scholarly journals Relevant Problems of Implementing State Policy in the Field of Ensuring Information Security of Ukraine

2021 ◽  
Vol 81 (2) ◽  
pp. 104-110
Author(s):  
Ye. V. Kobko ◽  
V. A. Kobko
Keyword(s):  
Information Security ◽  
Personal Information ◽  
Local Level ◽  
Economic Security ◽  
Security Level ◽  
Security Strategy ◽  
Security Issues ◽  
The Difference ◽  
The Government ◽  
Information Security Strategy

The emphasis has been placed on the fact that the state is currently aware of the importance of information security within its territory and takes a number of important steps in this direction, such as the development of a new Information Security Strategy. However, such steps are difficult to consider objective, since they do not take into account a number of legal and organizational problems that need to be addressed promptly. Such problems include the following. First of all, the existence of an extensive regulatory and legal base in the information sphere in general and ensuring economic security, in particular. A large number of laws and by-laws different in their content and essence significantly complicates the development of comprehensive measures to ensure information security of Ukraine, and therefore needs to be improved. The latter can be implemented by codifying the said regulatory and legal base and by adopting the Code of Ukraine on Information and Information Relations, where a separate Section will be focused on information security issues. Secondly, the current conditions, where Ukraine finds itself, require the government to quickly adopt a new modern Information Security Strategy, which will include a number of measures aimed at improving such security level, since the latter is undoubtedly one of the important components of national security. Thirdly, the issue of ensuring certain aspects of information security is attributed to the tasks of various state authorities (Parliament, Government, executive authorities, law enforcement agencies, etc.). Moreover, such issues should be addressed at the local level by both legal entities and individuals, in the latter case we can talk about the personal information security of each person. This multiplicity of subjects of information security and the difference in their powers necessitates the creation of an appropriate coordinating agency with special powers in the mentioned area.

Social engineering as a threat to personal financial security

2021 ◽  
Vol 17 (1) ◽  
pp. 150-166
Author(s):  
Andrei L. LOMAKIN ◽  
Evgenii Yu. KHRUSTALEV ◽  
Gleb A. KOSTYURIN
Keyword(s):  
Information Security ◽  
Personal Information ◽  
Public Awareness ◽  
Social Engineering ◽  
Training System ◽  
Security Threats ◽  
Security Threat ◽  
Public And Private ◽  
Security Issues ◽  
The Government

Subject. As the socio-economic relationships are getting digitalized so quickly, the society faces more and more instances of cybercrime. To effectively prevent arising threats to personal information security, it is necessary to know key social engineering methods and security activities to mitigate consequences of emerging threats. Objectives. We herein analyze and detect arising information security threats associated with social engineering. We set forth basic guidelines for preventing threats and improving the personal security from social engineering approaches. Methods. The study relies upon methods of systems analysis, synthesis, analogy and generalization. Results. We determined the most frequent instances associated with social engineering, which cause personal information security threats and possible implications. The article outlines guidelines for improving the persona; security from social engineering approaches as an information security threat. Conclusions and Relevance. To make information security threats associated with social engineering less probable, there should be a comprehensive approach implying two strategies. First, the information security protection should be technologically improved, fitted with various data protection, antivirus, anti-fishing software. Second, people should be more aware of information security issues. Raising the public awareness, the government, heads of various departments, top executives of public and private organizations should set an integrated training system for people, civil servants, employees to proliferate the knowledge of information security basics.

Blind information security strategy

2009 ◽  
Vol 2 (3) ◽  
pp. 95-109 ◽  
Author(s):  
Finn Olav Sveen ◽  
Jose M. Torres ◽  
Jose M. Sarriegi
Keyword(s):  
Information Security ◽  
Security Strategy ◽  
Information Security Strategy

A framework to assist email users in the identification of phishing attacks

2015 ◽  
Vol 23 (4) ◽  
pp. 370-381 ◽  
Author(s):  
André Lötter ◽  
Lynn Futcher
Keyword(s):  
User Interface ◽  
Focus Group ◽  
Information Security ◽  
Personal Information ◽  
Future Research ◽  
Security Level ◽  
Literature Study ◽  
Content Type ◽  
Phishing Attacks ◽  
Research Students

Purpose – The purpose of this paper is to propose a framework to address the problem that email users are not well-informed or assisted by their email clients in identifying possible phishing attacks, thereby putting their personal information at risk. This paper therefore addresses the human weakness (i.e. the user’s lack of knowledge of phishing attacks which causes them to fall victim to such attacks) as well as the software related issue of email clients not visually assisting and guiding the users through the user interface. Design/methodology/approach – A literature study was conducted in the main field of information security with a specific focus on understanding phishing attacks and a modelling technique was used to represent the proposed framework. This paper argues that the framework can be suitably implemented for email clients to raise awareness about phishing attacks. To validate the framework as a plausible mechanism, it was reviewed by a focus group within the School of Information and Communication Technology (ICT) at the Nelson Mandela Metropolitan University (NMMU). The focus group consisted of academics and research students in the field of information security. Findings – This paper argues that email clients should make use of feedback mechanisms to present security related aspects to their users, so as to make them aware of the characteristics pertaining to phishing attacks. To support this argument, it presents a framework to assist email users in the identification of phishing attacks. Research limitations/implications – Future research would yield interesting results if the proposed framework were implemented into an existing email client to determine the effect of the framework on the user’s level of awareness of phishing attacks. Furthermore, the list of characteristics could be expanded to include all phishing types (such as clone phishing, smishing, vishing and pharming). This would make the framework more dynamic in that it could then address all forms of phishing attacks. Practical implications – The proposed framework could enable email clients to provide assistance through the user interface. Visibly relaying the security level to the users of the email client, and providing short descriptions as to why a certain email is considered suspicious, could result in raising the awareness of the average email user with regard to phishing attacks. Originality/value – This research presents a framework that email clients can use to identify common forms of normal and spear phishing attacks. The proposed framework addresses the problem that the average Internet user lacks a baseline level of online security awareness. It argues that the email client is the ideal place to raise the awareness of users regarding phishing attacks.

Digitalization Security as a Marker of Modern Mechanical Engineering Technology Implementation in the Context of Ensuring Strategic Economic Security of Enterprises

2021 ◽  
Vol 18 ◽  
pp. 117-125
Author(s):  
Ievgeniia Mishchuk ◽  
Svitlana Rebrova ◽  
Petro Krush ◽  
Dmytro Zinchenko ◽  
Kateryna Astafieva
Keyword(s):  
Information Security ◽  
Technology Implementation ◽  
Economic Security ◽  
Machine Building ◽  
Security Level ◽  
Security Assessment ◽  
Engineering Technology ◽  
Economic Information ◽  
High Level ◽  
The Impact

The article demonstrates the impact of digitalization security on implementation of modernengineering technologies, substantiates their connections with provision of the strategic economic security of anenterprise, presents enhanced methods of assessing the current economic-information security of an enterprise’sinterests. The developed methods of digitalization security assessment have been tested at machine buildingenterprises of Ukraine. The security level has proved to be medium or low at most enterprises under study. Thework substantiates that absence of the systematic personnel policy aimed at personnel’s acquiring competences4.0, deficit of financing technologies 4.0 implementation, a low level of IT capital make it impossible to ensurea high level of strategic economic security at Ukraine’s machine building enterprises.

Sign in / Sign up

Export Citation Format

Share Document