INFORMATION SECURITY AS A COMPONENT OF THE ECONOMIC SECURITY OF THE ENTERPRISE

The article is aimed at researching the key problem of information and analytical provision of enterprise in the context of digitalization of the economy. The publication indicates the growth of the role of information in the implementation of management activities by an economic entity and its general role in the operation of the modern enterprise. Approaches to interpretation of the concepts of «information» and «information provision» are examined. It is defined that today the main problem of information-analytical provision of economic activity is the leakage of confidential information as one of the forms of materialization of threats to the information security of enterprise, which consists in violation of confidentiality, integrity and availability of information. It is further defined that the leakage of information at the enterprise is usually caused by the following actions: unauthorized access to confidential information; disclosure of confidential information (including the unintentional disclosure); leakage of information via the imperfect technical channels. The channels of possible information leakage are considered. In addition, the analysis of statistical data on information leakage in the global dimension was carried out. According to the researches, in 2019, among the total volume of information leakage, 49.7% of the volume is accounted for by external actors and 50.3% by internal offenders. In general, in the system of information and communication provision, special attention of the management of enterprise should be directly paid to internal communications, since more than 90% of the information comes in from employees. It should be noted that the reasons for the leakage of the enterprise’s information due to the fault of internal actors may be: unintentional actions on the part of the enterprise’s employees related to errors in the processing, storage or transmission of confidential data; the caused by certain reasons actions of employees who have access to confidential information. This may include the actions of employees who use the enterprise’s data for fraud purposes, as well as the actions of former employees who, motivated by their desire for retaliation for dismissal, «contribute» to the leakage of confidential information, passing it on to competitors or using it for their own mercenary purposes.

Download Full-text

Conceptual principles for ensuring effective protection of information in the context of economic security of the enterprise

Ekonomìka ta upravlìnnâ APK ◽

10.33245/2310-9262-2020-155-1-84-92 ◽

2020 ◽

pp. 84-92

Author(s):

A.V. Pecheniuk

Keyword(s):

Information Security ◽

Information And Communication Technologies ◽

Security Policy ◽

Criminal Responsibility ◽

Economic Security ◽

Information Policy ◽

Security System ◽

Theory And Practice ◽

Confidential Information ◽

Information Security Policy

The necessity of formation of an effective information security system of the enterprise is substantiated. It is emphasized that when designing an information policy, the firm must comply with the requirements of the current legislation, take into account the level of technical support, especially the regulation of employees' access to confidential information, etc. It is stated that the costs of organizing information security measures should be appropriate to its value. The article identifies major threats that could be breached by confidential information. The list of the main normative legal acts aimed at bringing to civil, administrative and criminal responsibility for illegal collection, disclosure and use of information constituting a trade secret. The main stages of building an information security policy are summarized, the most common types of information threats related to the use of modern computer technologies are described. The necessity of developing a domestic original accounting (management) program that could be used in the long term by the vast majority of Ukrainian enterprises is pointed out. There are three groups of tools that are applied in the theory and practice of information security of the enterprise (active, passive and combined), emphasizing the need for planning and continuous monitoring in real time of all important processes and conditions that affect data security. It is noted that even if the information security system is built taking into account all modern methods and means of protection, it does not guarantee one hundred percent protection of the information resources of the enterprise, but a well-designed information security policy allows to minimize the corresponding risks. Key words: information security, information policy, information security, confidential information, information threats, information and communication technologies, software.

Download Full-text

Digital Image Steganography

Advanced Image Processing Techniques and Applications - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-5225-2053-5.ch015 ◽

2017 ◽

pp. 324-346 ◽

Cited By ~ 1

Author(s):

Chitra A. Dhawale ◽

Naveen D. Jambhekar

Keyword(s):

Communication Network ◽

Performance Analysis ◽

Information Security ◽

Digital Image ◽

Data Communication ◽

Image Steganography ◽

Digital Data ◽

Confidential Information ◽

Unauthorized Access ◽

Data Communication Network

Digital data transmitted over the insecure communication can be prone to attacks. Intruders try various attacks to unauthorized access of the confidential information. The Steganography is such as security system that provide the protection to the images, text and other type of data digitally transferred through the data communication network. This chapter elaborates the basics of Digital Image Steganographic techniques from ancient era to digital edge, types of images used for the steganography, payload used for the steganography, various attacks and different algorithms that can provide the information security. The performance analysis of the various Digital Image Steganographic algorithms are discussed. The current applications and their necessities are discussed in this chapter.

