The essence of administrative and legal regulation of the activities of the subjects of the national cybersecurity system of Ukraine has been established, which consists in building an effective system for ensuring cybersecurity and requires from the state bodies of Ukraine a clear legal definition of the principles of state policy in this area and an advanced response to dynamic changes taking place in the world in the field of cybersecurity. The classifier of threats to the security of information resources has been improved, which, in contrast to the existing ones, is based on a synergetic model of threats, which allows to classify threats by security components, types of services, and hierarchy levels of the infrastructure of automated systems, to assess the synergy and hybridity of threats to information security, cybersecurity, information security, and the likelihood of their impact on the security of information resources. It has been proved that the choice of specific means and ways of ensuring the cybersecurity of Ukraine is conditioned by the need to take timely measures adequate to the nature and scale of real and potential cybernetic threats to the vital interests of a person and citizen, society and the state. The purpose of the cybersecurity system of Ukraine has been clarified. The task of the cybersecurity system is to create the necessary conditions in cyberspace, under which it is possible to achieve national goals and realize the interests, tasks, and goals of its elements.
It has been revealed that the legal and doctrinal basis of information security in Ukraine developed symptomatically and haphazardly. This is largely due to the fact that modern research methods are based on different worldview positions, solve research problems in different ways, and also use excellent research strategies. In addition, information security was primarily viewed as the information security of the state. Subsequently, the intensification of informatization processes in all areas, especially the growth in the importance of technical protection of information, led to the formation of legal support for the protection of information as an integral component of the security of enterprises, institutions and organizations, as well as individual sectors of the economy. At the turn of the millennium, the question of international information security, as well as cybersecurity as part of information security, became acute. The stages of the formation of Ukrainian legislation in the information sphere in general, and information security in particular, have been analyzed, and it has been found that at each of these stages, the information security of a person remained a secondary issue. Increasing the efficiency of administrative and legal support for information security in Ukraine is possible through the implementation of a set of legal measures, which include: clear reflection in law and state institutions of the orientation on the combination of public and private economic interests in the information sphere; constant and consistent use of all human rights mechanisms and procedures to overcome conflicts in the information sphere; raising the legal level of consciousness and activities of civil servants, representatives of all branches and levels of government, and the country’s population.
The article is devoted to study of information security as a challenge of modern development of information and computer technologies. It was found that achievement of a satisfactory level of information security, which is a state of safety of balanced important interests of an individual, society and state against internal and external threats in the information sphere, is possible based on economic, organizational, technical, legal, psychological and other methods. Existing threats to the information security in Ukraine have been identified. The concept and essence of hybrid war as one of the threats to protection of information interests of an individual, society and the state are considered separately. A conclusion was made about the expediency of supplementing the Information Security Doctrine of Ukraine with such a threat as a hybrid war, which actually takes place in the east of the country. A system of information security components in Ukraine has been disclosed, among which a particular attention has been paid to the Ministry of Information Policy of Ukraine and the State Agency for Electronic Governance of Ukraine. In order to improve the mechanism of protection of the information space of Ukraine, it is proposed to differentiate at the legislative level the concepts of “information security” and “cybersecurity”, since their understanding is the basis for the formulation and implementation of the state information policy, improve international cooperation between states to exchange experience, as well as to involve general public to protect the information space.
The article discusses the current state and prospects for the further development (modernization) in the area of information security (IS) in Kazakhstan. Special attention is paid to the challenges that may arise when taking cyber security measures in relation to special requirements of standards to security and an independent IS audit at essential objects of the information and communication infrastructure (EOICI). The purpose of the study is to analyze the challenges on introducing modern standards of IS in the context of forming the national cyber security system in the Republic of Kazakhstan. The study has determined that the current challenges on introducing modern IS standards to maintain a high level of cyber security are related to the underdevelopment of the regulatory framework for the list of EOICI, the creation of an IS audit system and an information and analytical system to form national IS indicators. Recommendations have been given, and areas for the further study have been identified.