Безопасность информационных технологий (Jun 2019)

To the issue of categorization of critical informational infrastructure objects in higher education

  • Alexander N. Vavichkin,
  • Viktor S. Gorbatov,
  • Anatoly P. Durakovskiy,
  • Denis A. Chzhen

DOI
https://doi.org/10.26583/bit.2019.2.03
Journal volume & issue
Vol. 26, no. 2
pp. 44 – 57

Abstract

Read online

The aim of this work is to simplify the activities of categorization of critical information infrastructure (CII) for educational organizations engaged in research activities in the framework of the implementation of the adopted legislation. In the field of critical information security, the regulatory and legislative framework is still being improved in accordance with the Federal law "On the security of critical information infrastructure of the Russian Federation" dated 26.07.2017 No. 187-FZ, imposing new requirements on the subjects of CII. The educational sphere is absent in this norm, as well as the automated information systems of support of administrative processes of management, and also ensuring educational process are excluded from the list of objects of CII respectively. However, the above list contains an indication of the sphere of science, and if any higher education institution is involved in research activities, it becomes the subject of this legislation, which imposes the obligation to carry out a number of organizational and technical measures to ensure the safety of CII facilities. The paper details the minimum procedures for categorization of a certain list of CII for the institutions involved in scientific research.

Keywords