Download Full-text

A System Approach to the Construction of the Software and Hardware Complex for Training Information Security Specialists

Vestnik Tambovskogo gosudarstvennogo tehnicheskogo universiteta ◽

10.17277/vestnik.2021.01.pp.020-030 ◽

2021 ◽

Vol 27 (1) ◽

pp. 020-030

Author(s):

V. V. Alekseev ◽

◽

V. A. Gridnev ◽

A. V. Yakovlev ◽

O. S. Mashkova ◽

...

Keyword(s):

Information Security ◽

Electromagnetic Radiation ◽

System Approach ◽

Information Leakage ◽

Confidential Information ◽

Acoustic Interference ◽

Hardware Complex ◽

Software And Hardware

In order to train specialists in information security (IS), a software and hardware complex “Means of protecting information from leakage through technical channels” has been developed; it provides an opportunity to study the process of information leakage through technical channels and methods of its protection, as well as apply various modules and additional software (software) that clearly demonstrate the features of various methods of information security. The composition of this complex is shown: laboratory stands simulating acoustic, vibroacoustic, acoustoelectric channels and a channel of side electromagnetic radiation and interference. At each of the stands there are information security means (ISMs) that prevent the leakage of confidential information through the corresponding technical channel. To adjust the ISMs for acoustic and vibroacoustic channels, the ISIDORA software has been developed; it allows adjusting the level of the generated acoustic interference to meet the requirements of the security of the room and at the same time to have a comfortable conversation in this room.

Download Full-text

EFFICIENCY EVALUATION OF PROTECTION TOOLS OF STATE INFORMATION SYSTEMS

Interexpo GEO-Siberia ◽

10.33764/2618-981x-2019-6-1-115-121 ◽

2019 ◽

Vol 6 (1) ◽

pp. 115-121

Author(s):

Anastasiya Goldobina ◽

Valentin Selifanov

Keyword(s):

Information System ◽

Information Systems ◽

Information Security ◽

Public Information ◽

Information Leakage ◽

Security System ◽

Efficiency Evaluation ◽

Confidential Information ◽

State Information ◽

Public Information Systems

Protection components of state information system represent the uniform mechanism capable to protect confidential information. If one of protection elements does not work effectively, it will become a problem for the entire information security system. Public information systems need to take into account all available ways to prevent information leakage, for this, operators should evaluate the efficiency. This article proposes possible solutions of the problem.

Download Full-text

Digital Image Steganography

Cryptography ◽

10.4018/978-1-7998-1763-5.ch020 ◽

2020 ◽

pp. 332-354

Author(s):

Chitra A. Dhawale ◽

Naveen D. Jambhekar

Keyword(s):

Communication Network ◽

Performance Analysis ◽

Information Security ◽

Digital Image ◽

Data Communication ◽

Image Steganography ◽

Digital Data ◽

Confidential Information ◽

Unauthorized Access ◽

Data Communication Network

Digital data transmitted over the insecure communication can be prone to attacks. Intruders try various attacks to unauthorized access of the confidential information. The Steganography is such as security system that provide the protection to the images, text and other type of data digitally transferred through the data communication network. This chapter elaborates the basics of Digital Image Steganographic techniques from ancient era to digital edge, types of images used for the steganography, payload used for the steganography, various attacks and different algorithms that can provide the information security. The performance analysis of the various Digital Image Steganographic algorithms are discussed. The current applications and their necessities are discussed in this chapter.

