scholarly journals Some issues of improving state planning in the sphere of cyber security in conditions of hybrid threats

2021 ◽  
pp. 114-122
Author(s):  
S. GRIBOIEDOV
Keyword(s):  
Strategic Planning ◽  
Public Administration ◽  
Cyber Security ◽  
Information Infrastructure ◽  
Information Resources ◽  
Security Strategy ◽  
State Planning ◽  
State Information ◽  
Critical Information ◽  
Hybrid Threats

The main principles of state strategic planning in the sphere of cybersecurity are considered. The directions of improvement of public administration in the field of cyber protection of a critical information infrastructure and state information resources are identified. The shortcomings of the Cyber Security Strategy of Ukraine in 2016 are analyzed and summarized. The draft of Cyber Security Strategy of Ukraine for 2021 – 2025 is considered and directions for its improvement are proposed. The prospects of strategic state planning in the sphere of cybersecurity in the context of the spread of hybrid threats are outlined.

scholarly journals Legal and organizational provision of protection of the critical information infrastructure from cyberattacks

2021 ◽  
pp. 121-128
Author(s):  
S. CIAPA
Keyword(s):  
United States ◽  
Organizational Support ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Information Infrastructure ◽  
The United States ◽  
Cyber Attacks ◽  
Positive Experience ◽  
Security Strategy ◽  
Critical Information

The article considers the legal and organizational aspects of ensuring the protection of the critical information infrastructure from cyberattacks. Attention is drawn to the positive experience of the United States in ensuring the resilience of the objects of critical infrastructure. The provisions of the new Cyber Security Strategy of Ukraine are analyzed, one of the priorities of which is to improve the regulatory framework for cyber security of critical information infrastructure. The shortcomings of the previous Cyber Security Strategy of Ukraine (2016) are noted. Contains a detailed analysis of legislation and initiatives on providing cybersecurity. General requirements for cyber protection of critical infrastructure objects are considered. Based on the analysis of the current legislation on cyber security of Ukraine, ways to improve the legal and organizational support for the protection of the critical information infrastructure from cyber attacks are proposed.

scholarly journals Principles of legal regulation of the institute of information security

2021 ◽  
Vol 66 ◽  
pp. 129-134
Author(s):  
M.V. Baran
Keyword(s):  
Information Security ◽  
Cyber Security ◽  
Information Structure ◽  
Information Infrastructure ◽  
Legal Regulation ◽  
Careful Study ◽  
Basic Principles ◽  
Critical Information ◽  
Wide Range ◽  
Legal Security

The article in the context of methodologies of systematic analysis of legal phenomena reveals the content of the principles of legal regulation of the institute of information security. It is noted that information security is defined as the impossibility of causing harm by means of a security object, due to information and information structure. Principles play an important role in the legal provision of information security. The basic principles of legal regulation of the information sphere are enshrined in the Laws "On Information", "On the Basic Principles of Cyber Security of Ukraine", most of which are key to the development of legal regulation of information security processes. In order to improve the information security system from various challenges and threats, it is proposed to enshrine in information legislation the principle of presumption of security of critical information infrastructure, which establishes that critical information infrastructure is considered protected as long as the organizational and legal security of these facilities requirements set forth in regulations in the field of information security. It is stated that a wide range of problems of information security of the individual, society and state, development of cybersecurity culture, ensuring privacy and protection of access rights, protection of information systems, resources and networks, expanding the use of information technology in public administration, other information problems security needs careful study. The principles of legal regulation in the field of information security are revealed through normative detail. It is emphasized that with the development of scientific and technological progress and the latest forms of processing and use of information, the principles of regulation in the field of information security need to be correlated at the level of regulatory support.

scholarly journals International Practices of Countering the Unlawful Interference with the State Digital Information Resources

2019 ◽  
pp. 15-21
Author(s):  
Stanislav Petrov
Keyword(s):  
Law Enforcement ◽  
Cyber Security ◽  
The State ◽  
Information Resources ◽  
Digital Information ◽  
Cyber Defense ◽  
Law Enforcement Agencies ◽  
Security Systems ◽  
State Information ◽  
Unlawful Interference

The article deals with international practices of counteracting the unlawful interference with the state digital information resources. Conclusions are formulated on applying international practices for the development of cyber defense and cyber security systems in Ukraine, improvement of law enforcement agencies powers in investigating cases of the unlawful interference with the state digital information resources. Key words: information, resources, state information resources, state digital information resources.

