scholarly journals LEGAL PROVISION OF INFORMATION SECURITY: THE EXPERIENCE OF THE COUNTRIES OF THE EUROPEAN UNION

2021 ◽  
pp. 514-516
Author(s):  
M.M. Slyvka ◽  
H.Yu. Lukianova
Keyword(s):  
European Union ◽  
Information Security ◽  
The European Union ◽  
Legal Provision

REGULATORY AND LEGAL SUPPORT OF INFORMATION SECURITY IN UKRAINE

2017 ◽  
Author(s):  
Oleksandr Malashko ◽  
◽  
Serhii Yesimov ◽  
Keyword(s):  
European Union ◽  
Information Security ◽  
National Security ◽  
Legal Regulation ◽  
The European Union ◽  
Basic Principles ◽  
Association Agreement ◽  
Legal Information ◽  
Current Information ◽  
Initial Stage

The article examines trends in the development of legal regulation of information security in Ukraine in the context of the implementation of the Association Agreement between Ukraine and the European Union. The current information legislation and regulations on information security are analyzed. The tendencies in the legal regulation of information security that took place at the initial stage of the formation of information legislation are revealed. Based on the factors that took place before the adoption of the Doctrine of information security of Ukraine, the laws of Ukraine “On the basic principles of ensuring the cybersecurity of Ukraine”, “On the national security of Ukraine”, in the context of the current legislation, based on the methodology of legal forecasting, it is concluded that in the future the development of normative legal information security will be developed on the basis of by-laws, mainly at the departmental level.

scholarly journals Information security frameworks for assisting GDPR compliance in banking industry

2020 ◽  
Vol 22 (3) ◽  
pp. 227-244
Author(s):  
João Serrado ◽  
Ruben Filipe Pereira ◽  
Miguel Mira da Silva ◽  
Isaías Scalabrin Bianchi
Keyword(s):  
European Union ◽  
Information Security ◽  
Design Science ◽  
Science Research ◽  
Research Process ◽  
The Body ◽  
The European Union ◽  
Structured Interviews ◽  
Content Type ◽  
General Data Protection Regulation

Purpose Data can nowadays be seen as the main asset of organizations and data leaks have a considerable impact on the organization’s image, revenues and possible consequences to the affected clients. One of the most critical industries is the bank. Information security frameworks (ISF) have been created to assist organizations and other frameworks evolved to update these domain practices. Recently, the European Union decided to create the general data protection regulation (GDPR), applicable to all organizations dealing with personal data of citizens residing in the European Union. Although considered a general regulation, GDPR implementation needs to align with some industries’ laws and policies. Especially in the Bank industry. How these ISF can assist the implementation of GDPR is not clear. Design/methodology/approach The design science research process was followed and semi-structured interviews performed. Findings A list of practices to assist the bank industry in GDPR implementation is provided. How each practice map with assessed ISF and GDPR requirements is also presented. Research limitations/implications As GDPR is a relatively recent subject, it is hard to find experts in the area. It is more difficult if the authors intend to find experienced people in the GDPR and bank industry. That is one of the main reasons this study does not include more interviews. Originality/value This research provides a novel artefact to the body of knowledge. The proposed artefact lists which ISF practices banks should implement to comply with GDPR. By doing it the artefact provides a centralized view about which ISF frameworks (or part of them) could be implemented to help banks comply with GDPR.

scholarly journals Instant democracy: a look forward to the EU’s digital future

2021 ◽  
Vol 7 (1) ◽  
pp. 67-81
Author(s):  
Miguel Pereira
Keyword(s):  
Social Media ◽  
European Union ◽  
Information Security ◽  
21St Century ◽  
Traditional Practices ◽  
The European Union ◽  
Participatory Budgeting ◽  
Security Issues ◽  
Digital Democracy ◽  
Technological Advances

Democracy’s resilience is being put to the test by the 21st century. The impactof globalisation and digitalisation has disenfranchised many but so have traditional democratic practices. In an era of constant and immediate communication, with society embracing technological advances while struggling to cope with its inadvertent effects, democracy is still tethered to traditional practices that limit citizens’ roles to casting their ballots every few years. However, theory is now being put to the test and experiments with digital democracy are popping up across the globe. In this article, we cover three participative democracy instruments, namely the European Citizens Initiative, e-Voting and e-Participatory Budgeting, delving into their potential and identifying their limitations, in the context of the European Union. We also cover the unforeseen threats to democracy posed by information security issues and social media.

