It has been revealed that the legal and doctrinal basis of information security in Ukraine developed symptomatically and haphazardly. This is largely due to the fact that modern research methods are based on different worldview positions, solve research problems in different ways, and also use excellent research strategies. In addition, information security was primarily viewed as the information security of the state. Subsequently, the intensification of informatization processes in all areas, especially the growth in the importance of technical protection of information, led to the formation of legal support for the protection of information as an integral component of the security of enterprises, institutions and organizations, as well as individual sectors of the economy. At the turn of the millennium, the question of international information security, as well as cybersecurity as part of information security, became acute. The stages of the formation of Ukrainian legislation in the information sphere in general, and information security in particular, have been analyzed, and it has been found that at each of these stages, the information security of a person remained a secondary issue. Increasing the efficiency of administrative and legal support for information security in Ukraine is possible through the implementation of a set of legal measures, which include: clear reflection in law and state institutions of the orientation on the combination of public and private economic interests in the information sphere; constant and consistent use of all human rights mechanisms and procedures to overcome conflicts in the information sphere; raising the legal level of consciousness and activities of civil servants, representatives of all branches and levels of government, and the country’s population.
The human factor is a source of errors that arises not only in airports activities but also in the process of internal and external communication. The hybrid campaign consists of a spectrum of classic tools, called DIMEFIL, which affect the dimensions of power in seven areas (diplomacy / politics, information, armed forces, economics, finance, intelligence, public order and the rule of law) .
Hybrid threats are a complex and multidimensional threat caused by the convergence and interconnection of various elements of social life . The hybrid threat aim is to weaken mutual ties and conduct different types of espionage.
Espionage can be part of the attack preparation, mostly in a latent form, or to get information security technological progress. Determining the level of cyber security requires investigating phenomena and activities that could pose real or potential threats to the internal and external communications of critical infrastructure [3, 4].
Security of critical infrastructure is important not only in aviation but also in other industries such as metallurgy. This is mainly due to environmental protection and the possibility of an ecological disaster . Modern society is not only connected by computer networks, but we are increasingly dependent on technical infrastructure.
The interconnectedness of the infrastructure systems creates a dependency where the failure of one infrastructure subject affects the functionality of other infrastructure elements . Mutual multilevel infrastructure systems interconnection is a modern society development basic prerequisite. Assessing the level of infrastructure vulnerability is directed in two ways, technical and human failure.
The authors analyzed aerospace technical infrastructure inter-connectivity and an internal communication vulnerability. The authors analyzed the elements of an inter-connectivity level protection of aerospace technical infrastructure and internal communication vulnerability.
The authors concluded that by reducing the disconnection point’s number and splitting internal ways, they are a possible solution to cut the penetration possibility into the internal network of air transport entities.
The results of the research show that interdependent systems should have internal systems divided into open systems for outdoor and indoor access, with no external access. Protection against intrusion is the first phase and requires the firewalls and antivirus programs implementation in the critical infrastructure network.
The monitoring systems implementation is the most suitable solution to protect against data leaks, which is the most risky area, by employees and visitors. An aircraft monitoring system gains, monitors, process, and records aircraft system condition (characteristics) and failures .
The authors believe that the ongoing use of penetration tests  based on a simulated hacker attack is a proper method of verifying the level of cyber security.
The article discusses the current state and prospects for the further development (modernization) in the area of information security (IS) in Kazakhstan. Special attention is paid to the challenges that may arise when taking cyber security measures in relation to special requirements of standards to security and an independent IS audit at essential objects of the information and communication infrastructure (EOICI). The purpose of the study is to analyze the challenges on introducing modern standards of IS in the context of forming the national cyber security system in the Republic of Kazakhstan. The study has determined that the current challenges on introducing modern IS standards to maintain a high level of cyber security are related to the underdevelopment of the regulatory framework for the list of EOICI, the creation of an IS audit system and an information and analytical system to form national IS indicators. Recommendations have been given, and areas for the further study have been identified.
Given the global nature of cyber threats, assurance of a cyber security policy is very important not only at the local organisation level, but also at national and international level. Currently, cyber security as such is not suitably regulated internationally; therefore, the role of national cyber security strategies has become particularly significant. Lithuania is among the leaders in the EU and globally in the development of the optical fibre network. FTTP coverage has already reached 95%, the highest in the EU. Regardless of that, the cyber security programme effective in Lithuania does not provide conditions to ensure an appropriate level of cyber security and may not be regarded as a high-level contemporary strategic document in the area of cyber security. This article presents a study the main outcome of which are guidelines for a contemporary model of the Lithuanian national cyber security strategy. Based on comparative and historical studies as well as expert interviews conducted by authors and on the best practice of other countries, the article presents the elements of a model of the Lithuanian national cyber security strategy as well as guidelines on the content of these elements of the model. The article also reveals which elements of the model of the national cyber security strategy should most of all reflect the national situation and which elements may be unified and possibly also adapted in the cyber security strategies of other countries.
In the last few decades, the understanding of security has been changing. New areas emerged which may influence security facets, which were not urgent earlier. Now those facets can endanger individual persons or even states. Breaches of cyber security, separate attacks or intense cyber wars are becoming more usual than conventional wars in the physical space; violations of cyber security may cause great damage, ruin businesses or even temporarily paralyze full-fledged functioning of individual states or regions. Many countries of the world, realizing that such a threat is real, adopted Cyber Security Strategies; for some countries, this is not the first version of such a strategy. This article examines the place of Cyber Security Strategies in the system of state documents, the nature and importance of such strategies as well as whether they are binding on individuals and institutions. The article explores in more detail the principles of ensuring cyber security provided for in such strategies, i.e. the principles identified by the states, as important for ensuring cyber security. It is discussed why these principles are so different in the strategies of individual states.