Wyniki wyszukiwania - BazTech

1

Information security management in the operations of healthcare entities

Dobski Paweł

Zeszyty Naukowe. Organizacja i Zarządzanie / Politechnika Śląska

|

2024

|

z. 192

179--197

EN

Purpose: The primary purpose of the study is to indicate the threats faced by medical entities in the context of the growing scale of collection and processing of personal data, including sensitive data. Therefore, it seems justified to attempt to systemically secure the processes related to this. Specific objective: The main objective formulated in this way required further specification through the scientific and cognitive objective, which was to assess whether the implementation of the ISO 27001:2017 information security system in a medical entity allows for reducing the risk of information security incidents. Project/methodology: The scope of scientific research defined in this way required the author not only to conduct literature studies, but also to apply appropriate research methods. As part of the considerations, it was decided to use methods such as: statistical analysis of data on the scale of implementation of a standardized data security system in the world and in Poland and the method of scientific description. Results: The literature studies conducted and the research methods used allowed to demonstrate that the implementation of a standardized information security management system allows, by taking into account the requirements resulting from it, to increase the level of information security in medical entities. Identification of organizational, legal and ICT risks reduces the likelihood of information security incidents, and thus reduces the risk of exposing the healthcare entity to legal liability resulting from violation of the provisions of the Personal Data Protection Act (Journal of Laws of 2018, item 100) and the Regulation of the Parliament European Union and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR). Limitations: A certain limitation faced by the author was the inability to take into account the number of ISO 27001:2017 certificates issued in medical entities both in the world and in Poland. This is due to the fact that certification bodies are not obliged to make such information public. Additionally, a certain limitation is the lack of reporting on compensation awarded by common courts to persons who have been harmed as a result of a breach of the protection of their personal data. Practical implications: The study proposes a method for estimating risks in the field of information security in the activities of organizations, including healthcare entities. Additionally, the main benefits resulting from the implementation of the ISO 27001:2017 information security management system were indicated and the barriers that the manager of an entity providing health services should take into account were demonstrated. Originality/value: There are a number of studies in both domestic and foreign literature on the information security system and its importance in organizations. Few authors make the effort to analyze this type of solutions in the context of providing medical services and the problems that must be solved by people managing medical entities.

2

Company Cybersecurity System: Assessment, Risks and Expectations

Kuzior Aleksandra, Yarovenko Hanna, Brożek Paulina, Sidelnyk Natalia, Boyko Anton, Vasilyeva Tetyana

Production Engineering Archives

|

2023

|

Vol. 29, Iss. 4

379-392

EN

The consequences of Industry 4.0 have adverse side effects on cybercrime growth, which requires creating an effective cybersecurity system for companies. Therefore, this study aims to develop a composite indicator of company cybersecurity to assess its development needs. For this purpose, the authors modified Porter's method by constructing a superposition matrix based on the growth rates of cyber threats and risks, calculating their quantitative characteristics and a composite indicator. The computations are based on indicators for 2016-2022 characterizing cybersecurity vulnerabilities and the consequences of cyber threats: the share of companies experiencing one, six or more successful cyberattacks, considering the likely and very likely success of cyberattacks on them in the next 12 months, security threat and concern indices, the share of companies with a growing security budget affected by ransomware and experiencing a shortage of skilled IT security personnel, the cost of stolen or compromised credentials. As a result, cybersecurity needs increased significantly for 2020-2022, mainly due to digital transformation and the cyber threats growth after the COVID-19 pandemic. A comparative analysis of the proposed indicator with those characterizing the development of Industry 4.0 showed that the need for a reliable cybersecurity system is much more important than the active development of modern technologies. Spending on IT is also increasing, but not enough to meet the needs of cybersecurity development, except for the 2022 results. The proposed indicator is defined for companies worldwide, but its versatility allows the methodology to be applied to enterprises of various industries and sizes.

