116Received 11.02.2023. Revised 08.10.2023. Accepted 05.02.2024.
Acknowledgements. The study was supported by MGIMO-University, project no. 2025-04-03.
Abstract. Information security is a critical issue in today’s world, as the constant threat of cyber-attacks and breaches continues to pose a serious threat to individuals, businesses and governments. To address this issue, it is necessary to evaluate the existing security measures and their effectiveness in protecting against cyber threats, as well as the decisionmaking processes that drive information security policy at the national and international levels. The classification of existing security measures and decision-making actors is an essential step in identifying areas of weakness and improving security policies. By taking a comprehensive approach to the subject, this research has provided insight into different levels of policy development and implementation, as well as the key actors involved at each stage. The review, classification and analysis of existing cybersecurity ratings have also contributed to the identification of areas for improvement. Despite the lack of transparency in the methodology and robustness issues of most ratings, this work has provided some important insights into the overall effectiveness of different cybersecurity and information security policies. Finally, the finding that gaps and theoretical-methodological inconsistencies in the field of national information and cybersecurity research can be explained by the opaque and non-objective methodology used to evaluate the effectiveness of policies is crucial. It shows that there is a need for more transparent and objective methodologies that can accurately evaluate cybersecurity policies at the national and international levels, taking into account the unique challenges and contexts within which they operate.
Keywords: information security, national cybersecurity policy, cybersecurity indices, cyberspace, information policy, classification of cybersecurity measures
REFERENCES
1. Kuehl D.T. From cyberspace to cyberpower: Defining the problem. Kramer F. D., Starr S. H., Wentz L. K., eds. Cyberpower and national security. Washignton, D.C., Potomac Books, 2009, pp. 24-42. Available at: https://doi.org/10.2307/j.ctt1djmhj1
2. Papakonstantinou V. Cybersecurity as praxis and as a state: The EU law path towards acknowledgement of a new right to cybersecurity? Computer Law & Security Review, 2022, vol. 44, pp. 1-15. Available at: https://doi.org/10.1016/j.clsr.2022.105653
3. Kulesza J. Defining Cybersecurity. Kulesza J., Balleste R., eds. Cybersecurity and Human Rights in the Age of Cyberveillance. Maryland, Rowman & Littlefield, 2016, pp. 1-17.
4. Streltsov A.A. Main problems of application of international law to ICT environment. Digital.Report, 28.10.2016. (In Russ.) Available at: https://digital.report/osnovnyie-problemyi-primeneniya-mezhdunarodnogo-prava-k-ikt-srede/ (accessed 18.09.2023).
5. Polyakova T.A., Minbaleev A.V., Krotkova N.V. New vectors of development of information law in the conditions of civilizational crisis and digital transformation. State and Law, 2020, no. 5, pp. 75-87. (In Russ.) Available at: https://doi.org/10.31857/S013207690009678-7
6. Pfleeger C.P., Pfleeger S.L., Marguliez J. Security in computing. Boston-MA, USA, Prentice Hall, 1988. 944 p.
7. Deibert R. The geopolitics of Internet control: censorship, sovereignty and cyberspace. Chadwick A., Howard P., eds. Routledge handbook of internet politics. London, Routledge, 2009, pp. 323-336. Available at: https://doi.org/10.4324/9780203962541-30
8. Chadwick A., Howard P. Routledge handbook of internet politics. London, Routledge, 2009. 487 p. Available at: https://doi.org/10.4324/9780203962541-30
9. Kramer F., Starr S., Wentz L. Cyberpower and national security. Washignton, D.C., Potomac Books, Inc., 2009. 665 p. Available at: https://doi.org/10.2307/j.ctt1djmhj1.6
10. Tabansky L. Basic concepts in cyber warfare. Military and Strategic Affairs, 2011, vol. 3, no. 1, pp. 75-92. Available at: https://www.inss.org.il/wp-content/uploads/2017/02/FILE1308129610-1.pdf (accessed 18.09.2023).
11. Litvinenko Yu., Korolev N. Russian sites are changing the lock: The authorities will oblige browsers to switch to national encryption certificates. Kommersant, 04.03.2022. (In Russ.) Available at: https://www.kommersant.ru/doc/5240945 (accessed 18.09.2023).
