scholarly journals Improving the stochastic model to identify threats of damage or unauthorized leakage

2020 ◽  
Author(s):  
O. R. Stefurak ◽  
◽  
Yu. O. Tykhonov ◽  
O. A. Laptyev ◽  
S. A. Zozulya
Keyword(s):  
Information Security ◽  
Stochastic Model ◽  
Analytical Data ◽  
The State ◽  
Information Resources ◽  
Theory And Practice ◽  
Security Measures ◽  
Information Activity ◽  
Critical Components ◽  
National Information

The key role in building security systems of information resources as components of national information resources of the state is played by theory and practice, in which the scientific and methodological base is the basis for making sound and effective management decisions by information security of the state at all levels. The article identifies critical components of information space security based on an analytical analysis of threats of damage or unauthorized leakage of information at the objects of information activity. Based on the obtained analytical data, the stochastic model of threats of damage or unauthorized leakage of information at the objects of information activity has been improved. Based on the results of the proposed model, modeling was performed in order to confirm the analytical data and identified priorities for information security. The most critical areas and threats to information security are identified. The obtained results allow to plan the information security system taking into account the most probable threats. Plan and implement priority information security measures. Focus on protecting more likely areas of threat.

scholarly journals IMPROVED MODEL OF ESTIMATING ECONOMIC EXPENDITURES ON THE INFORMATION PROTECTION SYSTEM IN SOCIAL NETWORKS

2021 ◽  
Vol 12 (4) ◽  
pp. 19-28
Author(s):  
Oleksandr Laptiev ◽  
Valentyn Sobchuk ◽  
Andrii Sobchuk ◽  
Serhii Laptiev ◽  
Tatiana Laptieva
Keyword(s):  
Social Networks ◽  
Information Security ◽  
Value Of Information ◽  
The State ◽  
Information Resources ◽  
Security System ◽  
Theory And Practice ◽  
Information Protection ◽  
Economic Costs ◽  
Proposed Model

In modern conditions, an important role in ensuring the information security of the enterprise and especially its economic component belongs to the processes of information security of the state as a whole. The key role in building security systems of information resources as components of national information resources of the state is played by theory and practice, in which the scientific and methodological basis is the basis for making sound and effective management decisions of the information security of the state at all levels. The article analyzes the approaches to estimating the assessment of economic costs for the information security system. The base model is selected. Using the basic model of assessing the level of protection of information in the social network from external influences on the information social resource, improvements were made to assess the economic feasibility of implementing a mechanism of technical means of information protection in social networks depending on the value of information. The improvement is based on the assumption that the amount of funds allocated by the attacking party is equal to the value of the information, the value of the information is the same for both parties, and the opposing parties are on equal terms. The main parameters on which the efficiency of the proposed model of estimating economic costs depends. The efficiency of the proposed model of estimating economic costs depends on the accuracy of formulating the probability of success of protection and determining the value of information. The prospect of further research and development may be aimed at taking into account in the model additional factors that affect the estimation of costs for the information security system, which will allow calculations to be performed with greater accuracy.

scholarly journals МІЖНАРОДНИЙ ДОСВІД ІНФОРМАЦІЙНОЇ БЕЗПЕКИ

2019 ◽  
pp. 95-109
Author(s):  
К. В. К. В. Захаренко
Keyword(s):  
Civil Society ◽  
Information Security ◽  
National Security ◽  
The State ◽  
Information Space ◽  
Modern World ◽  
Information Protection ◽  
Important Indicator ◽  
External Threats ◽  
National Information

In our state there are a number of complex problems in the field of information security that require urgent and radical solution. That’s why theoretical, methodological and political research of the problem of information security in Ukraine, which is experiencing a crisis phase of its development, is becoming especially relevant today. In order to develop an effective system of national information security, a detailed study of the experience of the leading countries of the world, which carry out effective information protection of their states and citizens, is necessary. Today there are national information security systems that have really proven their effectiveness and structural and functional perfection. Indeed, the successful development of a democratic state and civil society is possible only if the information resources are properly used and the state policy is implemented, which would ensure a high level of national information security. In the modern world, the basic principles and tools for the formation of effective information protection of the national security space have been developed already. At the same time, Ukraine needs to apply adequately the foreign experience of the most successful countries in this regard, correctly transforming it taking into account national specificity and the unique role of Ukraine in modern geopolitics. As an important indicator of the protection of citizens, society and state, information security is an integral part of national security. Therefore, its determination mainly focuses on preventing harmful effects that may result in various information threats, as well as eliminating and overcoming those effects with the least possible harm to society and humans. In this aspect, the study of not only the philosophical and phenomenological and socio-psychological determinants of information security of citizens, but also political and legal resources and mechanisms of protection of the information space of the state in the conditions of the functioning of the global information society acquires a special significance. А content analysis of the notion «information security» as a form of national security aimed at ensuring human rights and freedoms in relation to free information access, creation and implementation of secure information technologies and protection of the property rights of all participants of information activities, includes consideration of possible diversions in this area, especially at the international level. Today there is a situation of incompleteness of formation and fragmentary filling of the information space content of the country and the legislative base in our society. The efficiency of the information weapon itself has increased too quickly due to the rapid information circulation and the spread of information networks. As a result, mass media forms the «mass» person of our time, in turn this fact displaces traditional direct contacts, by dissociating people and replacing them by computers and television. At the same time it gives rise to apathy, uncritical attitude and indifference, it complicates the adequate orientation, causing the social disorientation. Informative safety has the human measuring. Therefore an important role in opposition to destructive external and internal informative influences is played by education of citizens. Her proper level called to provide the state and civil society. An in fact uneducated population easily is under destructive influence of informative threats of the modern global world. Unfortunately, Ukraine, does not have sufficient resources and technologies for adequate opposition to the external threats. Taking into account it strategy of forming of the national system of informative safety of our state can be only the maximal leveling of destructive influences from the side of external informative threats. To the end it is necessary to carry out democratic reforms Ukraine, generate civil society, to provide functioning of the legal state and increase of political and civil culture of population. At the same time it is necessary to bear reformers in a mind, that global nature of informative society predetermines rapid transformation of external threats in internal, converting them into permanent calls which are opened out within the limits of national in a civilized manner-informative and socio-political space. Besides modern global informative systems, mass medias, network facilities do a limit between external and internal threats almost unnoticeable.

