INFORMATION SECURITY OF ENTERPRISES IN GLOBALIZATION CONDITIONS 4.0
Abstract
The growth of informatization and computerization of production and management processes, the strengthening of international cooperation, increasing the openness of the information space of society, the unstable macroeconomic situation in Ukraine, the criminalization of society, the increase in unemployment, low level of solvency of the population, actualized the need for information protection at domestic enterprises operating in competitive environment. European companies have long recognized the feasibility of using information security policies in their own activities. Often, information security programs are implemented by enterprises that deal with information communications, professional scientific and technical activities, electric and gas steam generation and water conditioning, real estate operations. The problem of information security in most developed countries of the world is a priority and is considered at the state level. However, the majority of domestic enterprises still do not have a "culture of information protection", that is, an understanding that their own information must be protected. The results of the research of the activity of industrial enterprises in the B2B market allowed to establish the main differences in the approaches to the implementation of measures to ensure the protection of information. To preserve information at enterprises, certain protective methods (organizational, technical, legal) may be used. In this case, the information security system should be adapted to the specific environment of the enterprise and its internal capabilities. That is why, for each individual enterprise, methods of protecting information can be different in scope and form. When ensuring the effective protection of information at enterprises, it is necessary to adhere to certain organizational and economic principles, the main of which are economic feasibility, activity, confidence, continuity, diversity, integrity (integrity) of information protection. The formation of a system of information security should primarily be carried out taking into account the principle of economic feasibility, that is, ensuring the optimal ratio of "protection of information / loss from information leakage". Optimization is achieved by minimizing the cost of protecting information, but the lower limit of costs can not be zero. Investigation of the relation of the management of industrial enterprises of the Rivne region to B2B sector to the estimation of losses from information leakage has made it possible to establish that only large enterprises partially estimate losses from information leakage (30,9%), with only a part of them (19,3%) used after that preventive measures to prevent information threats. With a decrease in the scale of enterprises, the level of scientific approach to the organization of information security is reduced.
References
Духов В.Е. Экономическая разведка и безопасность бизнеса. Киев: ИМСО МО Украины, НВФ «Студцентр», 1997. 175 с.
Зубик В.Б., Седегов Р.С., Абдула А. Экономическая безопасность предприятия (фирмы). Минск: Выш.шк., 1998. 391 с.
Организация и современные методы защиты информации; под общ. ред. Диева С.А., Шаваева А.Г. Москва: Концерн «Банк.Дел.Центр», 1998. 472 с.
Чернявский А.А. Промышленный шпионаж и безопасность предпринимательства. Киев: МАУП, 1994. 64с.
Шиферский А.А. Защита информации: проблемы теории и практики. Москва: Юристь, 1996. 112с.
Ярочкин В. Коммерческая информация фирмы. Москва: Ось–89, 1997. 79 с.
Ярочкин В. Система безопасности фирмы. Москва: Ось-89, 1998. 192 с.
Enterprises having a formally defined ICT security policy, by size class, EU-28, 2015 (% enterprises). Eurostat Statistics. URL: http://ec.europa.eu/eurostat/statistics-explained/index.php/File:Enterprises_having_a_formally_defined_ICT_security_policy,_by_size_class,_EU-28,_2015_(%25_enterprises)_new.png (дата звернення: 01.02.2019)
ICT security in enterprises. Eurostat Statistics. URL: http://ec.europa.eu/eurostat/statistics-explained/index.php/ICT_security_in_enterprises (дата звернення: 01.02.2019)
Cyber Attacks: Securing Agencies' ICT Systems. Australian National Audit Office. URL: https://www.anao.gov.au/work/performance-audit/cyber-attacks-securing-agencies-ict-systems (дата звернення: 01.02.2019)
Головне управління статистики у Рівненській області. URL: http://www.rv.ukrstat.gov.ua/ (дата звернення: 01.02.2019)
Бакланов В.В. Введение в информационную безопасность. Направления информационной защиты. Екатеринбург: УрГУ, 2012. 235 с.