Download Full-text

The Market Value and Reputational Effects from Lost Confidential Information

International Journal of Financial Management ◽

10.21863/ijfm/2015.5.4.020 ◽

2015 ◽

Vol 5 (4) ◽

Cited By ~ 2

Author(s):

Joseph K. Tanimura ◽

Eric W. Wehrly

Keyword(s):

Information Security ◽

Market Value ◽

Direct Costs ◽

Publicly Traded ◽

Confidential Information ◽

Publicly Traded Companies ◽

Security Breaches ◽

Customer Information ◽

Employee Information

According to many business publications, firms that experience information security breaches suffer substantial reputational penalties. This paper examines incidents in which confidential information, for a firms customers or employees, is stolen from or lost by publicly traded companies. Firms that experience such breaches suffer statistically significant losses in the market value of their equity. On the whole, the data indicate that these losses are of similar magnitudes to the direct costs. Thus, direct costs, and not reputational penalties, are the primary deterrents to information security breaches. Contrary to many published assertions, on average, firms that lose customer information do not suffer reputational penalties. However, when firms lose employee information, we find significant reputational penalties.

Download Full-text

Protective Coating Based on Carbon Nanotubes to Ensure Information Security of Particularly Important Objects and Confidential Information

"Smart Technologies" for Society, State and Economy - Lecture Notes in Networks and Systems ◽

10.1007/978-3-030-59126-7_19 ◽

2020 ◽

pp. 164-171

Author(s):

Ilya S. Dvuzhilov ◽

Yulia V. Dvuzhilova ◽

Mikhail M. Belonenko

Keyword(s):

Carbon Nanotubes ◽

Information Security ◽

Protective Coating ◽

Confidential Information

Download Full-text

Improved Algorithm of Steganography Combined with Cryptography

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.35792 ◽

2021 ◽

Vol 9 (VI) ◽

pp. 3793-3804

Author(s):

Anees Banu

Keyword(s):

Information Security ◽

Multimedia Information ◽

Secret Data ◽

Confidential Information ◽

Additional Layer ◽

Confidential Data ◽

The World ◽

Cryptographic Algorithms ◽

Written Form ◽

Improved Algorithm

When it comes to preventing unauthorised access to, destruction of, or inspection of confidential data, information security has always been a major factor. Multimedia information is now used in every field throughout the world. The confidential information that is used in these areas must be kept secure. There are a variety of methods for keeping data secure. One of these is steganography, which is concealing information within other data into a format that the cover information remains unchanged. Cryptography, an encryption process that scrambles data into a written form that is sometimes referred to as a hash, is an auxiliary approach for securing information. Steganography and cryptography each have their own set of benefits and drawbacks. Even though both technologies give security, it is usually a good practise to combine Cryptographic algorithms to create additional layers of security. When cryptographic with steganography are combined, a multi-layer security paradigm is created. The proposed work's main goal is to add an additional layer of protection by using cryptography and steganography to encrypt and embed secret data conveyed across an insecure channel.

Download Full-text

AUTOMATED SYSTEM FOR ESTIMATION-EFFICIENCYSOFTWARE MEANS OF IN-FORMATION PROTECTION

Automation and modeling in design and management of ◽

10.30987/article_5cf2d22c9dcd72.20436206 ◽

2019 ◽

Vol 2019 (2) ◽

pp. 25-32

Author(s):

Алексей Горлов ◽

Aleksey Gorlov ◽

Михаил Рытов ◽

Mikhail Rytov ◽

Дмитрий Лысов ◽

...

Keyword(s):

Information Security ◽

Automated System ◽

Security Threats ◽

Information Protection ◽

Technical Documentation ◽

Confidential Information ◽

Hardware System ◽

Material Costs ◽

Software And Hardware

This article discusses the process of automating the assessment of the effectiveness of software and hardware information protection by creating an automated system. The main functions of the proposed system are: conducting an audit of information security, forming a model of information security threats, forming recommendations for creating a software and hardware system for protecting information, and creating organizational-technical documentation. The developed automated system for evaluating the effectiveness of software and hardware protection of information allows in an automated way to build a model of information security threats, to form organizational and technical documentation governing the protection of confidential information, and also to make recommendations for improving the software and hardware system for protecting information. The use of this system will significantly reduce the time and material costs of auditing information security and developing additional measures to protect information.

Download Full-text