

Definition Of Information

Due to the process of informatization, systemic changes are taking place, according to which all spheres of activity of state institutions, all segments of society, and each individual are included in the global information space. This determines the need to ensure the reliability and security of information relations, which is achieved in particular through the mechanism of effective and strategic legal regulation. Information security in the conceptual and key legal documents of many states is seen as an important component of national security. New challenges to security and human rights in the field of information relations generate pressing issues that need further scientific study and solution. The article contains a compilation of views available in modern science on the understanding of basic concepts: "information", "information relations", "information security", as well as basic approaches to formulating the definition of information security. Due to the combination of general scientific and special methods of cognition, in particular dialectical, formal-legal, comparative analysis and synthesis, the publication substantiates the importance and specificity of the "security" approach in regulating information relations to achieve information security in the country. This approach is that, providing a legal assessment and, including certain public relations related to the circulation of information in the regulatory sphere, the legislator and other subjects of rule-making together with relevant professionals should pre-conduct a "safe" examination to identify and predicting all possible threats to the information security that may arise or already de facto exist in practice. The results of such expert research should be taken into account when choosing methods and forms of legal regulation of existing and new information relations. Information sphere and its separate elements make it possible to indirect influence on social, economic, political, spiritual and other spheres of life of human society. Therefore, the fact that does not require additional proof is that information security is a guarantee of providing other components of state security and national security as a whole.

Download Full-text

Implication of Employees in Security Policies Definition

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2019.01.02 ◽

2019 ◽

Vol 8 (1) ◽

pp. 23-29

Author(s):

Myriam DJEROUNI

Keyword(s):

Life Cycle ◽

Information Security ◽

Security Policy ◽

Security Policies ◽

Top Management ◽

Information Security Policy ◽

Security Breach ◽

Definition Of ◽

Definition Of Information

A way of awareness is to involve employees in part of the definition of security policies. The purpose of this approach is not to reduce the level of security required and defined by the policies but to consider when it is possible and applicable their comments. In this case, employees accept more easily the application of policies as they have “participated”. Then, the policies should be present to employees during interactive sessions with real cases of security breach, figures, and statistics to illustrate the risks. The benefits of these presentations are to show to employees that risks are not only theoretical and it can really happen. The purpose of this document is to provide guidance on how to create more cybersecurity awareness, topic handled by the CyberEDU in February 2019. This paper presents the implication of employees across the life cycle of the security policies based on the PDCA (Plan-Do-Check-Act) model. The document will address the definition of Information Security Policy (ISP) as well as topic-specific policies and the involvement of the Top Management and employees.

Download Full-text

CURRENT ISSUES OF INFORMATION SECURITY IN THE ACTIVITIES OF THE NATIONAL POLICE OF UKRAINE

Juridical science ◽

10.32844/2222-5374-2020-105-3.23 ◽

2020 ◽

pp. 183-190

Author(s):

І. Є. Іванов

Keyword(s):

Information Systems ◽

Law Enforcement ◽

Information Security ◽

Information Technologies ◽

Public Information ◽

Information Protection ◽

The Law ◽

Definition Of ◽

Definition Of Information ◽

National Police

The article considers topical issues of information security in the activities of the National Police of Ukraine. It is determined that the main problem of information security in the law enforcement sphere arose due to the global contradiction between the possibilities of information technologies and the threats of their use. The settlement of the existing public information relations alone is insufficient, as the legislation does not keep pace with technical progress. The definition of "information security" is considered and the author's definition of this concept is offered. The main normative legal acts regulating the activity of the National Police in this direction are analyzed. It is stated that information security of the National Police of Ukraine is provided in two forms: organizational (related to the circulation, collection, processing, storage, use and protection of information); legal (preparation and approval of regulations (orders, instructions), development of regulations, instructions, algorithms, plans, etc.). The key to information protection is the administration of information systems. The European experience of information protection in the law enforcement sphere is considered. Attention is drawn to the need to implement a system of modern international information security standards ISO / IES series 27000, which is constantly updated. It is theoretically substantiated that: increasing the efficiency of the National Police of Ukraine can be solved through the introduction of a reliable information security system; to achieve the highest level of information security of law enforcement agencies it is necessary not only to improve the current legislation, but also to have a mechanism for its implementation; Security and protection in the information systems of the National Police should be based on a comprehensive approach to building a protection system, which provides for the integration into a single set of necessary measures and means of information protection at all levels of the information system.

Download Full-text