Wyniki wyszukiwania - BazTech

1

Steganography in Audio Files: COTS Software Analysis

Marszałek Piotr, Bilski Piotr

International Journal of Electronics and Telecommunications

|

2023

|

Vol. 69, No. 1

121--126

EN

The paper presents the analysis of the Commercial Off-The-Shelf (COTS) software regarding the ability to be used in audio steganography techniques. Such methods are a relatively new tool for hiding and transmitting crucial information, also being used by hackers. In the following work, the publicly available software dedicated to audio steganography is examined. The aim was to provide the general operating model of the information processing in the steganographic effort. The embedding method was analyzed for each application, providing interesting insights and allowing classifying the methods. The results prove that it is possible to detect the hidden message within the specific audio file and identify the technique that was used to create it. This may be exploited further during the hacking attack detection and prevention.

2

Adaptive Monitoring of Companies' Information Security

Lakhno Valerii, Adilzhanova Saltanat, Ydyryshbayeva Moldir, Turgynbayeva Aliza, Kryvoruchko Olena, Chubaievskyi Vitalyi, Desiatko Alona

International Journal of Electronics and Telecommunications

|

2023

|

Vol. 69, No. 1

75--82

EN

Additions were proposed to the method of organizing the information security (IS) event management process of companies. Unlike existing solutions, the algorithm of the "Event handling" subprocess was detailed. This detailing is a complex, which includes the IS event processing substage. In addition, the proposed detailing of the "Event Handling" subprocess allows for covering the entire life cycle of an IS event. The performed research allows in practice to fill in potential gaps in information when creating a company's ISMS. An additional advantage of the proposed solution is the possibility of using this sub-process as an independent one. The proposed approach makes it possible to simplify the procedure for managing the information security of a company as a whole, as well as potentially reduce the costs of its construction for small companies and enterprises. Also, this subprocess can be considered as an independent information security management process, for example, for a company's CIS. The proposed solutions and additions, in contrast to similar studies, are characterized by invariance with respect to the methods of implementing the company's IS infrastructure solutions, and in particular its CIS. This ultimately allows, without changing the methodological tools, to scale this approach and adapt it to the ISMS of various companies.

3

The state of the cyber environment and national cybersecurity strategy in developed countries

Tanriverdiyev Elshan

Studia Bezpieczeństwa Narodowego

|

2022

|

R. 12, Nr 23

19--26

EN

The article analyzes the state of cybersecurity in developed countries, the strategies available in this area, and identifies their common and distinctive features in order to study advanced practices in developing and improving a national cybersecurity strategy. The aim of the article is to analyze and compare the national cybersecurity strategies of developed countries. The methods of examining source documents and statistical analysis were used.

PL

W artykule przeprowadzono analizę stanu cyberbezpieczeństwa w krajach rozwiniętych, przedstawiono strategie dostępne w tym obszarze oraz ich wspólne i wyróżniające cechy w celu zbadania zaawansowanych praktyk w zakresie opracowywania i doskonalenia krajowej strategii cyberbezpieczeństwa. Celem artykułu jest analiza i porównanie narodowych strategii cyberbezpieczeństwa krajów rozwiniętych. Zastosowano metody: badania dokumentów źródłowych oraz analizy statystycznej.

4

The applicability of the GDPR to artificial intelligence and the resulting threats to national information security

Guta Tomasz

Studia Bezpieczeństwa Narodowego

|

2022

|

R. 12, Nr 24

25--46

EN

Both national security and information security are closely associated with and connected to the emerging field of artificial intelligence. In this regard, following the presumed axioms of the anticipated proliferation of AI systems within modern society and its expected widespread implementation in vital public and private institutions and furthermore the extensive application of AI systems within personal data processing, possible threats to national and information security within the European Union - with an emphasis on Poland and the Polish legal system - are explored. On the basis of an overview of the theoretical basis of the concepts of national and information security and artificial intelligence, the emergence of AI within personal data processing in the context of the GDPR legal framework is discussed. At least one potential conflict between the implications of the hypothetical scenario of the emergence of the so-called strong form of artificial intelligence and both the Polish data privacy legal framework (based, interalia, on the GDPR) and the Polish information security is being identified in this context. The academic article draws the conclusion that the emergence of so-called “strong AI” may lead to a number of real and probable threats to the system of personal data protection and information security in Poland (and possibly in the other EU Member States as well). The paper finally concludes by outlining and discussing the negative impact of the identified conflict, in particular on Polish information security, and calls for efforts to address these issues in future studies in the academic literature.