Shephard D. Fascinating & Scary IT Security Statistics. URL: https://www.netiq.com/communities/cool-solutions/netiq-views/84-fascinating-it-security-statistics/ (дата звернення: 01.02.2019)
Астахов А.М. Искусство управления информационными рисками. Москва: ДМКПресс, 2010. 312 с.
Крикавський Є.В., Дейнега О.В., Дейнега І.О., Шелюк Л.О., Кратт О.А., Патора Р. Маркетингова інформація. Львів: Видавництво Львівської політехніки, 2014. 416 с.
Dukhov V.Ye. (1997) Ekonomicheskaya razvedka i bezopasnost' biznesa [Economic intelligence and business security]. Kiyev: IMSO MO Ukrainy, NVF «Studtsentr». (in Russian)
Zubik V.B., Sedegov R.S., Abdula A. (1998) Ekonomicheskaya bezopasnost' predpriyatiya (firmy) [Economic security of an enterprise (company)]. Minsk: Vysshaya shkola. (in Russian)
Organizatsiya i sovremennyye metody zashchity informatsii [Organization and modern methods of information protection]; pod obshch. red. Diyeva S.A., Shavayeva A.G. (1998) Moskva: Kontsern «Bank.Del.Tsentr». (in Russian)
Chernyavskiy A.A. (1994) Promyshlennyy shpionazh i bezopasnost' predprinimatel'stva [Industrial espionage and enterprise security]. Kiyev: MAUP.
Shiferskiy A.A. (1996) Zashchita informatsii: problemy teorii i praktiki [Information security: problems of theory and practice]. Moskva: Yurist'. (in Russian)
Yarochkin V. (1997) Kommercheskaya informatsiya firmy [Commercial information of the company]. Moskva: Os'–89. (in Russian)
Yarochkin V. (1998) Sistema bezopasnosti firmy [Security system of the company]. Moskva: Os'-89. (in Russian)
Enterprises having a formally defined ICT security policy, by size class, EU-28, 2015 (% enterprises). Eurostat Statistics. Available at: http://ec.europa.eu/eurostat/statistics-explained/index.php/File:Enterprises_having_a_formally_defined_ICT_security_policy,_by_size_class,_EU-28,_2015_(%25_enterprises)_new.png (accessed: 01.02.2019)
ICT security in enterprises. Eurostat Statistics. Available at: http://ec.europa.eu/eurostat/statistics-explained/index.php/ICT_security_in_enterprises (accessed: 01.02.2019)
Cyber Attacks: Securing Agencies' ICT Systems. Australian National Audit Office. Available at: https://www.anao.gov.au/work/performance-audit/cyber-attacks-securing-agencies-ict-systems (accessed: 01.02.2019)
Holovne upravlinnya statystyky u Rivnensʹkiy oblasti [The Main Department of Statistics in Rivne Oblast]. Available at: http://www.rv.ukrstat.gov.ua/ (accessed: 01.02.2019)
Baklanov V. V. (2012) Vvedeniye v informatsionnuyu bezopasnost'. Napravleniya informatsionnoy zashchity [Introduction to Information Security. Directions of information protection]. Yekaterinburg: UrGU. (in Russian)
Shephard D. Fascinating & Scary IT Security Statistics. Available at: https://www.netiq.com/communities/cool-solutions/netiq-views/84-fascinating-it-security-statistics/ (accessed: 01.02.2019)
Astakhov A.M. (2010) Iskusstvo upravleniya informatsionnymi riskami [The art of information risk management]. Moskva: DMKPress. (in Russian)
Krykavsʹkyy YE.V., Deyneha O.V., Deyneha I.O., Shelyuk L.O., Kratt O.A., Patora R. (2014) Marketynhova informatsiya [Marketing Information]. Lʹviv: Vydavnytstvo Lʹvivsʹkoyi politekhniky. (in Ukrainian)
_new.png){kind=link}