MANAGEMENT PRACTICES OF IMPLEMENTATION OF THE STATE POLICY FOR SECURITY OF CRITICAL INFORMATION INFRASTRUCTURE IN THE SUBJECT OF THE RUSSIAN FEDERATION
Article Sidebar
Main Article Content
https://orcid.org/0000-0002-8175-591X
Abstract
The modern Russian state is increasingly confronted with external aggression in the information space. There is an increase in the number of cyber threats (by 60% in 2024 compared to 2023), with 64% of the total number of cyberattacks in 2024 being on government bodies and institutions, including those with critical information infrastructure facilities (hereinafter - CII). Violations in the functioning of CII can lead to major economic losses, threaten human life and health, production security, defense capacity of the country, deprive its scientific and technical potential. Therefore, one of the main areas of work of state bodies becomes the protection of CII. Purpose of the article - to study managerial practices on implementation of state policy for security of CIII in the subject of the Russian Federation. Methods of research: Document analysis, formal legal method, analysis of statistical data, questionnaire, expert survey. Results. The scheme of interaction with state regulators has been developed for all participants in relations in the sphere of CII, but the subjects of CII bear additional financial costs to ensure the security of significant objects of CII; and the methodological assistance of the authorities is considered insufficient. State regulation of the use of information technologies and infrastructures of UPTEC on UrFO lags behind their development, participants in relations in the sphere of CII are not sufficiently protected from the information technological factors affecting them. Conclusion. The state security policy of the CII is implemented on the basis of legal acts, which regulate the relations of all participants in the sphere of the CII, defining their powers, rights and duties. For the effective implementation of state policy, it is necessary to introduce mandatory requirements in the legislation of the Russian Federation on the procedure for categorizing CII objects for CII entities among legal entities; Organization of targeted methodological assistance on the categorization of CII objects by the subjects of the state policy.
Downloads
Metrics
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided that the original work is properly cited.
References
Аккаева Х. А. Кибератаки на критическую информационную инфраструктуру // Право и управление. 2023. №9. С. 347-351. DOI: 10.24412/2224-9133-2023-9-347-351
Баянова Ю. А. Критическая информационная инфраструктура как объект обеспечения безопасности // Инновационная наука. 2021. № 10-2. С. 63-65.
Валенцев М. С. Критическая информационная инфраструктура: ответственность владельцев за нарушение ее функционирования // Синергия Наук. 2020. № 43. С. 685-689.
Карасев П. А., Стефанович Д. В. Кибербезопасность критически важной инфраструктуры: новые вызовы // Россия в глобальной политике. 2022. Т. 20, № 6(118). С. 147-164. DOI 10.31278/1810-6439-2022-20-6-147-16
Кобец П. Н. Роль Президента Российской Федерации В. В. Путина в объединении усилий мирового сообщества по совершенствованию информационной безопасности в киберпространстве // Правопорядок: история, теория, практика. 2022. № 2(33). С. 62-68
Кривоносов И. М., Дерновой А. Е. Критическая информационная инфраструктура - новые понятия и аспекты безопасности в современных реалиях // Гидротехника. 2023. № 2(71). С. 54-56. DOI 10.55326/22278400_2023_2_54.
Кузнецов С. А., Куликов И. А., Фоминых А. А. Сравнение КИИ и методов категорирования КИИ в РФ и США // Актуальные научные исследования в современном мире. 2021. № 6-1(74). С. 63-68.
Новые горизонты развития системы информационного права в условиях цифровой трансформации / отв. ред.: Т.А. Полякова, А.В. Минбалеев, В.Б. Наумов. Москва: Институт государства и права РАН, 2022. 368 с.
Об основных направлениях развития информационного права за 2000- 2015 гг. / Т. А. Полякова, А. А. Антопольский [и др.] // Государство и право. 2017. № 1. С. 71-79.
Пекарева В. В. Критическая информационная инфраструктура как объект уголовно-правовой охраны // Вестник общественной научно-исследовательской лаборатории «Взаимодействие уголовно-исполнительной системы с институтами гражданского общества: историко-правовые и теоретико-методологические аспекты». 2024. № 35. С. 120-127.
Международная безопасность в среде информационно-коммуникационных технологий / А. А. Стрельцов, А. Я. Капустин, Т. А. Полякова [и др.] ; Национальная Ассоциация международной информационной̆ безопасности. М.: НАМИБ, 2023. 132 с.