scholarly journals INFLUENCE OF THE COUNTRY ECONOMIC DEVELOPMENT ON THE DEPENDENCE OF THE USE OF PERSONAL INFORMATION SECURITY AND THE CONSEQUENCES OF CYBERCRIME

2020 ◽  
pp. 188-198
Author(s):  
H. Yarovenko
Keyword(s):  
Cluster Analysis ◽  
Economic Development ◽  
Information Security ◽  
Personal Information ◽  
Practical Importance ◽  
Social Engineering ◽  
The State ◽  
Security Measures ◽  
Personal Security ◽  
The Impact

Over the past decade, there has been an increase in the volume of cybercrime in various spheres of life at the level of the state, economic agents, and individuals. Therefore, the issues of studying the processes of forming information security and identifying the impact on its effectiveness are becoming topical. The aim of this study is to prove the hypothesis that the behaviour of the population associated with the use of personal security measures and the formation of the corresponding consequences of incidents occurs under the influence of the level of economic development of the country. This was done using k-means cluster analysis via the Deductor Academic analytical platform and based on data from a survey conducted among respondents from EU countries. Analysis of the responses showed that there is a growing trend in the use of online banking and e-commerce services; there is an increase in the number of respondents who have become victims of cybercrimes, especially social engineering; the trend towards the use of reliable personal security equipment is declining. The results of the cluster analysis, for which data on the number of respondents who are victims of cybercrimes and the number of respondents using various personal security tools were used, made it possible to form 7 clusters of countries. Analysis of GDP per capita for the obtained clusters and visualization of the map of countries allowed us to confirm the hypothesis, but it was also determined that the dependence of the use of personal security measures and the consequences of cybercrimes is also influenced by the mental characteristics of countries formed due to the close territorial location of neighboring countries. The results obtained will be of practical importance for the development of the concept of information security and economic development of the state. They can be used to determine which sets of protection are appropriate for the income level of the population. Priority areas for further research are to determine the influence of other factors on the formation of the country's information security and the formation of a barycentric model of their measurements to ensure sustainable economic development of the state.

scholarly journals The Digital Society in the 21st Century: Security Issue

2021 ◽  
Author(s):  
D.M. Kovba ◽  
Y.Y. Moiseenko
Keyword(s):  
Information Security ◽  
The State ◽  
International Exchange ◽  
Negative Consequences ◽  
Security Measures ◽  
Security Issue ◽  
Effective Measure ◽  
Digital Society ◽  
Hard Power ◽  
Soft Security

Digitalization is thought to be a key driver of recent economic, cultural, political, and society transformations, with these changes entailing both positive and negative consequences. The negative ones include various risks and threats for information security of both society and state. As a result, there has been growing impetus to rethink the concept of security in the digital age. In this paper the discourse of security is discussed in terms of dichotomy between soft and hard power in a digitalized society. This discussion involves the following issues to be considered: 1) how this soft/hard range of power can be applied to the security problem; 2) how different information threats could be countered within the discourse of the state security; 3) how the soft security could be implemented in a digitalized society. Structured analysis, discourse analysis and conceptual approach are mainly involved to provide research methodology for the discussion. It should be noted that our research is conducted within theoretical framework established by B. Buzan, J. Nye, with the acknowledgment of the results obtained from the previous studies of the authors of this paper. The concept of security was productively discussed in terms of soft and hard power vocabulary. As a result of this discussion, soft security was interpreted as the measure of protecting something from harm in invisible, unobtrusive ways, whether hard security was designed to oppose challenges and threats and it is traditionally associated with methods of force. It was particularly established that hard security measures are likely to be applied in the military sector, while soft security measures are commonly used in a non-military context. Due to the concept of soft security has not yet been clearly defined and has not received recognition as a scientific term, it is argued that further investigation is demanded. Within this investigation, information security is interpreted as a special category of soft security. The relevant distinction between information security and cybersecurity is made, with the different frequency of using these terms in official discourses of different states being explained. It is also considered that the problems of soft security insurance cannot be solved at the level of individual states due to the transnational nature of digital technology, so it requires international responses. Therefore, establishing the normative force (i.e. elaboration of international rules and institutions) can be an effective measure, while an international exchange of experience in countering information threats seems to be very useful. Educational programs aimed both at creating qualified personnel in the field of digital technologies, as well as at the general public (improving information literacy), also contribute to ensuring the safety of society and the state. Keywords: information security, digital society, soft security, international relationships, cybersecurity