PL

Zarówno bezpieczeństwo narodowe, jak i bezpieczeństwo informacji są ściśle związane z rozwijającą się współcześnie dziedziną sztucznej inteligencji (SI). W związku z tym, kierując się założonym w pracy aksjomatem oczekiwanego rozprzestrzeniania się systemów SI we współczesnym społeczeństwie oraz ich spodziewanego szerokiego wdrożenia w istotnych instytucjach publicznych i prywatnych, a także szerokiego zastosowania systemów SI w ramach przetwarzania danych osobowych, przeanalizowano w tejże pracy niektóre możliwe zagrożenia dla bezpieczeństwa narodowego i informacyjnego w Unii Europejskiej z naciskiem na Polskę i na podstawie Polski i polskiego systemu prawnego. Na podstawie przeglądu teoretycznych podstaw koncepcji bezpieczeństwa narodowego i informacyjnego oraz koncepcji sztucznej inteligencji omówiono w tejże pracy pojawienie się SI w ramach procesów przetwarzania danych osobowych w kontekście ram prawnych RODO. W tym kontekście zidentyfikowany zostanie przynajmniej jeden potencjalny konflikt między implikacjami (hipotetycznego) scenariusza pojawienia się tzw. silnej odmiany sztucznej inteligencji a polskim porządkiem prawnym dotyczącym ochrony danych osobowych (opartym m.in. na RODO) oraz polskim bezpieczeństwem informacji. W tym artykule naukowym sformułowano wniosek, iż pojawienie się tzw. silnej odmiany SI może prowadzić do szeregu prawdopodobnych zagrożeń dla systemu ochrony danych osobowych i bezpieczeństwa informacji w Polsce (a potencjalnie także w innych państwach członkowskich UE). We wnioskach artykułu przedstawiono i omówiono negatywny wpływ wcześniej w nim zidentyfikowanego konfliktu, w szczególności na bezpieczeństwo informacji w Polsce, a także postulowano podjęcie wysiłków w celu rozwiązania tych kwestii w przyszłych rozważaniach i opracowaniach w literaturze naukowej przedmiotu.

5

Information security as part of Poland's security

Marczyk Maciej, Błachut Marek

Scientific Journal of the Military University of Land Forces

|

2022

|

Vol. 54, No. 4(206)

609--623

EN

Dynamic advances in technology as well as information and communication entail many new threats to the functioning of the Polish state, its citizens, as well as to the international community. These are mainly the dangers of using information networks and information systems. For this reason, particular importance is given to ensuring information security which combines procedures and tools for the protection of classified information, data and network systems. Information security has now become one of the most sensitive trans-sectoral areas of national security, having an impact on the efficiency of Poland’s entire security system. This is about information security, ICT security and cybersecurity. The paper aims to analyse the issue of information security as part of the security area of the Republic of Poland. The issue was raised because of its importance and topicality, as recently there has been an increase in cyber-terrorist activity and a growing number of media reports on attacks on information systems, targeting the critical infrastructure of states. Information security risks pose a real threat and loss of information can lead to a violation of the vital interests of various entities and a compromise of people’s safety and fundamental values of social life.

