CONCEPTUAL PRINCIPLES OF REVIEW OF THE STATE OF CYBERNETIC DEFENCE OF STATE INFORMATIVE RESOURCES AND CRITICAL INFORMATIVE INFRASTRUCTURE
Conceptual principles of organization and realization of Inspection of the condition of cyberprotection of critical informative infrastructure, state informative resources and information are considered in the article, a requirement in relation to defense of that is set by a law. Actuality of research of that is conditioned by both the requirements of current legislation and progress of sphere of national safety and defensive trends, by disparity of public administration and state policy to the requirements of the reliable and operative reacting on cyber threats, by a break and inconsistency between totality of conceptual documents and them real implementation, by absence of effective co-ordination and co-operation of constituents of the National cybersecurity system for real ensuring cyberprotection of critical informative infrastructure. The article substantiates and proposes the conceptual foundations of an integrated mechanism of state governance of Inspection of the state of cyber defense of critical information infrastructure, state information resources and information, the requirement for protection of which is established by law, taking into account international experience in this field, especially NATO countries and the EU. An Inspection of the condition of cyber protection is a component of a Comprehensive inspection of the security and defense sector. Among other types of inspection, he was defined in the Law of Ukraine "On National Security of Ukraine". Taking into account international experience and applying the unified approach introduced by the Law, the main objective of the Inspection of the condition of cyber defense is proposed as "to determine the real condition of the security and readiness of the objects to prevent cyber incidents, to respond promptly to cyber threats, to prevent, detect and protect against cyberattacks, to eliminate them, repair of functioning of these objects and systems". Also, the article proposes a system of principles for realization this Inspection, the tasks to be solved during its conduct, the mechanisms for their realization and presentation of its results.
2. Zakon Ukrainy «Pro osnovni zasady zabezpechennia kiberbezpeky Ukrainy» vid 05 zhovtnia 2017 r. № 2163-VIII [Law of Ukraine "On the Basic Principles of Cybersecurity of Ukraine" of October 05, 2017, No. 2163-VIII]. (n.d.). zakon3.rada.gov.ua. Retrieved from http://zakon3.rada.gov.ua/laws/show/2163-19 [in Ukrainian].
3. Zakon Ukrainy «Pro natsionalnu bezpeku Ukrainy» vid 21 chervnia 2018 r. № 2469-VIII [Law of Ukraine "On National Security of Ukraine" dated June 21, 2018, No. 2469-VIII]. (n.d.). zakon2.rada.gov.ua. Retrieved from http://zakon2.rada.gov.ua/laws/show/2163-19/print1509543369819103 [in Ukrainian].
4. Stratehiia kiberbezpeky Ukrainy, skhvalena Ukazom Prezydenta Ukrainy vid 15 bereznia 2016 r. № 96/2016 [Cybersecurity Strategy of Ukraine, approved by Decree of the President of Ukraine dated March 15, 2016, No. 96/2016]. (n.d.). zakon3.rada.gov.ua. Retrieved from http://zakon3.rada.gov.ua/laws/show/96/2016 [in Ukrainian].
5. Stratehiia natsionalnoi bezpeky Ukrainy, skhvalena Ukazom Prezydenta Ukrainy vid 26 travnia 2015 r. № 287/2015 [The National Security Strategy of Ukraine, approved by the Decree of the President of Ukraine dated May 26, 2015, No. 287/2015]. (n.d.). zakon4.rada.gov.ua. Retrieved from http://zakon4.rada.gov.ua/laws/show/287/2015 [in Ukrainian].
6. Dubov, D.V. (2018). Derzhavno-pryvatne partnerstvo u sferi kiberbezpeky: mizhnarodnyi dosvid ta mozhlyvosti dlia Ukrainy [Public-private partnership in the field of cybersecurity: international experience and opportunities for Ukraine]. Kyiv: NISS, 84 p. [in Ukrainian].
7. ISO/IEC 27004:2016 Information technology – Security techniques – Information security management – Monitoring, measurement, analysis and evaluation (second edition). (n.d.). www.iso27001security.com. Retrieved from http://www.iso27001security.com/html/27004.html [in English].
This work is licensed under a Creative Commons Attribution 4.0 International License.