3

Rozwój cyberprzestępczości a poczucie bezpieczeństwa użytkowników Internetu

Bujak Wojciech

Kwartalnik Bellona

|

2023

|

Nr 2

41--60

PL

W artykule przedstawiono wyniki badań nad wpływem cyberprzestępczości na poczucie bezpieczeństwa użytkowników Internetu. W badaniach wykorzystano metodologię wywiadu ankietowego, który przeprowadzono z dwiema grupami respondentów - studentami Akademii Sztuki Wojennej w Warszawie kierunku bezpieczeństwo informacyjne i cyberbezpieczeństwo oraz z żołnierzami Oddziału Specjalnego Żandarmerii Wojskowej niezwiązanymi z obszarem IT. W badaniach dążono do poznania, czy ankietowane grupy społeczne, całkowicie odrębne pod względem kwalifikacji w dziedzinie bezpieczeństwa cybernetycznego, mają świadomość zagrożeń cybernetycznych oraz wiedzę o narzędziach i praktykach stosowanych w celu zapobiegania przestępczości w przestrzeni cybernetycznej. Starano się również zweryfikować poczucie bezpieczeństwa badanych w związku z rozwojem cyberprzestępczości. Wykazano, że rozwój cyberprzestępczości istotnie wpływa na zmniejszenie poczucia bezpieczeństwa użytkowników Internetu.

EN

The article presents the results of research on the impact of cybercrime on the sense of security of Internet users. The research uses the methodology of a survey interview, which was conducted with two groups of respondents - students of the War Studies University in Warsaw, majoring in information security and cybersecurity, and with soldiers of the Special Branch of the Military Police not related to the IT area. The research sought to find out whether the surveyed social groups, completely separate in terms of qualifications in the field of cybersecurity, are aware of cyberthreats and the tools and practices applied to prevent crime in cyberspace. Attempts were also made to verify the respondents’ sense of security in connection with the development of cybercrime. It has been shown that the development of cybercrime significantly reduces the sense of security of Internet users.

4

Shielding the Spanish Cyberspace: An Interview with Spain’s National Cryptologic Centre (CCN)

Arcos Ruben

Applied Cybersecurity & Internet Governance

|

2023

|

Vol. 2, No. 1

1--7

EN

This interview between Rubén Arcos and Spain’s National Cryptologic Centre (CCN) was conducted via email on 24 October 2022. CCN is part of Spain’s National Intelligence Centre (CNI), and through its national alert and response centre against cyberattacks and cyber threats, CCN-CERT, it contributes to the cybersecurity of Spain. The discussion focuses on Spain’s approach to cybersecurity, existing tools for information sharing/management of cyber incidents and tools supporting the production of intelligence on cyber threats. It also deals with current and emerging trends in the cyber domain and developments and activities in the fields of prevention, detection and response. Finally, the interview highlights measures in the March 2022 National Cybersecurity Plan and initiatives against potential cyber-attacks during elections.

5

Two-factor authentication (2FA) comparison of methods and applications

Florczak Sebastian, Jasiak Adrian, Szczygieł Izabela

Advances in Web Development Journal

|

2023

|

Vol. 1

26--45

EN

In this document, the investigation delves into the realm of two-factor authentication (2FA), exploring its applications and comparing various methods of implementation. Two-factor authentication, often referred to colloquially as two-step verification, serves to enhance credential security during login processes across platforms such as Facebook and online banking, among others. While 2FA has significantly improved the security of the login and registration processes, it is noteworthy that its adoption tends to be more prevalent among younger individuals. Unfortunately, an increasing number of financial scams target older individuals who may be disinclined to engage with what they perceive as the complexity of multi-step authentication and password confirmation. Subsequent chapters provide a discussion of the various types of two-factor authentication, furnish detailed descriptions, and offer a summary of the benefits and gains achievable through the deployment of 2FA.