PL

Dynamiczny postęp technologiczny i informacyjno-komunikacyjny niesie wiele nowych zagrożeń dla funkcjonowania państwa polskiego, jego obywateli, a także dla społeczności międzynarodowej. Są to głównie niebezpieczeństwa związane z użytkowaniem sieci informatycznych oraz systemów informacyjnych. Z tego powodu wyjątkowego znaczenia nabiera zapewnianie bezpieczeństwa informacyjnego, które łączy w sobie procedury i narzędzia służące ochronie informacji niejawnych, danych oraz systemów sieciowych. Bezpieczeństwo informacyjne stało się obecnie jednym z najbardziej wrażliwych obszarów bezpieczeństwa narodowego o charakterze transsektorowym, wywierającym wpływ na efektywność funkcjonowania całego systemu bezpieczeństwa Polski. Chodzi o bezpieczeństwo informacji, bezpieczeństwo teleinformatyczne i cyberbezpieczeństwo. Celem niniejszego artykułu jest próba analizy zagadnienia bezpieczeństwa informacyjnego jako elementu obszaru bezpieczeństwa Rzeczypospolitej Polskiej. Temat podjęto z powodu jego ważności i aktualności, albowiem w ostatnim czasie nasilają się działania cyberterrorystów, coraz częściej media donoszą o atakach na systemy informatyczne, wymierzone w infrastrukturę krytyczną państw. Zagrożenia bezpieczeństwa informacyjnego stają się realne, zaś utrata informacji może prowadzić do naruszenia żywotnych interesów różnych podmiotów, narażenia bezpieczeństwa ludzi oraz podstawowych wartości życia społecznego.

6

Digital Information Security: Coronavirus Crisis Impact on the Accountants, Business Analysts and Auditors Training

Nazarova Karina, Nezhyva Mariia, Metil Tetіana, Hordopolov Volodymyr, Prystupa Liudmyla, Moyseyenko Olesya

Problemy Ekorozwoju

|

2022

|

Vol. 17, nr 2

80--90

EN

The article considers the impact of transformation processes on business in the context of digitalization. Equally important is the study of the impact of these processes on the training of professionals whose work has had a direct impact on these transformations – accountants, business analysts and auditors. These specialists are faced with the task of analyzing the impact of the facts and determining the change in business development strategy in the context of global digitalization. The field of audit both in the world was able to adapt extremely flexibly to the new realities of functioning in the digitalized world. In this article, the authors reveal the main trends of digitalization of audit in the conditions of economic transformation and limited business practices caused by this global pandemic of 2019-2020. At the same time, the processes of digital transformation are the driving forces of the economy. Computer technology is becoming increasingly involved in reforming the audit institution and changing the trajectory of the auditor’s role in such a society.

7

Automation of Information Security Risk Assessment

Akhmetov Berik, Lakhno Valerii, Chubaievskyi Vitalyi, Kaminskyi Serhii, Adilzhanova Saltanat, Ydyryshbayeva Moldir

International Journal of Electronics and Telecommunications

|

2022

|

Vol. 68. No. 3

549--555

EN

An information security audit method (ISA) for a distributed computer network (DCN) of an informatization object (OBI) has been developed. Proposed method is based on the ISA procedures automation by using Bayesian networks (BN) and artificial neural networks (ANN) to assess the risks. It was shown that such a combination of BN and ANN makes it possible to quickly determine the actual risks for OBI information security (IS). At the same time, data from sensors of various hardware and software information security means (ISM) in the OBI DCS segments are used as the initial information. It was shown that the automation of ISA procedures based on the use of BN and ANN allows the DCN IS administrator to respond dynamically to threats in a real time manner, to promptly select effective countermeasures to protect the DCS.

8

Risk in GIS systems

Stanik Jerzy, Kiedrowicz Maciej

GIS Odyssey Journal

|

2022

|

Vol. 2, no. 1

39--56

EN

The development of information technologies, widespread access to the Internet, globalisation and the development of measurement technologies in geodesy, on the one hand, result in wide access to geographical, cartographic or geodetic data, and on the other hand, increase the level of risk of losing basic security attributes of these data. Risk management in GIS should be implemented at every stage of the GIS life cycle, which starts with the organising phase of a GIS and is expected to continue until the end of its life - decommissioning. It is important to remember that it is not enough to have a good analysis and assessment of adverse events and their consequences without precise, pre-developed methods of measuring and responding to risks in the form of various response plans. This article is an attempt to answer the questions: what should be understood by risk in GIS systems, how to measure it and how to proceed to manage it effectively and efficiently. The models and instruments presented, which have been developed on the basis of available literature and own research, point the way to effective risk management in GIS class systems.