scholarly journals Correlation between Ensuring Information Security in the Banking System of Ukraine and National Critical Infrastructure Security

2019 ◽  
pp. 50-56
Author(s):  
Yurii Ivanov
Keyword(s):  
Information Security ◽  
Key Words ◽  
Critical Infrastructure ◽  
Banking System ◽  
Focus Of Attention ◽  
The State ◽  
Information Resources ◽  
Hybrid War

The article studies modern aspects of information security in the banking system in relation to the security of the critical infrastructure of the state. It is noted that in the conditions of hybrid war, when various means are used against our state that can harm the vital economic objects or the economy of the state as a whole. Banking system of Ukraine, in particular its information resources, is the first to be under the attack. That is why information security of the banking system should be in the focus of attention while developing the steps to critical infrastructure security. Key words: banking system of Ukraine, information security, critical infrastructure security.

ALGORITHM FOR DETERMINING THE DEGREE VALUES OF CONFIDENTIAL DOCUMENTS OF THE ORGANIZATION

2017 ◽  
pp. 80-88
Author(s):  
Sergey Valerevich Belov ◽  
Irina Mikhalovna Kosmacheva ◽  
Irina Vyacheslavovna Sibikina
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Value Of Information ◽  
Weighting Factor ◽  
State Regulation ◽  
The State ◽  
Information Security Management ◽  
Pair Comparison ◽  
The Russian Federation ◽  
Properties Of Information

To solve the problem of information security management the method was proposed that allows determining the degree of importance of confidential documents of the organization. The urgency of the proposed algorithm was substantiated taking into account the requirements of the legislation of the Russian Federation in the sphere of information security. The stages prior to the formation of the list of confidential documents of the organization were described. A review of the main documents of the legal and regulatory framework was carried out including documents relating to the state regulation of relations in the sphere of information security. The classes of protected information for the accessing categories were considered. The criteria changes of the value of information in the process of time were represented. The algorithm of formation of the list of confidential documents of the organization based on the properties of information was offered. The algorithm is based on an expert method of pair comparison of alternatives. The result of the use of this method is a number of confidential documents, ranked in descending order of importance. For each document the weighting factor of importance can be calculated. The verification stage of the degree of expert consistency was included in the methodology to eliminate the use of erroneous expert data. The application of the methodology is illustrated by a calculated example.

IRISK METHOD FOR SECURITY ESTIMATION OF THE SIMULATION POLYGON FOR THE PROTECTION OF CRITICAL INFORMATION RESOURCES

2019 ◽  
Author(s):  
Bogdan Korniyenko ◽  
Lilia Galata
Keyword(s):  
Risk Assessment ◽  
Information System ◽  
Information Security ◽  
Risk Analysis ◽  
Information Resources ◽  
Security System ◽  
Assessment System ◽  
Automated System ◽  
Information Risk ◽  
Critical Information

In this article, the research of information system protection by ana­ ly­ zing the risks for identifying threats for information security is considered. Information risk analysis is periodically conducted to identify information security threats and test the information security system. Currently, various information risk analysis techni­ ques exist and are being used, the main difference being the quantitative or qualitative risk assessment scales. On the basis of the existing methods of testing and evaluation of the vulnerabilities for the automated system, their advantages and disadvantages, for the possibility of further comparison of the spent resources and the security of the information system, the conclusion was made regarding the deter­ mi­ nation of the optimal method of testing the information security system in the context of the simulated polygon for the protection of critical information resources. A simula­ tion ground for the protection of critical information resources based on GNS3 application software has been developed and implemented. Among the considered methods of testing and risk analysis of the automated system, the optimal iRisk methodology was identified for testing the information security system on the basis of the simulated. The quantitative method Risk for security estimation is considered. Generalized iRisk risk assessment is calculated taking into account the following parameters: Vulnerabili­ ty  — vulnerability assessment, Threat — threat assessment, Control — assessment of security measures. The methodology includes a common CVSS vul­ nerability assessment system, which allows you to use constantly relevant coefficients for the calculation of vulnerabilities, as well as have a list of all major vulnerabilities that are associated with all modern software products that can be used in the automated system. The known software and hardware vulnerabilities of the ground are considered and the resistance of the built network to specific threats by the iRisk method is calculated.

Sign in / Sign up

Export Citation Format

Share Document