6

The analysis of social engineering methods in attacks on authentication systems

Borowiec Łukasz, Demidowski Krzysztof, Pecka Milena, Jonarska Amelia

Advances in Web Development Journal

|

2023

|

Vol. 1

83--106

EN

This comprehensive exploration of social engineering attacks provides insights into various methods, including phishing, vishing, baiting, tailgating, and ransomware. The "elder scam" and its variations, as well as phishing examples, illustrate the evolving tactics used by attackers. Prevention strategies encompass education, training, and technological tools, emphasizing the need for a balanced approach. The conclusion underscores that public awareness, continuous training, and specialized detection tools are vital in mitigating the risks associated with social engineering attacks on authentication systems.

7

Protecting web applications from authentication attacks

Gugała Łukasz, Łaba Kamil, Dul Magdalena

Advances in Web Development Journal

|

2023

|

Vol. 1

26--42

EN

This paper explores the critical domain of safeguarding web-based applications against authentication attacks, recognizing the persistent challenges posed by evolving cyber threats. The project delineates the distinct objectives of such attacks, including data theft, identity theft, and service disruption, underlining their potential far-reaching implications, such as the compromise of sensitive corporate data and the execution of unauthorized administrative operations. It underscores the pivotal role of user awareness and education as the ultimate defense against authentication-related breaches. Robust security measures, encompassing the use of strong, intricate passwords, encrypted network communication, two-factor authentication, and the regulation of failed login attempts, are emphasized as essential safeguards. Additionally, the project underscores the significance of maintaining system components through regular updates and conducting comprehensive security audits. A holistic approach, integrating technical and human factors, underscores user awareness and ongoing training as indispensable elements in the endeavor to enhance security in an increasingly digital landscape. "Protecting Web Applications from Authentication Attacks" aims to equip its readers with a comprehensive understanding of authentication system security and offers practical directives for bolstering defense mechanisms in a professional and formal context.

8

Online identity theft detection and prevention methods

Szmyd Przemysław, Matejkowski Dominik

Advances in Web Development Journal

|

2023

|

Vol. 1

1--12

EN

Today, a significant amount of work is performed on computers. Because of the prevalence of technology, a lot of data can be obtained by gaining unauthorized access to important network machines, such as servers. Cyberciminals may also target individual Internet users, trying to acquire their personal information by the use of various methods. The gathered information can be used for identity theft, causing direct harm to the victim or an organization, with which they are associated. In this article we explain the nature of identity theft, examine different approaches used by cybercriminals and review a range of strategies for detecting and preventing this phenomenon. Additionally, we provide examples of two attacks: a phishing attack and an intrusion targeting an unsecured server within an organization's network. We conclude that the risk of data theft is often downplayed. An effective way of mitigating this threat is increasing the employees' knowledge about cyber security and using appropriate software and hardware measures.

9

Analysis of potential risks of SMS-based authentication

Szpunar Albert, Stęchły Arkadiusz

Advances in Web Development Journal

|

2023

|

Vol. 1

13--25

EN

The pervasive use of mobile devices and the omnipresence of the Internet have ushered in a transformative era. Nearly everyone, regardless of age, possesses a mobile phone, bridging generational gaps in digital interaction. Mobile phones have become highly personal, with users guarding them zealously. Service providers recognize this intimate relationship, offering an opportunity to enhance security. Traditional password-based security is vulnerable to data breaches, prompting the adoption of mobile phones as a more robust platform for safeguarding digital assets. This shift has also facilitated the development of digital identification applications, reducing reliance on physical identity documents. Additionally, mobile banking applications are replacing physical payment cards, enabling secure transactions. The ascendancy of mobile payment solutions is diminishing the role of physical cash and wallets. In summary, mobile devices have reshaped security and daily activities, becoming the cornerstone of our digital existence, offering higher levels of security, convenience, and efficiency.

