scholarly journals Cybersecurity law of the People’s Republic of China as a key instrument for ensuring information security of the banking and finance system

2020 ◽  
pp. 47-55 ◽  
Author(s):  
Ella Gorian
Keyword(s):  
Information Security ◽  
Personal Data ◽  
Information Infrastructure ◽  
Finance System ◽  
Republic Of China ◽  
Critical Information ◽  
Banking And Finance ◽  
The People ◽  
The Law ◽  
Institutional Mechanism

The object of this research is the legal relations that emerge in ensuring informations security of the banking and finance system of the People’s Republic of China. The work characterizes China’s cybersecurity law, which was enacted in 2017. The author determines the key positions of this statutory act that establishes the foundation for national institutional and normative-legislative mechanism of ensuring information security of the banking and finance sectors as objects of critical information infrastructure. China’s cybersecurity law represents a fundamental piece of legislation that defines the principles, mechanisms and order of ensuring information security. It defines critical information infrastructure through nomenclature of the sectors and indication of criteria for designation of one or another sector as critical information infrastructure. The banking and finance sector meets such criteria, thus ensuring its information security is based on the general positions of this legislation. The law determines the regime of protection of personal data, as well as obligations of network carriers that are included into the institutional mechanism of provision of cybersecurity. All aforementioned facts make China’s cybersecurity law a key legislative instrument of the mechanism of ensuring information security of the banking and finance system.

scholarly journals Critical information infrastructure of the People’s Republic of China: peculiarities of legal regulation in the area of ensuring information security of the financial-banking sector

2020 ◽  
pp. 45-57
Author(s):  
Ella Gorian
Keyword(s):  
Information Security ◽  
Banking Sector ◽  
Information Infrastructure ◽  
The United States ◽  
Legal Regulation ◽  
High Tech ◽  
Republic Of China ◽  
Critical Information ◽  
The People ◽  
The Law

The object of this research is the legal relations emerging in regulation of critical information infrastructure with regards to ensuring information security of the financial-banking sector of the People’s Republic of China. Characteristic is given to the Law on Cybersecurity, acting and developing draft bills of the People’s Republic of China in the area of security of critical information infrastructure. The author examines the peculiarities of regulation of relations in the sphere of critical information infrastructure and their role in ensuring cybersecurity of financial-banking sector. Factors affecting formation of the national mechanism of ensuring security of critical information infrastructure are determined. For the purpose of acquiring most accurate scientific results, the author applies legal-dogmatic approach, hermeneutic and synergetic methods of scientific cognition. Despite the numerous existing and developing sources of legal regulation of critical information infrastructure, the normative mechanism of ensuring its security is characterized by interrelatedness, and reflects overall character of the regime of China’s digital policy. The Law on Cybersecurity of the People’s Republic of China establishes the general norms, as well as draft bills – special norms; and the standards contain high-tech methodical recommendations that allow clarifying possible ambiguity of general and special norms. However, even within the limits of this mechanism is observed a partial overlap of responsibilities, including in the financial-banking sector, which complicates the process of identification of objects and determination of subjects of critical information infrastructure. Establishment of the mechanism is also perplexed by the need of simultaneous achievement of goals in the spheres of national security and economy, particularly in opposition during talks with the United States, which promotes policy of economic expansion onto China’s market, using tariff and nontariff measures as the levers of pressure.

Ensuring the security of critical information infrastructure: the powers of the federal government bodies of the Russian Federation

2019 ◽  
Author(s):  
Ilia Pavlovich Mikhnev ◽  
Svetlana Vladimirovna Mikhneva
Keyword(s):  
Information Security ◽  
Federal Government ◽  
Russian Federation ◽  
Legal Status ◽  
Information Infrastructure ◽  
Critical Information ◽  
Security Service ◽  
Presidential Decree ◽  
Computer Attacks ◽  
The Russian Federation

The article discusses the competences and powers of the state authorities of the Russian Federation within their legal status in the field of ensuring the security of critical information infrastructure. Some functions and authorities in the field of information security have changed in a number of federal executive bodies. In particular, the Federal Security Service, on the basis of a presidential decree, is authorized to create a state system for detecting, preventing and eliminating the consequences of computer attacks on information resources of the Russian Federation. However, not all rights and obligations are enshrined; a number of powers cause the duality of the legal status of certain federal bodies of state power. The clarity and unambiguity of securing the rights and obligations of state bodies authorized in the field of information security are guarantees for effectively ensuring the security of important information infrastructure facilities.

scholarly journals ON THE FORMATION OF LEGAL AND SCIENTIFIC BASES OF ENSURING THE SAFETY OF CRITICAL INFORMATION INFRASTRUCTURE OF THE RUSSIAN FEDERATION

2019 ◽  
Vol 29 (5) ◽  
pp. 644-654
Author(s):  
N.M. Kurbatov
Keyword(s):  
Information Security ◽  
Russian Federation ◽  
Critical Infrastructure ◽  
Information Infrastructure ◽  
Significant Information ◽  
Critical Information ◽  
Foreign Countries ◽  
History Of ◽  
The Russian Federation ◽  
Definition Of

The concept of critical information infrastructure is analyzed. The history of its formation and consolidation in the legal space of Russian legislation is considered. The article studies the experience of foreign countries in the field of ensuring information security in general and protecting critical infrastructure in particular. The relevance of the chosen topic is due to the course taken by the Russian Federation for the development of the information society in the country, as well as the need to protect significant information systems and resources of state authorities. The author of the article reveals the terms included in the definition of critical information infrastructure, enshrined in the legislation of the Russian Federation. In conclusion, the main problems of the considered regulatory legal acts are highlighted, recommendations are given on the further development of the information security system of critical infrastructure.

