Relevant Problems of Implementing State Policy in the Field of Ensuring Information Security of Ukraine

The emphasis has been placed on the fact that the state is currently aware of the importance of information security within its territory and takes a number of important steps in this direction, such as the development of a new Information Security Strategy. However, such steps are difficult to consider objective, since they do not take into account a number of legal and organizational problems that need to be addressed promptly. Such problems include the following. First of all, the existence of an extensive regulatory and legal base in the information sphere in general and ensuring economic security, in particular. A large number of laws and by-laws different in their content and essence significantly complicates the development of comprehensive measures to ensure information security of Ukraine, and therefore needs to be improved. The latter can be implemented by codifying the said regulatory and legal base and by adopting the Code of Ukraine on Information and Information Relations, where a separate Section will be focused on information security issues. Secondly, the current conditions, where Ukraine finds itself, require the government to quickly adopt a new modern Information Security Strategy, which will include a number of measures aimed at improving such security level, since the latter is undoubtedly one of the important components of national security. Thirdly, the issue of ensuring certain aspects of information security is attributed to the tasks of various state authorities (Parliament, Government, executive authorities, law enforcement agencies, etc.). Moreover, such issues should be addressed at the local level by both legal entities and individuals, in the latter case we can talk about the personal information security of each person. This multiplicity of subjects of information security and the difference in their powers necessitates the creation of an appropriate coordinating agency with special powers in the mentioned area.

STRATEGIC DIRECTIONS OF INFORMATION SECURITY MANAGEMENT OF AGRO-FOOD ENTERPRISES

The purpose of the article was to study the strategic directions of information security management of agricultural enterprises. Research methods. The tasks set out in the article were implemented using the methods of systematization and generalization, analysis and synthesis, dialectical approach. The results of the study. In the research course the main elements of the formation and implementation of the information strategy of agrarian entities were identified. Stakeholders in the formation and implementation of the information security strategy of the agricultural enterprise were identified. The main nine types of information strategies were described. There are: prevention strategy, containment strategy, surveillance strategy, detection strategy, response strategy, distraction strategy, perimeter protection strategy, compartmentalization strategy, layering strategy. On the basis of generalization of information security strategies of the agro-food enterprises the key directions of its formation and realization were determined. A logical outline of the forming process an information security strategy was constructed, which should be closely related to the main business goals of the enterprise and its corporate strategy. The current trends and best practices of information security development of the enterprise were considered. Conclusions. The research made it possible to determine the essence of information strategy of agricultural enterprises as a structured and interconnected set of weighted actions aimed at long-term protection of enterprise information objects. Practical value. The proposed process of forming the information strategy of agricultural edu-cation will allow agricultural enterprises to choose the optimal information strategy, which will be interdependent with the general strategy and will allow to form the necessary set of software, technical, hardware and organizational tools for the protection of information resources. Prospects for further research include the development of a methodology for determining the information security strategy of agrarian enterprise. Keywords: agricultural enterprise, agro-food sector, element, information security, strategic direction, information security strategy, digitalization.

Organisational Information Security Strategy: Review, Discussion and Future Research

Dependence on information, including for some of the world’s largest organisations such as governments and multi-national corporations, has grown rapidly in recent years. However, reports of information security breaches and their associated consequences indicate that attacks are escalating on organisations conducting these information-based activities. Organisations need to formulate strategy to secure their information, however gaps exist in knowledge. Through a thematic review of academic security literature, (1) we analyse the antecedent conditions that motivate the adoption of a comprehensive information security strategy, (2) the conceptual elements of strategy and (3) the benefits that are enjoyed post-adoption. Our contributions include a definition of information security strategy that moves from an internally-focussed protection of information towards a strategic view that considers the organisation, its resources and capabilities, and its external environment. Our findings are then used to suggest future research directions.

Analysis of Cloud Computing Information Security Strategy in Biznet Networks

Information security on cloud computing requires goodplanning and understanding of the risks, threats and vulnerabilities ofdata or information that is managed in a cloud computing environment.Measurement of information security in cloud computing is no differentto conventional information technology, which uses an approach basedon confidentiality, integrity and availability of information. Whereas thestandard used on information security such as NIST, CSA and COBITare often used to assess information security analysis of the cloudcomputing service providers. This research will review the informationsecurity strategy at Biznet Networks as a provider of cloud computingservices.