9

Informacyjny wymiar bezpieczeństwa jednostki w trakcie czynności procesowych

Bętkowska Violetta

Security Review

|

2021

|

nr 2 (19)

3--12

EN

Information security is an important component of personal security and civil rights and freedoms. The essence of the state's activities for the security of an individual in the information area is to create protective systems which not only identify risks and threats to this area, but also contain effective measures to ensure it. The state bodies and entities that carry out activities related to the processing of personal data are obliged to observe the legal regulations that are in force in this area. The procedural activities and their nature related to the collection, processing, disclosure and transfer of personal data and other information about persons are closely related to the citizens' information rights. Therefore, the information aspect of these activities has been defined in national laws and international legal acts.

10

The Importance of Military Information Security

Sługocki Wojciech, Walkowiak Marzena

Safety & Defense

|

2021

|

1

1--13

EN

The main goal of the research is to identify the key problems related to information security in the armed forces and to classify the most important factors and aspects necessary to increase security. The implemented research methods include a critical analysis of legal acts, organizational and competence documents, literature on the subject. Synthesis and inference were employed to achieve the formulated goals. The main findings indicate that the armed forces' information security system will play an increasingly important role in shaping the security of modern states and should be treated as a priority. The results of the analyzes indicate that in the coming years, the main challenge of modern armies will be to strengthen the offensive and defensive information capabilities of the state. The general findings of this article present the view that information security is a key task for the armed forces to ensure national security. Therefore, it is necessary to revise, clarify and tighten up the procedures in force for the protection of key information processed in the state -especially in the armed forces – which should have adequate capabilities to conduct complex operations in cyberspace. Moreover, the need for a thorough and comprehensive analysis of this topic is confirmed.

11

Disinformation and Polarization in the Online Debate During the 2020 Presidential Election in Poland

Domalewska Dorota

Safety & Defense

|

2021

|

1

14--24

EN

The deliberate manipulation of public opinion, the spread of disinformation, and polarization are key social media threats that jeopardize national security. The purpose of this study is to analyze the impact of the content published by social bots and the polarization of the public debate on social media (Twitter, Facebook) during the presidential election campaign in Poland in 2020. This investigation takes the form of a quantitative study for which data was collected from the public domains of Facebook and Twitter (the corpus consisted of over three million posts, tweets and comments). The analysis was carried out using a decision algorithm developed in C# that operated on the basis of criteria that identified social bots. The level of polarization was investigated through sentiment analysis. During the analysis, we could not identify automated accounts that would generate traffic. This is a result of an integrated action addressing disinformation and the proliferation of bots that mobilized governments, cybersecurity and strategic communication communities, and media companies. The level of disinformation distributed via social media dropped and an increasing number of automated accounts were removed. Finally, the study shows that public discourse is not characterized by polarization and antagonistic political preferences. Neutral posts, tweets and comments dominate over extreme positive or negative opinions. Moreover, positive posts and tweets are more popular across social networking sites than neutral or negative ones. Finally, the implications of the study for information security are discussed.

12

Impact of the human factor on the security of information resources of enterprises during the Covid-19 pandemic

Kobis Paweł, Karyy Oleh

Polish Journal of Management Studies

|

2021

|

Vol. 24, No. 2

210--227

EN

This article aims to determine the impact of the human factor on the security of information resources of enterprises during the Covid-19 pandemic. The theoretical section of the article describes the phenomenon of the human factor in the security of intangible resources, and isolates the most important mistakes noted in the literature made by employees, clients, and business partners, affecting the level of security of the information system of business entities. The empirical section of the article contains an analysis of selected, current research by recognised business intelligence companies around the world, providing for the impact of the human factor on information security, along with comparing them to data from before the Covid-19 pandemic. The presented research was conducted both among the IT staff as well as persons who on a daily basis manage information resources in enterprises. The data was acquired with the use of electronic questionnaires and through an analysis of data coming from particular security software produced or distributed by the authors of reports. The research results contain an applicable, critical analysis. It has been proven that the current Covid-19 pandemic affects the security of information resources, and that remote work practiced in modern enterprises carries an increased risk of errors in information management. The purpose of the article is to present how changing the way of working during the pandemic affects information security, and to show the problems which modern enterprises are facing.