Фисун В. В. Методика оценки защищенности в интеллектуальной системе управления информационной безопасностью объектов критической информационной инфраструктуры // Национальная Ассоциация Ученых. 2022. № 77. С. 59-62. DOI: 10.31618/nas2413-5291.2022.1.77.575
Assaf D. Models of critical information infrastructure protection // International Journal of Critical Infrastructure Protection. 2008. Т. 1. С. 6-14. DOI: 10.1016/j.ijcip.2008.08.004
Hyslop M. Critical Information Infrastructure. Springer US, 2007. С. 61-76.
Pagnacco A. Critical Information Infrastructure Protection: Between Cybersecurity and Policymaking //ITASEC. 2021. С. 488-498.
Patterson C. A., Personick S. D. (ed.). Critical information infrastructure protection and the law: an overview of key issues. 2003. 93 p.
REFERENCES
Abidov R. R. (2022) Cyber attacks on critical information infrastructure as a threat to national security. Probely v rossijskom zakonodatel'stve. T. 15, no. 4. P.251-255. (In Russ.).
Akkaeva Kh. A. Cyber attacks on critical information infrastructure. Pravo i upravlenie. No.9. P. 347-351.
Bajanova Ju. A. (2021) Critical information infrastructure as a security object. Innovacionnaja nauka. No.10-2. P. 63-65. (In Russ.).
Valencev M. S. (2020) Critical information infrastructure: ownership responsibility for disruption. Sinergija Nauk. No 43. P. 685-689. (In Russ.).
Karasev P. A., Stefanovich D. V. (2022) Cybersecurity of the critical infrastructure: new challenges. Rossija v global'noj politike. T. 20, no. 6(118). P. 147-164. DOI: 10.31278/1810-6439-2022-20-6-147-164 DOI 10.31278/1810-6439-2022-20-6-147-16 (In Russ.).
Kobets P. N. (2022) The Role of the President of the Russian Federation V. V. Putin in Combining the Efforts of the World Community to Improve Information Security in Cyberspace. Pravoporjadok: istorija, teorija, praktika. No. 2(33). P. 62-68. (In Russ.).
Krivonosov I. M., Dernovoj A. E. (2023) Critical information infrastructure - new concepts and aspects of security in modern realities. Gidrotehnika. No. 2(71). P. 54-56. DOI 10.55326/22278400_2023_2_54. (In Russ.).
Kuznetsov S. A., Kulikov I. A., Fominykh A. A. (2021) Comparison of critical infrastructure and methods of categoring critical infrastructure in Russian Federation and USA. Aktual'nye nauchnye issledovanija v sovremennom mire. No. 6-1(74). P. 63-68. (In Russ.).
New horizons for the development of the information law system in the context of digital transformation (2022) / otv. red.: T.A. Poljakova, A.V. Minbaleev, V.B. Naumov. Moskva: Institut gosudarstva i prava RAN. (In Russ.).
On the main directions of development of information law for 2000-2015 (2017) / T. A. Poljakova, A. A. Antopol'skij [i dr.] Gosudarstvo i pravo. No. 1. P. 71-79. (In Russ.).
Pekareva V. V. (2024) Critical information infrastructure as an object of criminal law protection. Vestnik obshhestvennoj nauchno-issledovatel'skoj laboratorii «Vzaimodejstvie ugolovno-ispolnitel'noj sistemy s institutami grazhdanskogo obshhestva: istoriko-pravovye i teoretiko-metodologicheskie aspekty». P. 35. P. 120-127. (In Russ.).
International security in the information and communication technology environment (2023) A. A. Strel'cov, A. Ja. Kapustin, T. A. Poljakova [i dr.]; Nacional'naja Associacija mezhdunarodnoj informacionnoj̆ bezopasnosti. Mоskva: NAMIB. (In Russ.).
Fisun V. V. (2022) Security assessment methodology in the intelligent information security management system of critical infrastructure objects. Nacional'naja Associacija Uchenyh. No. 77. P. 59-62. (In Russ.).
Assaf D. (2008) Models of critical information infrastructure protection. International Journal of Critical Infrastructure Protection. Т. 1. P. 6-14.
Hyslop M. (2007) Critical Information Infrastructure. New-York: Springer US.
Pagnacco A. (2021) Critical Information Infrastructure Protection: Between Cybersecurity and Policymaking. ITASEC. P. 488-498.
Patterson C. A., Personick S. D. (ed.) (2003). Critical information infrastructure protection and the law: an overview of key issues. Washington DC: National academy press.