Attackers

2012 ◽  
pp. 41-58
Author(s):  
Eduardo Gelbstein
Keyword(s):  
Information Security ◽  
Information Infrastructure ◽  
Critical Information ◽  
Weakest Link ◽  
Terrorist Organization ◽  
Security Expert

Of the three groups of components of information security – tools, processes, and people- the last one should be considered as the weakest link. People range from the tired or unaware employee that clicks on a link that infects a computer or a network, to the security expert working for a criminal, military, or terrorist organization attacking a critical information infrastructure. This chapter examines the various classes of potential attackers and the techniques currently used to perpetrate such attacks.

scholarly journals Information Security Of Estonia: Experience For Ukraine

2019 ◽  
pp. 26-38
Author(s):  
L.V. Zinych
Keyword(s):  
Information Security ◽  
Critical Infrastructure ◽  
Personal Data ◽  
Information Infrastructure ◽  
Administrative Services ◽  
Personal Data Protection ◽  
The Creation ◽  
The Republic ◽  
The Individual ◽  
Concept Of Information

The article deals with features of information security in the Republic of Estonia. It is noted that the main factors that have helped to increase the level of information security in Estonia are the developed information infrastructure, effective cybersecurity policy and reliable protection of personal data. Cybersecurity depends on a combination of cybercrime, provision of critical infrastructure and e-services, and national defense. In the area of personal data protection, it is reasonable to create a private data market where companies and researchers propose to submit a date of use and license / lease / sale related to offers or license, lease, sell or withdraw their data from use. Analyzing the experience of the Republic of Estonia in information security, there are several factors that have become the basis for the creation of a secure information environment. First, only a comprehensive information policy enables the security of enterprises, institutions, organizations and the state as a whole. Secondly, Estonia has made every effort to ensure cybersecurity (as a component of information security) and has created favorable conditions for the arrival of foreign IT companies with significant capital and innovation. Third, in the context of information security, considerable attention in Estonia is given to the protection and use of personal data, which is carried out as transparently as possible, using digital signatures and encrypted messages. Practical recommendations for Ukraine’s acquisition of Estonia’s information security experience are provided. We believe that raising the level of information security will help a number of the following activities: 1) Create a working group with the involvement of international experts to develop the concept of information security and regulatory support for its activities 2) Ensure the creation of a single national electronic information resource in the concept of information security. 3) Enter a unique national ID for the individual. 4) Create a single secure web portal for electronic services with the possibility of creating electronic offices of individuals for receiving administrative services. Keywords: information security, cybersecurity, information infrastructure, personal data.

scholarly journals Provision of security of the Unified Federal Information Register Containing Data on the Population of the Russian Federation

2020 ◽  
pp. 10-18
Author(s):  
Artem Nikolaevich Gulemin
Keyword(s):  
Information System ◽  
Public Relations ◽  
Russian Federation ◽  
Personal Data ◽  
Information Infrastructure ◽  
Legal Regulation ◽  
Critical Information ◽  
The Russian Federation ◽  
The Government ◽  
Legal Security

The object of this research is the public relations with regards to processing of information in the Unified Federal Information Register Containing Data on the Population of the Russian Federation n. Besides the Federal Law “On the Unified Federal Information Register Containing Data on the Population of the Russian Federation”, the subject of this research is legislation in the area of personal data and legislation on the critical information infrastructure. Based on the main formal and substantive aspects, the author defines the indicated register as a variety of register-based information; substantiates the relevance of application of the principles of framework regulation of information law in the context of creating the register; raises the question on the need to recognize the information system that processes data contained in the register as a valuable object of critical information infrastructure. The novelty of this research consists in the fact that this article is one of the first works dedicated to provision of legal security of the Unified Federal Information Register Containing Data on the Population of the Russian Federation. The following conclusions and proposals on improvement of legislation are formulated: 1) The principles of legal regulation established by legislation with regards to information as the object of legal regulation should be applied to the created register; any unauthorized actions with a separate register entry should be viewed as violation of integrity of the entire object. 2) Due to critical importance of the data contained in the register, it is essential to set confidentiality restrictions, and recognize the federal nformation system that processes data contained in the register as a valuable object of critical information infrastructure. 3) In the text of the Law “On the Unified Federal Information Register Containing Data on the Population of the Russian Federation”, it is necessary to specify the responsibilities of operator of the federal information system who maintains the federal register and compliance with the requirements of legislation on the security of critical information infrastructure. It is also necessary to clarify the provisions of the Decree of the Government of the Russian Federation that establishes a list of criteria of importance of the objects of critical information infrastructure of the Russian Federation and their value.

Sign in / Sign up

Export Citation Format

Share Document