PL

Celem artykułu jest określenie wpływu czynnika ludzkiego na bezpieczeństwo zasobów informacyjnych przedsiębiorstw podczas pandemii Covid-19. W części teoretycznej artykułu opisano zjawisko czynnika ludzkiego w bezpieczeństwie zasobów niematerialnych oraz wyodrębniono najważniejsze błędy odnotowane w literaturze przez pracowników, klientów i partnerów biznesowych, wpływające na poziom bezpieczeństwa systemu informatycznego podmioty gospodarcze. Część empiryczna artykułu zawiera analizę wybranych, aktualnych badań uznanych wywiadowni gospodarczych na całym świecie, dotyczących wpływu czynnika ludzkiego na bezpieczeństwo informacji, wraz z porównaniem ich z danymi sprzed pandemii Covid-19. Prezentowane badanie zostało przeprowadzone zarówno wśród pracowników IT, jak i osób na co dzień zarządzających zasobami informacyjnymi w przedsiębiorstwach. Dane pozyskano za pomocą ankiet elektronicznych oraz poprzez analizę danych pochodzących z określonego oprogramowania zabezpieczającego produkowanego lub dystrybuowanego przez autorów raportów. Wyniki badań zawierają stosowną, krytyczną analizę. Udowodniono, że pandemia Covid-19 wpływa na bezpieczeństwo zasobów informacyjnych, a praca zdalna praktykowana w nowoczesnych przedsiębiorstwach niesie ze sobą zwiększone ryzyko błędów w zarządzaniu informacją. Celem artykułu jest przedstawienie, jak zmienia się sposób pracy w czasie pandemii wpływa na bezpieczeństwo informacji, a także pokazuje problemy, z jakimi borykają się współczesne przedsiębiorstwa.

13

Human factor aspects in information security management in the traditional IT and cloud computing models

Kobis Paweł

Operations Research and Decisions

|

2021

|

Vol. 31, No. 1

61--76

EN

This paper attempts to classify the main areas of threats occurring in enterprises in the information management processes. Particular attention was paid to the effect of the human factor which is present in virtually every area of information security management. The author specifies the threats due to the IT techniques and technologies used and the models of information systems present in business entities. The empirical part of the paper presents and describes the research conducted by the author on information security in business organisations using the traditional IT model and the cloud computing model. The results obtained for both IT models are compared.

14

Barriers to knowledge sharing in the field of information security

Żywiołek Justyna, Rosak-Szyrocka Joanna, Jereb Borut

Management Systems in Production Engineering

|

2021

|

nr 2 (29)

114--119

EN

Today, sharing knowledge requires taking into account many aspects. Variable environmental conditions, the people factor, and the security of resources are just a few that should be considered for a noticeable improvement in the functioning of the company. Supporting this course of action requires the identification of all barriers that may exist in the enterprise. Only the owner and senior management by establishing system and organizational changes can influence this element of the business. The aim of the article is to indicate the problems in this respect that block the proper functioning of the company in the field of information and knowledge exchange. The survey was conducted with the help of a questionnaire among 189 respondents. The industry has significantly decreased in the last few decades, currently there are 307 companies operating in Poland. Conclusions from the conducted research were collected on the basis of a questionnaire survey. The further stage of the research will be to compare the collected results with the results from Western European countries.