scholarly journals Regulatory and Legal Enforcement of Cyber Security in Countries of the European Union: The Experience of Germany and France

Teisė ◽  
2021 ◽  
Vol 121 ◽  
pp. 135-147
Author(s):  
Sviatoslav Kavyn ◽  
Ivan Bratsuk ◽  
Anatoliy Lytvynenko
Keyword(s):  
European Union ◽  
Information Security ◽  
National Security ◽  
Legal Regulation ◽  
Vector System ◽  
The European Union ◽  
Member States ◽  
National Legislation ◽  
Eu Member States ◽  
The Eu

This article is devoted to the study of information security in the EU member states, in particular Germany and France, in the context of the analysis of their national legislation, state, national programs and regulations. Particular attention is paid to the study of the features of regulatory and legal security of information security of Germany and France in the context of the study of their national legislation in terms of economic security as an inherent component of national security. In the course of this study the peculiarities of the functioning of the institutional and legal mechanism of cyber defense in the context of the multi-vector system of international security and legal regulation of international cooperation are analyzed. The article substantiates the expediency of developing an integrated, coordinated information policy of the EU member states in order to unify approaches to information security.At the same time, the current realities of European Union policy require comprehensive research in the context of ensuring national interests, developing effective mechanisms for protecting the information space, and legal mechanisms for shaping the economic system as a strategic factor of national security. Accordingly, the approaches to information security adopted in the European Union are currently not unified due to the geopolitical specifics of the EU’s countries. Therefore, the research, evaluation, and implementation of the positive experience of Germany and France in this area, according to the authors, is important in building the information security system of the European Union in the context of reliable protection against cyber threats.

scholarly journals Governmental Regulation of Cybersecurity in the EU and Hungary after 2000

2020 ◽  
Vol 19 (1) ◽  
pp. 83-93
Author(s):  
Tamás Szádeczky
Keyword(s):  
European Union ◽  
Information Security ◽  
Critical Infrastructure ◽  
Service Providers ◽  
The United States ◽  
Practical Implementation ◽  
The European Union ◽  
Network Information ◽  
The Right ◽  
The Eu

The term information security evolved to cybersecurity nowadays, which emphasises the interdependence of information assets and the importance of cyber-physical systems. Parallel to this, the need for appropriate management of the EU and government strategies and new public administration tasks also appeared. In the European Union, the first measure concerning this issue was the establishment of the European Union Agency for Network and Information Security (ENISA) in 2004, mostly with consultative tasks. The first official cybersecurity strategy in the EU, called the Open, Safe and Secure Cyberspace, was accepted in 2013. Afterwards, ENISA’s role has been strengthened as well as its range of tasks were broadened. Beside the critical infrastructure protection efforts, the Network Information Security (NIS) directive and related legislation were a giant leap towards a common level of cybersecurity in the community. The formation of an EU Cybersecurity Act and filling NIS with more practical guidance is an ongoing process nowadays. Despite being a post-socialist country, Hungary is in the first line of legislation on cybersecurity in the community. Since 2005 there were several government decrees, from 2009 the first act-level rules on the information security of some governmental services. Based on the National Security Strategy, the National Cybersecurity Strategy was formed in 2013. The same year the first information security act applicable to all government, local government, governmental data processing and critical infrastructure service providers has come into force. The alignment of the National Cybersecurity Strategy to NIS directive happens these days. Thus, the regulation of cybersecurity in the EU and in Hungary are heading in the right direction, but the practical implementation today is far away from the strategic objectives. The community is lagging far behind the United States of America and China, just to mention the most important players in the field.

Information Security Risk Management in the European Union

2019 ◽  
pp. 275-292
Author(s):  
Anca Gabriela Petrescu ◽  
Nicoleta Sîrbu
Keyword(s):  
European Union ◽  
Risk Management ◽  
Information Security ◽  
The European Union ◽  
Security Risk ◽  
Management Information ◽  
Operational Risks ◽  
Information Security Risk ◽  
Risk Handling ◽  
Security Risk Management

Currently the organization's risk management covers a wider range of risks, especially operational risks, reputation risks to the organization, and more recently, strategic risks. Moreover, within a growing number of organizations, responsibilities associated with risk management are assumed by the top management, which generally coordinates the teams of specialists directly responsible for monitoring the risks and the risk handling measures. This chapter focuses on how to implement an approach to reduce the identified risks to the information conveyed through computer systems and communications. In additional, it presents EU regulations relevant to the analysis and risk management information security.

Sign in / Sign up

Export Citation Format

Share Document