Experience of the pilot implementation of the european information sharing and alerting system in the field  of information security

Anatoly A. Malyuk; Olga Y. Polyanskaya

doi:10.26583/bit.2018.1.01

Безопасность информационных технологий (Mar 2018)

Experience of the pilot implementation of the european information sharing and alerting system in the field of information security

Anatoly A. Malyuk,
Olga Y. Polyanskaya

Affiliations

Anatoly A. Malyuk: National Nuclear Research University MEPHI (Moscow Engineering Physics Institute)
Olga Y. Polyanskaya: National Nuclear Research University MEPHI (Moscow Engineering Physics Institute)

DOI: https://doi.org/10.26583/bit.2018.1.01
Journal volume & issue: Vol. 25, no. 1
pp. 6 – 18

Abstract

Read online

The formation of a global information society poses a particular challenge to the development of an information security culture. In the Doctrine of Information Security of the Russian Federation, adopted in December 2016, one of the main threats is the low awareness of citizens in matters of ensuring personal information security. One of the most important mechanisms for increasing competence and forming an in-formation security culture, in addition to mass training of people, are methods of propaganda and creation of "hot lines". They allow the general public to take the initiative in monitoring and reporting computer incidents. The development of such approaches should be carried out taking into account the international experience accumulated today. To this end, the article examines the European experience of creating a system of information and advisory assistance in the field of preventing threats to the security of public and corporate information systems, primarily information and telecommunications networks, as well as eliminating the consequences of threats in the information sphere. The analysis of the experience of implementing the pilot project of the European Information Sharing and Alert System has revealed the advisability of designing such systems on the basis of a management model with four players that unites network operators, information producers (who are IT product suppliers or IT security specialists); local information intermediaries and consumers of information. As a model of the information flow, a node can be selected that runs a local web portal that provides information to end users, generates new information, adapts information to the constraints of various distribution channels, and to the characteristics of end-user target groups. The methodology of the pilot project can be used in the design and deployment of a notification and information exchange system aimed at end-users of several regions or countries cooperating in the field of information security.

information security, information security awareness, information sharing and alerting system, culture of information security.

Published in Безопасность информационных технологий

ISSN: 2074-7128 (Print); 2074-7136 (Online)
Publisher: Joint Stock Company "Experimental Scientific and Production Association SPELS
Country of publisher: Russian Federation
LCC subjects: Technology: Technology (General): Industrial engineering. Management engineering: Information technology; Science: Science (General): Cybernetics: Information theory
Website: https://bit.spels.ru

About the journal

Abstract

Keywords