15

Cyber security in supply chain management: a systematic review

Latif Mohd Nasrulddin Abd, Aziz Nurul Ashykin Abd, Hussin Nik Syuhailah Nik, Aziz Zuraimi Abdul

LogForum

|

2021

|

Vol. 17, no. 1

49--57

EN

Background: Cyber security of supply chain is a part of its safety measure that focuses on the management of the required cyber security that includes information technology systems, software, and networks. Supply chain management has a high risk of being threatened by cyber terrorism, malware and data-theft. Common supply chain cyber security activities are done to minimize risks including sole-purchase from trusted vendors, and disconnection of critical machines from external networks. Methods: The main data sources for this study are research articles published from 2010 to 2020 in a peer-reviewed journal in the Web of Science and Scopus database. This study uses a systematic survey approach that is guided by PRISMA Statement, where the current study shows the trend of cyber research security in supply chain management. Results: The final screening shows 41 identified related articles that are related to cyber security in supply chain management. This study also examined the publishing trends related to cyber security in supply chain management for both WOS and Scopus databases. The analysis shows that the highest publishing value was in 2019, coming from the Scopus database. In addition, four elements are covered in this study namely: (i) network security; (ii) information security; (iii) web application security and (iv) internet of things (IoT). Conclusions: In brief, some suggestions are proposed to provide guidance for future researchers to study deeper about cyber security in supply chain management.

PL

Wstęp: Bezpieczeństwo cybernetyczne łańcucha dostaw jest częścią postępowania mającego na celu zapewnienie bezpieczeństwa, które skupia się na zarządzaniu bezpieczeństwem systemów technologicznych, oprogramowania i sieci. Zarządzanie łańcuchem dostaw jest zagrożone cyberatakami terrorystycznymi, złośliwym oprogramowaniem oraz kradzieżą danych. Działania obejmujące bezpieczeństwo cybernetyczne mają na celu minimalizację ryzyk, między innymi zakup tylko do zaufanych dostawców czy niepodłączanie krytycznych urządzeń od zewnętrznych sieci. Metody: Praca oparta jest na przeglądzie publikacji naukowych z latach 2010-2020 w podlegających recenzji czasopismach z baz Web of Science i Scopus. Zastosowano metodo liczne podejście zgodne z zasadami PRISMA, ukazując trendy w dziedzinie bezpieczeństwa cybernetycznego w zarządzaniu łańcuchem dostaw. Wyniki: Wyselekcjonowano 41 publikacji, których tematyka obejmuje bezpieczeństwo cybernetyczne w zarządzaniu łańcuchem dostaw. Przeanalizowano trendy w dziedzinie bezpieczeństwa cybernetycznego w zarządzaniu łańcuchem dostaw. Przeprowadzona analiza wykazała, że najwięcej publikacji ukazało się w 2019 w bazie Scopus. Dodatkowo, wyodrębniono cztery główne elementy badań: bezpieczeństwo sieci, bezpieczeństwo informacji, bezpieczeństwo aplikacji sieciowych oraz Internet rzeczy. Wnioski: Sformułowano kilka sugestii, które mogą być wskazówkami do dalszych badań nad bezpieczeństwem cybernetycznym w zarządzaniu łańcuchem dostaw.

16

Security of personal data. Part I – The specificity of determinants of personal identity in the 21st century

Rysz Stanisław J.

Zeszyty Naukowe SGSP / Szkoła Główna Służby Pożarniczej

|

2020

|

Nr 75 (tom 3)

223--239

EN

Changes that are taking place in the surrounding environment have never before been so extensive and so dynamic. In addition, the environment to which these changes relate has also never before been so multifaceted, ambiguous, multidimensional and such full of multimedia. Man put in the face of such changes may more or less consciously compromise his safety. The reason may be insufficient knowledge, lack of proper preparation and resources appropriate to provide the right conditions for safe work, communication and even for safe life from the perspective of an individual as well as a person in a family, group in even a nation. Implementation of regulations contained in the Regulation of the European Parliament and of the Council (EU) of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data, and repealing Directive 95/46 for everyday use (colloquially referred to as: GDPR) caused special attention focused on security in connection with the processing of personal data. This article is the first in the series. It is entitled “Security of personal data. Part I – Specificity of Determinants of Personal Identity in the 21st Century. „The author presents in it the characteristic properties of personal data broken down into areas functioning in superposition2 to each other: an organic person, the environment and the technical environment around the person. Another article the author will address at a broad spectrum of issues relating to personal identification information.