Analysis of Cybersecurity Requirements of Automated Process Control Systems As Critical Information Infrastructure

2021 ◽  
Vol 43 (4) ◽  
pp. 103-112
Author(s):  
O. Bakalynskyi ◽  
◽  
D. Pakholchenko ◽  
Keyword(s):  
Process Control ◽  
Control Systems ◽  
Cyber Security ◽  
Information Infrastructure ◽  
Automated Control ◽  
Critical Information ◽  
Technological Processes ◽  
Process Control Systems ◽  
Automated Process

The analysis of the current legislation and the best world practices on cyber protection of automated control systems of technological processes in which requirements for realization of cyber protection of objects of critical information infrastructure are offered is carried out. Problematic issues related to cyber security of critical information infrastructure objects are given.

scholarly journals DEVELOPMENT OF CYBERSECURITY AUDIT METHODOLOGY FOR STATE INFORMATION SYSTEMS RELATED TO SIGNIFICANT OBJECTS OF CRITICAL INFORMATION INFRASTRUCTURE OPERATING ON THE BASIS OF DATA CENTERS

2020 ◽  
Vol 6 (1) ◽  
pp. 22-30
Author(s):  
Vladimir R. An ◽  
Valeria A. Tabakaeva ◽  
Valentin V. Selifanov
Keyword(s):  
Information Systems ◽  
Russian Federation ◽  
Data Centers ◽  
Information Infrastructure ◽  
State Control ◽  
State Information ◽  
Critical Information ◽  
State Secret ◽  
The Russian Federation ◽  
Support Software

The problem of developing a cybersecurity audit methodology for state information systems related to significant objects (SO) of critical information infrastructure (CII), operating on the basis of data centers is considered. In accordance with the requirements of the legislation, state control is carried out in accordance with the Order of the FSTEC of Russia dated February 11, 2013 №17 “Requirements. Ensuring the protection of information not constituting a state secret.” Currently, there are many international and domestic recommendations and practices to conducting cybersecurity audit of information systems, but they do not meet the existing and emerging requirements in the field of cybersecurity of SO CII of the Russian Federation and cannot be applied without significant improvement. The authors consider the issues that need to be solved in order to develop an audit methodology, analyze existing legislative and regulatory acts of the Russian Federation and Federal Executive bodies authorized in this area, methodological documents (MD) and standards, as well as possible reasons for the current situation. An algorithm of possible actions for conducting a cybersecurity audit in the course of state control is proposed. The algorithm is a result of compiling international practices (standards) and requirements adopted in the Russian Federation, as well as requirements to the necessary tools - vulnerability analysis systems and support software (database management systems).

scholarly journals Resilience and Protection of Critical Information Infrastructure Resilience and Protection of Critical Information Infrastructure 

2018 ◽  
Vol 20 (2) ◽  
pp. 110-114
Author(s):  
Petr Hruza
Keyword(s):  
Risk Assessment ◽  
Cyber Security ◽  
Information Infrastructure ◽  
Rapid Recovery ◽  
Cross Sectional ◽  
Original State ◽  
Critical Information ◽  
Emergency Events ◽  
Infrastructure Resilience

The article deals with resilience and protection of critical information infrastructure elements. The elements affect rapid recovery of the system to its original state and the increase of resistance during the subsequent emergency events. The article also deals with sectoral and cross-sectional criteria for determining the critical information infrastructure elements, which are closely related to resilience and protection. Risk assessment has been conducted in the area of critical information infrastructure. Finally, amendments of the Czech Cyber Security Act have been mentioned.

Sign in / Sign up

Export Citation Format

Share Document