10

Law of 11 march 2022 on homeland defense implications for the cybersecurity of Poland

Kobielski Piotr

Wiedza Obronna

|

2022

|

nr 3

25--38

EN

On March 11, 2022, Polish parliament, the Sejm passed the Law on Homeland Defense. The Law replaces 14 other legal acts in the field of military law. The main goal of the Law was to prepare the Polish Armed Forces for the processes of rapid increase in the manpower and technical modernization, also due to the current geopolitical context related to the war in Ukraine. The Law is extensive. Although the improvement of Poland’s cybersecurity was not its primary goal, the Law introduces a number of solutions that undoubtedly pursue such a goal. This paper discusses selected issues in the field of cybersecurity included in the Law, and regarding the method of defining the cyberspace, organization and tasks of the Cyberspace Defense Forces, including the socalled proactive protection and active defense, as well as the competence of military authorities to access and manage data.

11

Zintegrowany system monitoringu energetycznego i sterowania – EcoStruxure Power Operation z modułem zaawansowanego raportowania Power Monitoring Expert

Liman Przemysław

Wiadomości Elektrotechniczne

|

2022

|

R. 90, nr 9

75--78

PL

Schneider Electric, światowy specjalista w dziedzinie zarządzania energią i automatyką, zaprezentował najnowszą wersję swojego oprogramowania EcoStruxureTM – Power Operation (wcześniej Power SCADA Expert). Najnowsza wersja jest czymś więcej niż tylko program SCADA, została zaprojektowana specjalnie dla systemów energetycznych, aby pracować jako otwarta platforma, z możliwością szybkiego sterowania i najnowszymi ulepszeniami w zakresie bezpieczeństwa cybernetycznego

12

Digital Information Security: Coronavirus Crisis Impact on the Accountants, Business Analysts and Auditors Training

Nazarova Karina, Nezhyva Mariia, Metil Tetіana, Hordopolov Volodymyr, Prystupa Liudmyla, Moyseyenko Olesya

Problemy Ekorozwoju

|

2022

|

Vol. 17, nr 2

80--90

EN

The article considers the impact of transformation processes on business in the context of digitalization. Equally important is the study of the impact of these processes on the training of professionals whose work has had a direct impact on these transformations – accountants, business analysts and auditors. These specialists are faced with the task of analyzing the impact of the facts and determining the change in business development strategy in the context of global digitalization. The field of audit both in the world was able to adapt extremely flexibly to the new realities of functioning in the digitalized world. In this article, the authors reveal the main trends of digitalization of audit in the conditions of economic transformation and limited business practices caused by this global pandemic of 2019-2020. At the same time, the processes of digital transformation are the driving forces of the economy. Computer technology is becoming increasingly involved in reforming the audit institution and changing the trajectory of the auditor’s role in such a society.

13

The impact of the covid-19 pandemic on business entity cyber security

Antczak Joanna

Inżynieria Bezpieczeństwa Obiektów Antropogenicznych

|

2022

|

Nr 1

7--15

EN

Cybercriminals during the COVID-19 coronavirus pandemic have redefined both their targets and the form of their cyberattacks. The increased dependence of people around the world on the Internet is driving increasingly bold hacking attacks. Business unit managers are forced to implement better and better security of data resources, which should be organized and at the same time characterized by confidentiality, integrity, and availability. The purpose of the article was to identify and analyse the impact of the COVID-19 pandemic on the cyber security of the business entity. In realizing the purpose of the article, the starting point was a theoretical introduction to cybersecurity. Then, based on the Cybercrime: Covid-19 Impact report developed by Interpol, it was indicated that the coronavirus pandemic has a very high impact on the cyber threat panorama. To analyse the actual market situation, the effects of the cyber-attack on CD PROJEKT Capital Group were analysed.