PL

Zmiany, jakie zachodzą w otaczającym nas środowisku, nigdy wcześniej nie były tak rozległe i tak dynamiczne. Dodatkowo samo środowisko, ktorego te zmiany dotyczą, także nigdy wcześniej nie było tak wielorodzajowe, wieloznaczne, wielowymiarowe, wieloaspektowe i multimedialne. Człowiek postawiony w obliczu takich zmian może mniej lub bardziej świadomie narażać swoje bezpieczeństwo. Przyczyną może być niedostateczna wiedza, brak odpowiedniego przygotowania i zasobów właściwych dla zapewnienia odpowiednich warunkow dla bezpiecznej pracy, komunikacji, a wręcz dla bezpiecznego życia zarowno z perspektywy pojedynczego człowieka, jak i człowieka w rodzinie, grupie, a nawet w narodzie. Wdrożenie z dniem 25 maja 2018 r. do codziennego użytkowania regulacji zawartych w Rozporządzeniu Parlamentu Europejskiego i Rady (UE) z 27 kwietnia 2016 r. w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE [19] (potocznie określane jako: RODO) spowodowało zwrocenie szczegolnej uwagi na bezpieczeństwo indywidualne człowieka w związku z przetwarzaniem jego danych osobowych. Niniejszy artykuł jest pierwszym w cyklu. Autor przedstawia w nim charakterystyczne właściwości danych osobowych w podziale na funkcjonujące w superpozycji1 do siebie obszary: osoba organicznie, środowisko wokoł niej oraz jej otoczenie techniczne. Kolejny artykuł autor poświęci zagadnieniom dotyczącym szerokiego spektrum informacji identyfikujących człowieka.

17

Bezpieczeństwo danych osobowych. Część I – Specyfika determinant tożsamości człowieka w XXI w.

Rysz Stanisław J.

Zeszyty Naukowe SGSP / Szkoła Główna Służby Pożarniczej

|

2020

|

Nr 75 (tom 3)

205--221

PL

Zmiany, jakie zachodzą w otaczającym nas środowisku, nigdy wcześniej nie były tak rozległe i tak dynamiczne. Dodatkowo samo środowisko, ktorego te zmiany dotyczą, także nigdy wcześniej nie było tak wielorodzajowe, wieloznaczne, wielowymiarowe, wieloaspektowe i multimedialne. Człowiek postawiony w obliczu takich zmian może mniej lub bardziej świadomie narażać swoje bezpieczeństwo. Przyczyną może być niedostateczna wiedza, brak odpowiedniego przygotowania i zasobów właściwych dla zapewnienia odpowiednich warunkow dla bezpiecznej pracy, komunikacji, a wręcz dla bezpiecznego życia zarowno z perspektywy pojedynczego człowieka, jak i człowieka w rodzinie, grupie, a nawet w narodzie. Wdrożenie z dniem 25 maja 2018 r. do codziennego użytkowania regulacji zawartych w Rozporządzeniu Parlamentu Europejskiego i Rady (UE) z 27 kwietnia 2016 r. w sprawie ochrony osób fizycznych w związku z przetwarzaniem danych osobowych i w sprawie swobodnego przepływu takich danych oraz uchylenia dyrektywy 95/46/WE [19] (potocznie określane jako: RODO) spowodowało zwrocenie szczegolnej uwagi na bezpieczeństwo indywidualne człowieka w związku z przetwarzaniem jego danych osobowych. Niniejszy artykuł jest pierwszym w cyklu. Autor przedstawia w nim charakterystyczne właściwości danych osobowych w podziale na funkcjonujące w superpozycji1 do siebie obszary: osoba organicznie, środowisko wokoł niej oraz jej otoczenie techniczne. Kolejny artykuł autor poświęci zagadnieniom dotyczącym szerokiego spektrum informacji identyfikujących człowieka.

