Analysis of the Information Security Arrangement in Russia and Other Countries

Purpose of research.This article discusses various techniques for information security implementation used in certain countries; presents analysis and comparison of the degree of information security development in the Russian Federation. A brief history of the origin and subsequent dynamics of the development of this area in different countries is given. The objectives of this article are to analyze the legislation basis of different countries, namely the laws, regulations, decrees related to the sphere of information and personal data security and to develop a technique to increase the share of prevented attacks against information systems.

Methods.The peculiarities of forms of information security implementations in the Russian Federation, the United States of America, Germany,and  Francewas studied. The article analizes the current global international standards for standardization of security measures and systems related to the ISO / IEC 27000system, and the level of their implementation in Russia. The method of Saati hierarchies was chosen as the research method.

Results. Theconducted research allowed us to reveal possible shortcomings of information security implementation in Russia by means of drawing an analogy with other countries with a more developed information security systems. Russian legislative framework contains many laws and regulations that affect personal data protection and processing, but their number and arrangement clarity is not sufficient and needs to be enhanced.

Conclusion. As a result of the analysis it can be concluded that Russia pays considerable attention to information security implementation; different measures have been taken to its ensurance; a number of Federal laws have been enacted. However, the regulatory framework of the Russian Federation, the purpose of which is to protect information and personal data, has a relatively short history of development and needs enhancement.

information security, cyberattack, information security laws, personal data

1. Panishev V.S., Tanygin M.O. Informacionnaya bezopanost’ [Information security]: Kursk, 2017, 196p. (In Russ.).

2. Karta kiberugroz v regime realnogo vremeni [Real-time cyber threat map] (In Russ.).Available at: https://cybermap.kaspersky.com/ru. (accessed: 22.11.2018).

3. "Konsultant Plus" - zakonodatelstvo RF: kodeksy, zakony, ukazy, postanovleniya pravitelstva RF [“Consultant Plus” - the legislation of the Russian Federation: codes, laws, decrees, decrees of the government of the Russian Federation]. (In Russ.)Available at:http://www.consultant.ru/. (accessed: 23.11.2018).

4. Evseeva A.A., Kaluckiy I.V., Spevakov A.G. Sravnitelniy analiz rossiiskogo i ki-taiskogo zakonodatelstva v oblasty obrabotki i zashity personalnyh dannyh[Comparative analysis of Russian and Chinese legislation in the field of processing and protection of personal data]. Izvestiya Yugo-Zapadnogo gosudarstvennogo universiteta = Proceedings of the Southwest State University, 2016,no.7,pp.78-84 (In Russ.).

5. Systema zashity informacij v vedushih zarubegnih stranah [Information security system in leading foreign countries]. Available at:http://webkonspect.com/?room=profile&id=11572&labelid=162322.(accessed: 23.11.2018).

6. Popykin A.V. Informatsionnaya bezopasnost’ Rossij v sisteme mnogopolyarnogo sotrudnichestva [Information security of Russia in the system of multipolar coopera-tion].Aktualnye problem megdunarodhyh otnosheniy v usloviyah formirovaniya multipolyarnogo mira = Actual problems of international relations in the context of the formation of a multipolar world. Kursk, 2015,pp.129-131 (In Russ.).

7. Averchenkov V.I. Sistemy zashity informatsij v vedushih zarubegnih stranah [Information security systems in leading foreign countries]. Bryansk, 2007, 225 p. (In Russ.).

8. Ostrockaya S.V., Kaluckiy I.V. Model’ interactivnogo spravochnogo resursa svedeniy i rekomendaciy v oblasty bezopasnosty subjektov personalnyh dannyh [A model of an interactive reference resource of information and recommendations in the field of security of personal data subjects].Izvestiya Yugo-Zapadnogo gosudarstvennogo universiteta = Proceedings of the Southwest State University, 2018,no.2,pp.73-81 (In Russ.).

9. Obshiye svedeniya o standartah serij ISO 27000 [General information on the standards of the ISO 27000 series] (In Russ.). Available at: http://www.iso27000.ru/standarty/iso-27000-mezhdunarodnye-standarty-upravleniya-informacionnoi-bezopasnostyu-1/iso-27000-mezhdunarodnye-standarty-upravleniya-informacionnoi-bezopasnostyu. (accessed 24.11.2018).

10. Dobritsa V.P., Spevakov A.G., Guborev A.A. Algoritm iskluchaushego preobrazovaniya dannyh [Exclusion data conversion algorithm]. Izvestiya Kurskogo gosudarstvennogo tekhnicheskogo universiteta = Proceedings of the Kursk State Technical University, 2010,no.1 (30),pp. 49-54 (In Russ.).

11. Graham J. Cyber Security Essentials. 2010, 331 p.