Прикладна оцінка ризиків у системі забезпечення безпеки соціально-економічних процесів у кіберпросторі
Date
2020-02-24
Journal Title
Journal ISSN
Volume Title
Publisher
Видавництво Львівської політехніки
Lviv Politechnic Publishing House
Lviv Politechnic Publishing House
Abstract
Здійснено дослідження безпеки соціально-економічних процесів у віртуальному просторі.
З’ясовано вплив ключових тенденцій сучасності на формування превентивних та адаптивних механізмів
забезпечення інформаційної та кібернетичної безпеки підприємств. До
основних зараховано глобалізацію, інформатизацію та індивідуалізацію потреб споживачів,
медіатизацію суспільних явищ, детериторіалізацію та універсалізацію соціальних явищ.
Викладено авторське бачення моделі забезпечення безпеки в інформаційній віртуальній
сфері та співвідношення домінуючих ризиків, загроз та вразливостей соціально-економічного простору
України на прикладі ідентифікації та оцінювання ризиків у кіберпросторі в частині безпекового зрізу інформаційних та фінансових потоків.
In the paper investigated safety of socio-economic processes in the virtual space. Studied the main trends influence on formation of preventive and adaptive mechanisms for ensuring information and cyber security enterprises. Key trends of the modern business and social environment include: globalization, informatization and individualization of consumer needs; mediatization, territorialization and universalization of social phenomena. Presented an original ensuring security model for the virtual information sphere. In this model was invented a conceptual scheme for identifying the information security system: given the identification sequence and risks assessment in cyberspace by stages; risk identification; a description of the threats it poses; identification of vulnerable market segments; analysis and assessment of the risk occurrence probability level; analysis and assessment of the risk manifestation consequences level; score determination of the general rick level; proposal to eliminate the development environment risks of the study object; net risk identification; risks in cyberspace have been identified and assessed in terms of security and financial flows. Among the dominant risks of the external and internal security environment in the information virtual Ukrainian space the following are highlighted: insufficient system security, processes and technologies, disinformation and information asymmetry; high sensitivity of financial flows to the processes of the implementation of shock macroeconomic phenomena (including almost unsignificant currencies devaluation against the pandemic background) in terms of the safety of financial flows; technical, technological and personal vulnerability growth in the information sphere, due to the increasing cybercrime in terms of the information flow security. Among the mitigation measures and neutralization of the general risk level, was proposed the creation of a single protection system. The single data protection system should be based on: data protection progressive principles, tasks to ensure security from information influences, information infrastructure security, information rights, open access to information, publicity of open information, etc.; organizational and right mechanism of data protection. This mechanism is based on the need to streamline the responsibilities of information marked actors; state control over data manipulation; data manipulation standards development; information systems certification for their processing. Construction of database registers, as well as registration of owners and/or data administrators, third parties to whom the data was transferred for further manipulation; an independent coordination center formation for the state policy implementation in terms of monitoring compliance with data protection requirements, etc.; increasing the financial flow transparency, namely risk-oriented monitoring in digital currency exchanges and licensing of transactions in virtual currencies requires support from the Financial Action Task Force on Money Laundering and the Financial Intelligence Unit.
In the paper investigated safety of socio-economic processes in the virtual space. Studied the main trends influence on formation of preventive and adaptive mechanisms for ensuring information and cyber security enterprises. Key trends of the modern business and social environment include: globalization, informatization and individualization of consumer needs; mediatization, territorialization and universalization of social phenomena. Presented an original ensuring security model for the virtual information sphere. In this model was invented a conceptual scheme for identifying the information security system: given the identification sequence and risks assessment in cyberspace by stages; risk identification; a description of the threats it poses; identification of vulnerable market segments; analysis and assessment of the risk occurrence probability level; analysis and assessment of the risk manifestation consequences level; score determination of the general rick level; proposal to eliminate the development environment risks of the study object; net risk identification; risks in cyberspace have been identified and assessed in terms of security and financial flows. Among the dominant risks of the external and internal security environment in the information virtual Ukrainian space the following are highlighted: insufficient system security, processes and technologies, disinformation and information asymmetry; high sensitivity of financial flows to the processes of the implementation of shock macroeconomic phenomena (including almost unsignificant currencies devaluation against the pandemic background) in terms of the safety of financial flows; technical, technological and personal vulnerability growth in the information sphere, due to the increasing cybercrime in terms of the information flow security. Among the mitigation measures and neutralization of the general risk level, was proposed the creation of a single protection system. The single data protection system should be based on: data protection progressive principles, tasks to ensure security from information influences, information infrastructure security, information rights, open access to information, publicity of open information, etc.; organizational and right mechanism of data protection. This mechanism is based on the need to streamline the responsibilities of information marked actors; state control over data manipulation; data manipulation standards development; information systems certification for their processing. Construction of database registers, as well as registration of owners and/or data administrators, third parties to whom the data was transferred for further manipulation; an independent coordination center formation for the state policy implementation in terms of monitoring compliance with data protection requirements, etc.; increasing the financial flow transparency, namely risk-oriented monitoring in digital currency exchanges and licensing of transactions in virtual currencies requires support from the Financial Action Task Force on Money Laundering and the Financial Intelligence Unit.
Description
Keywords
глобалізація, інформатизація, ризики, небезпеки, загрози, кіберпростір, інформаційна безпека, забезпечення інформаційної безпеки, globalization, informatization, risks, dangers, threats, cyberspace, information security, ensuring information security
Citation
Шандрівська О. Є. Прикладна оцінка ризиків у системі забезпечення безпеки соціально-економічних процесів у кіберпросторі / О. Є. Шандрівська, Н. В. Шинкаренко // Вісник Національного університету “Львівська політехніка”. Серія: Проблеми економіки та управління. — Львів : Видавництво Львівської політехніки, 2020. — № 2(6). — С. 94–105.