Open AccessDEFINING REQUIREMENTS TO DEVELOP INFORMATION SECURITY CONCEPT N HYBRID THREATS CONDITIONS. PART 1
Author(s) -
Yurii Borsukovskyi
Publication year - 2019
Publication title -
kìberbezpeka. osvìta, nauka, tehnìka
Language(s) - English
Resource type - Journals
ISSN - 2663-4023
DOI - 10.28925/2663-4023.2019.5.6172
Subject(s) - information security , computer security , information security management , information security standards , computer science , security information and event management , risk analysis (engineering) , information system , security through obscurity , key (lock) , cloud computing security , security service , business , network security policy , cloud computing , political science , law , operating system
Current article provides the analysis of recent trends in realization of cyber threats and collectsthe basic requirements for development of information security concept in hybrid threatsconditions. It covers the key tendencies of realization at cyber space of principles of hybrid war.Envisages that preconditions for occurrence of such hybrid wars constitute the interest ofgovernmental agencies in information that might be used by opposing parties in world`scompetition and political battles, as well the possibility of effective monetization of harmfulimpact at information and automated systems of companies. The article defines the necessity inadaptive development of directions in application of preventive actions at information and cybersecurity. It underlines the absence, at most cases, of strategy to ensure security of the keyinformation systems considering the existing risks. Article emphasize that the informationsecurity concept in hybrid threats conditions shall consider the possibility of completecompromising of systems of information and cyber security in case of targeted attack atinformation resources of structural units of state, banking and private organizations. It considersthe model structure of information security concept in hybrid threats conditions to ensure theeffectiveness of functioning of information and automated systems of information and cybersecurity in conditions of limited financing. It provides structure and content of the concept of information security in hybrid threats conditions. Article defines that the information securityconcept at hybrid threats conditions shall cover the main tasks and objectives, and the generalstrategy for development of IT and system for managing of information security within thecompany. It formulates the requirements and basic approaches to its implementation. The articledefines that the possible way to optimize the financial resources assigned for IT systems andinformation and cyber security systems according to the risks defined, might be the use of the bestworld practices, as well the strict coordination of requirements to ensure the informatization anddigital transformation from business and development of coordinated regulatory requirements tothe certain businesses from information and cyber security perspective.