12. Gisselquist R.M. Developing and evaluating governance indexes: 10 questions. Policy Studies, 2014, vol. 35 (5), pp. 513-531. Available at: https://doi.org/10.1080/01442872.2014.946484
13. Robinson N., Hardy A. Estonia: From the “Bronze Night” to cybersecurity Pioneers. Romaniuk S.N., Manjikian M., eds. Routledge Companion to Global Cybersecurity Strategy. London, Milton Park, Routledge, 2021, pp. 211-225. Available at: https://doi.org/10.4324/9780429399718
14. Bruton F.B. Saudi Cleric Salman al-Awda Called for Reform. Now He’s in Solitary Confinement. NBC News, 27.01.2018. Available at: www.nbcnews.com/news/mideast/saudi-cleric-salman-Al-awda-calledreform-now-he-s-n840916 (accessed 18.09.2023).
15. Stevens T. United Kingdom: pragmatism and adaptability in the cyber realm. Romaniuk S. N., Manjikian M., eds. Routledge Companion to Global Cybersecurity Strategy. London, Milton Park, Routledge, 2021, pp. 191-200. Available at: https://doi.org/10.4324/9780429399718
16. Carr M. Public-private partnerships in national cyber-security strategies. International Affairs, 2016, vol. 92 (1), pp. 43-62. Available at: https://doi.org/10.1111/1468-2346.12504
SOURCES
1. Decree of the President of the Russian Federation dated 05.12.2016. “On Approval of the Doctrine of Information Security of the Russian Federation”. (In Russ.) Available at: http://www.kremlin.ru/acts/bank/41460 (accessed 18.09.2023).
2. Cybersecurity policy making at a turning point. Organization for Economic Cooperation and Development, 2012. Available at: https://www.oecd-ilibrary.org/content/paper/5k8zq92vdgtl-en (accessed 18.09.2023).
3. Agreement on the creation of the infrastructure of innovation activity of the CIS member states in the form of a distributed information system and CIS portal “Information for innovation activity of the CIS member states”. Art. 1. Minsk, 19.05.2011. (In Russ.) Available at: https://docs.cntd.ru/document/499003928 (accessed 18.09.2023).
4. The Cybersecurity Strategy. European Comission, 2020. Available at: https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-strategy (accessed 18.09.2023).
5. Shares of gun makers rise amid protests in the U.S. RBC. Investments, 02.06.2020. (In Russ.). Available at: https://quote.rbc.ru/news/article/5ed5f3fc9a7947b9e6de31ee (accessed 18.09.2023).
6. INTERPOL report identifies top cyberthreats in Africa. INTERPOL, 21.10.2021. Available at: https://www.interpol.int/en/News-and-Events/News/2021/INTERPOL-report-identifies-top-cyberthreats-in-Africa (accessed 18.09.2023).
7. Operations and Analysis Center under the President of the Republic of Belarus. Available at: https://president.gov.by/en/statebodies/the-operational-and-analysis-center-under-the-president (accessed 18.09.2023).
8. Resolution of the Security Council of the Republic of Belarus No. 1 “On the Concept of Information Security of the Republic of Belarus” of March 18, 2019. (In Russ.) Available at: https://pravo.by/document/?guid=12551&p0=P219s0001&p1=1 (accessed 18.09.2023).
9. Cybersecurity Decree No. 40 of 14 February 2023. (In Russ.) Available at: https://president.gov.by/ru/documents/ukaz-no-40-ot-14-fevralya-2023-g (accessed 18.09.2023).
10. Kyrgyz Republic: Cybersecurity Capacity Review. Global Cybersecurity Capacity Center, September 2017. Available at: https://gcscc.ox.ac.uk/files/cmmkyrgyzstanreportfinalexecsummary1701030pdf (accessed 18.09.2023).
11. Decree 577/2017 Cybersecurity Committee, 28.07.2017. (In Span.) Available at: http://servicios.infoleg.gob.ar/infolegInternet/anexos/275000-279999/277518/norma.htm (accessed 18.09.2023).
No comments