State and enterprise information security management: legal and organizational aspects
DOI:
https://doi.org/10.35774/app2020.01.103Keywords:
information security of the state, management of information security, organizational and legal principles of information security, information threats, protection of information of the enterpriseAbstract
The components of the state information policy on information security and the basic activities of public authorities in this field are reviewed in the article. The internal and external information challenges facing Ukraine and ways of ensuring information security are analyzed. Information security is seen as a component of national security, as well as a global problem of information security, information space, information sovereignty and information support decision-making.
The article is devoted to the review of approaches to the essence of threats to information security and politico-juridical analysis of threats to information security of Ukraine at the present stage. The threats of information security are analysed in the context of the system of threats of national security.
On base of the analysis of the condition normative-legal regulation to information safety of the Ukraine are determined main value and defect in normative field state on provision of information security.
The definition of information security of the enterprise is given.
The basic goals, objectives, principles and types of threats. At their core formed methodical approach to developing the information security systems of industrial enterprises.
The proposed enterprise information security system is regarded as a model of information warfare with the factors of internal and external environment, based on the analysis of modern approaches to the definition of information security, and on a synthesis of theoretical positions and experience of functioning of the organizations.
The use of the developed approach the Holy Practice of management of industrial enterprises will help to increase the efficiency of development, implementation and use of information security and prevent system or methodological errors at each stage.References
Vereskun, M. V. (2014) Metodychne zabezpechennia systemy informatsiinoi bezpeky promyslovykh pidpryiemstv [Methodical provision of information security system of industrial enterprises] (2014) Ekonomika i orhanizatsiia upravlinnia - Economics and organization of management, 1 (17), 54–60 [in Ukrainian].
Ilnytska, U. (2016). Informatsiina bezpeka Ukrainy: suchasni vyklyky, zahrozy ta mekhanizmy protydii nehatyvnym informatsiino-psykholohichnym vplyvam [Information security of Ukraine: current challenges, threats and mechanisms of countering negative information-psychological impacts]. Humanitarian vision - Humanitarnyi ohliad, 2 (1), 27–32. [in Ukrainian].
The concept of information security of Ukraine. [Online], Available at: http://mip.gov.ua/files/banners/Final%20Проект%20Концепції%20 (Текст)%20-%2030.09.15.pdf
Luzhetskyi, V. A., Kozhukhivskyi, A. D., Voitovych, O. P. (2013) Osnovy informatsiinoi bezpeky. [Fundamentals of Information Security]. Vinnytsia: VNTU [in Ukrainian].
Markina, I. A., Diachkov, D. V. (2016). Osnovy formuvannia systemy menedzhmentu informatsiinoi bezpeky pidpryiemstva [Fundamentals of formation of enterprise information security management system]. Problemy i perspektyvy rozvytku pidpryiemnytstva - Problems and prospects of entrepreneurship development, 3(1), 80-88. URL: http://nbuv.gov.ua/UJRN/piprp_2016_3(1)__18 [in Ukrainian].
Nashynets-Naumova, A. Yu. (2017), Informatsiina bezpeka: pytannia pravovoho rehuliuvannia: monohrafiia [Information security: issues of legal regulation]. Kyiv: Helvetyka [in Ukrainian].
Nyzenko, E. I., Kaleniak, V. P. (2006). Zabezpechennia informatsiinoi bezpeky pidpryiemnytstva: Navch. posib. [Ensuring information security of entrepreneurship]. Kyiv: MAUP [in Ukrainian].
Pecheniuk, A. (2014). Osoblyvosti orhanizatsii informatsiinoi bezpeky suchasnoho pidpryiemstva [Features of organization of information security of the modern enterprise]. URL: http://sophus.at.ua/publ/2014_04_ 17_18_kampodilsk/sekcija_4_2014_04_17_18/osoblivosti_organizaciji_informacijnoji_bezpeki_suchasnogo_pidpriemstva/54-1-0-931 [in Ukrainian].
Bilenchuk, P. D., Borysova, L. V., Neklonskyi, I. M., Sobyna, V. O. (2018). Pravovi zasady informatsiinoi bezpeky Ukrainy: monohrafiia [Legal basis of information security of Ukraine]. Kharkiv [in Ukrainian].
Sorokіvska, O.A. and Gevko, V.L. (2010). Informatsiina bezpeka pidpryiemstva : novi zahrozy ta perspektyvy. [Enterprise Information Security: New Threats and Prospects]. Vіsnik Hmelnickogo nacіonalnogo unіversitetu - Bulletin of Khmelnitsky National University, 2(2), 32–35 [in Ukrainian].
Stepanov, V. Yu. (2016). Informatsiina bezpeka yak skladova derzhavnoi informatsiinoi polityky [Information security as a component of state information policy]. Derzhavne budivnytstvo - State building, 2, 1–9 [in Ukrainian].
Ukaz Prezydenta Ukrainy Pro rishennia Rady natsionalnoi bezpeky i oborony Ukrainy vid 29 hrudnia 2016 roku «Pro Doktrynu informatsiinoi bezpeky Ukrainy» [Decree of the President of Ukraine On the decision of the National Security and Defense Council of December 29, 2016 “On the Doctrine of Information Security of Ukraine”]. Retrieved from https://zakon.rada.gov.ua/laws/show/47/2017 [in Ukrainian].
