ANALYSIS OF INFORMATION SECURITY MANAGEMENT SYSTEM FRAMEWORKS

ISMS is a set of policies, activities, and procedures implemented by the Information Security Department to maintain the confidentiality, integrity, and availability of information from threats and risks. Activities and procedures include identifying security needs, strategies required for implementation, and measuring results for security improvement. This paper aims to review the previous literature to verify the factors that affect information security management. Examination of current information security frameworks and standards, and this paper concluded that, for an organization to adopt a specific framework, this framework must be evaluated based on the security needs of the organization. The framework must include all factors that affect information security from all organizational aspects, people, and technology. Otherwise, the organization will face difficulties and obstacles in implementing the framework and improving security.

INFORMATIONAL SECURITY IN A GLOBAL SOCIETY

Background. In modern conditions, information is not just a technical category. The penetration of the latest technologies into all spheres of life has turned information into an economic category, which has become one of the most essential components of the functioning of the market and, at the same time, a regulator of economic processes. Therefore, interest in the problems of international information security is growing, both for the international community, the state and its regions as a whole, and separately for sectors of the economy, for institutions, for individuals. Analysis of recent research and publications hasshown that the issues of interaction between information and international information security, as well as with the economy, remain unresolved. An important issue is the analysis of information security conditions in the framework of modern world markets and globalization processes, the impact of the consequences of the coronavirus pandemic on the world economy. The aimof the articleis to consider the features of ensuring information security in the conditions of the Ukrainian economy, as well as to identify the nature of the transformation of international information security. Materials and methods. In the course of the research, the methods of analysis and synthesis, abstraction, systematization, identification, classification, comparison and generalization were used. Results. Despite the existence of a lot of theoretical and applied research in the field of information management technologies, the problem of a model description of the main characteristics of information interactions in the context of ensuring information security in organizational and economic systems remains very relevant. Based on the results of this study, the place of the information system in the enterprise management contour is shown, the logical connections of the documents of the information security management system within the framework of the international standard ISO/IEC 27000 are revealed, the problems of international information security that need to be addressed in the context of globalization are identified. The solution of these issues will contribute to the rational restructuring of the sphere of informatization and information policy of the state. Conclusion. It is proved that in Ukraine, the insufficient level of informatization and constant delays in solving the problems of information security and international information security, as well as the negative information impact, lead to huge losses, a slowdown in socio-economic development and a decrease in competitiveness at the world level. To prevent this, a rational restructuring of the sphere of informatization and information policy of Ukraine is necessary with the involvement of international support and the active participation of our state in the transformational processes of international information security to counter information threats using modern methods and legislation in this area. The outlined conceptual provisions require further scientific research of the methodological aspects of economics and management in the context of the transformation of the national economy under the influence of globalization processes and the place of the digital economy in it, the prospects for the use of new methods and management tools in the era of digital economy. Keywords: information security, globalization, international cooperation, international information security,threat, country.

ForeSight Approach to improve Privacy and Security in the Smart Living Domain

This contribution describes how to improve privacy and security for the Smart Living domain. Core elements of this approach adapt the Privacy by Design concept to the domain of smart living and extend it to enable artificial intelligence integration. To improve security, we created a minimum framework based on an existing information security management system to offer a holistic perspective on that topic. This, we think, is necessary, primarily if legacy Internet of Things devices should be supported

Analysis of the new central bank of the russia requirements for operational risk management to ensure information security.

On October 1, 2020, the new Regulation of the Central Bank of the Russian Federation No. 716-P “On requirements for the Operational risk Management System in a Credit institution and a banking group” came into force. The article is devoted to the analysis of the requirements of the regulation that must be taken into account before January 1, 2022 within the information security management system in connection with the use of a risk-oriented approach to the allocation of resources of a financial organization.

Research on Accounting Information Security Management Based on Blockchain

At present, accounting information presents various and complex characteristics, which leads to the decline in the comprehensive scheduling level of accounting information security management system. For this problem, a blockchain-based accounting information security management information model is designed. This paper constructs the blockchain accounting information security association blockchain Big Data analysis model and processes the sample data, uses the semantic rough feature matching method to decompose the characteristics of blockchain accounting information, realizes the feature information fusion and autocorrelation feature matching and finally reorganizes and manages the blockchain accounting information security. The simulation results show that this method has better comprehensive scheduling ability, information fusion scheduling ability is greater than 92%, convergence is greater than 91.8%, feature recognition rate is greater than 90.1%, and management accuracy is greater than 95.6%. The design method can effectively improve the security and stability of accounting information storage and management.

Development of the Information Security Management System Standard for Public Sector Organisations in Estonia

Standardisation gives us a common understanding or processes to do something in a commonly accepted way. In information security management, it means to achieve the appropriate security level in the context of known and unknown risks. Each government’s goal should be to provide digital services to its citizens with the acceptable level of confidentiality, integrity and availability. This study elicits the EU countries’ requirements for information security management system (ISMS) standards and provides the standards’ comparison requirements. The Estonian case is an example to illustrate the method when choosing or developing the appropriate ISMS standard to public sector organisations.

SYSTEM ANALYSIS OF TECHNICAL SYSTEMS FOR ENSURING INFORMATION SECURITY OF FIREEYE ENTERPRISES

Issues related to information security of the enterprise are considered. Information security is a set of tools and methods used to protect digital and analog information. The purpose of the information security management system and the role of technical means of information protection from information threats to the enterprise are shown. The methodical approach of the system analysis concerning maintenance of information security of the enterprise is used. To create and effectively operate an information security system, it is always necessary to use already established practices (standards, methodologies) to build such information security systems and implement them in information security management systems. Since modern systems of information security of the enterprise, as a rather complex organizational and technical systems, operate in conditions of uncertainty of the external and internal information environment, the management of such systems should be based only on the results of system analysis. The need to rethink the approaches and methods of systems analysis to the creation and development of modern information technologies is noted. Issues of information security should be considered as components in the creation of modern information security systems - from the moment of design, at all stages of operation and support. Global campaigns - vendors of computer systems pay considerable attention to increase their capacity to protect information through the development and improvement of technical means, in which a significant place is given to timely detection of threats, their analysis and prevention of negative impacts on reducing information security. One of the world's leading IT manufacturers is FireEye, a leader in the supply of its technical solutions. An analysis of technical solutions of FireEye, which is one of the world's leading IT manufacturers in the field of information security. Innovative solutions from the FireEye company at the enterprises of Ukraine for the purpose of increase of efficiency of detection of information modern threats and protection of the information are offered for realization.