EN

Changes that are taking place in the surrounding environment have never before been so extensive and so dynamic. In addition, the environment to which these changes relate has also never before been so multifaceted, ambiguous, multidimensional and such full of multimedia. Man put in the face of such changes may more or less consciously compromise his safety. The reason may be insufficient knowledge, lack of proper preparation and resources appropriate to provide the right conditions for safe work, communication and even for safe life from the perspective of an individual as well as a person in a family, group in even a nation. Implementation of regulations contained in the Regulation of the European Parliament and of the Council (EU) of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free flow of such data, and repealing Directive 95/46 for everyday use (colloquially referred to as: GDPR) caused special attention focused on security in connection with the processing of personal data. This article is the first in the series. It is entitled “Security of personal data. Part I – Specificity of Determinants of Personal Identity in the 21st Century. „The author presents in it the characteristic properties of personal data broken down into areas functioning in superposition2 to each other: an organic person, the environment and the technical environment around the person. Another article the author will address at a broad spectrum of issues relating to personal identification information.

18

Information security management in the global world of the 21st century

Maśloch Piotr, Górny Piotr

Zeszyty Naukowe. Organizacja i Zarządzanie / Politechnika Śląska

|

2020

|

z. 145

321--331

EN

Purpose: The article attempts to determine what contemporary globalization is and what opportunities and threats this process creates (in terms of global threats to enterprise information systems). Design/methodology/approach: The management of information security and counteracting cyber-attacks is an important aspect of the functioning of enterprises in the 21st century. In this sense, this article will analyse the threats resulting from the dynamic development of information technology, based on the results of research conducted on a sample of Polish enterprises. Findings: This publication is an attempt to identify the basic threats resulting from the fact that the organization operates in a digitized global reality. Research limitations/implications: It seems that the threats mentioned in the article will be gaining momentum and will be evaluated in the unpredictable today direction. Social implications: The 21st century brought a completely new look at the processes of globalization and management of a modern enterprise. It turns out that information has become the basic tool of competitive struggle in the global market. For this reason, the management of information security and counteracting cyber-attacks is an important aspect of the functioning of enterprises in the 21st century. Originality/value: The article addresses current problems of cyberspace security in the context of globalization. It can be useful for company managers as well as for conducting research in this field.

19

Personal data protection as an element of competitive advantage

Żywiołek Justyna, Nedeliaková Eva

System Safety : Human - Technical Facility - Environment

|

2020

|

Vol. 2, nr 1

55--61

EN

The article presents results of research on the information flow between the client and the company, inside the company, and the problems encountered by both parties in the data exchange process. Also included are methods of securing information through unauthorized disclosure, disclosing ideas to other clients. The basis of the study was a survey directed to 75 customers ordering in the examined enterprise and a survey among 40 employees of that enterprise. The study was also based on an in-depth conversation with employees of the examined company employed at various levels. The survey shows that the clients and employees of the surveyed company are aware of the high value of information, and its security is considered one of the priorities. The survey clearly shows that customers praise data protection activities, they treat it as an element used to care for the interests of the customer, as a further environment of the product or service they purchase. However, there are often errors due to customer ignorance, communication problems, and lack of knowledge of employees. The study covered the importance of information in an enterprise as part of its competitive advantage, the reasons for investing in information protection, the occurrence of incidents, the degree of information security, and actions taken to protect information in an enterprise.

20

Dezinformacja jako zagrożenie dla bezpieczeństwa informacyjnego współczesnych społeczeństw

Bączek Piotr

Security Review

|

2020

|

nr 4(17)

3--18

EN

One of the methods of information warfare is disinformation. Its task is to mislead the opponent by giving him false information. The aim of the article is to present the phenomenon of disinformation as a threat to modern societies. The article discusses the following issues: threats to information security, classification of disinformation, disinformation operations in communist and democratic states, historical and contemporary examples of propaganda disinformation. In recent years, there has been an extensive use of electronic media to disseminate disinformation content, which poses a threat to societies.