14

Cybersecurity is more than a Technological Matter – Towards Considering Critical Infrastructures as Socio-Technical Systems

Nowak Veronika, Ullrich Johanna, Weippl Edgar

Applied Cybersecurity & Internet Governance

|

2022

|

Vol. 1, No. 1

1--6

EN

Cybersecurity is still considered a purely technological challenge; however, despite all technological progress, this challenge remains unsolved – as emphasized by many high-impact attacks against public administration and industry worldwide. We postulate that the mere focus on technology fogs the bigger picture, since people generate, operate, and interact with all technological systems, thus making them socio-technical systems. Hence, in this commentary we argue for a change of perspective towards a holistic, interdisciplinary view on our technological infrastructure. By example of the European power grid – inarguably a critical infrastructure not only for daily life but also for the continuity of our polity – we show that through interpretation as a socio-technical system, systematic and interdisciplinary studies would allow to reveal how its (cyber)security is not only a technological matter. An interdisciplinary approach combining STEM disciplines and Social Sciences would additionally advance the understanding of stakeholders and their goals and mindsets as well as the manifold dependencies between technology and human actors. While interdisciplinary endeavours appear to be generally supported by funding agencies, reviewers, universities, and researchers, they rarely occur in practice. We discuss why this is the case and present ideas on how to facilitate more interdisciplinary research.

15

Cyber security in supply chain management: a systematic review

Latif Mohd Nasrulddin Abd, Aziz Nurul Ashykin Abd, Hussin Nik Syuhailah Nik, Aziz Zuraimi Abdul

LogForum

|

2021

|

Vol. 17, no. 1

49--57

EN

Background: Cyber security of supply chain is a part of its safety measure that focuses on the management of the required cyber security that includes information technology systems, software, and networks. Supply chain management has a high risk of being threatened by cyber terrorism, malware and data-theft. Common supply chain cyber security activities are done to minimize risks including sole-purchase from trusted vendors, and disconnection of critical machines from external networks. Methods: The main data sources for this study are research articles published from 2010 to 2020 in a peer-reviewed journal in the Web of Science and Scopus database. This study uses a systematic survey approach that is guided by PRISMA Statement, where the current study shows the trend of cyber research security in supply chain management. Results: The final screening shows 41 identified related articles that are related to cyber security in supply chain management. This study also examined the publishing trends related to cyber security in supply chain management for both WOS and Scopus databases. The analysis shows that the highest publishing value was in 2019, coming from the Scopus database. In addition, four elements are covered in this study namely: (i) network security; (ii) information security; (iii) web application security and (iv) internet of things (IoT). Conclusions: In brief, some suggestions are proposed to provide guidance for future researchers to study deeper about cyber security in supply chain management.

PL

Wstęp: Bezpieczeństwo cybernetyczne łańcucha dostaw jest częścią postępowania mającego na celu zapewnienie bezpieczeństwa, które skupia się na zarządzaniu bezpieczeństwem systemów technologicznych, oprogramowania i sieci. Zarządzanie łańcuchem dostaw jest zagrożone cyberatakami terrorystycznymi, złośliwym oprogramowaniem oraz kradzieżą danych. Działania obejmujące bezpieczeństwo cybernetyczne mają na celu minimalizację ryzyk, między innymi zakup tylko do zaufanych dostawców czy niepodłączanie krytycznych urządzeń od zewnętrznych sieci. Metody: Praca oparta jest na przeglądzie publikacji naukowych z latach 2010-2020 w podlegających recenzji czasopismach z baz Web of Science i Scopus. Zastosowano metodo liczne podejście zgodne z zasadami PRISMA, ukazując trendy w dziedzinie bezpieczeństwa cybernetycznego w zarządzaniu łańcuchem dostaw. Wyniki: Wyselekcjonowano 41 publikacji, których tematyka obejmuje bezpieczeństwo cybernetyczne w zarządzaniu łańcuchem dostaw. Przeanalizowano trendy w dziedzinie bezpieczeństwa cybernetycznego w zarządzaniu łańcuchem dostaw. Przeprowadzona analiza wykazała, że najwięcej publikacji ukazało się w 2019 w bazie Scopus. Dodatkowo, wyodrębniono cztery główne elementy badań: bezpieczeństwo sieci, bezpieczeństwo informacji, bezpieczeństwo aplikacji sieciowych oraz Internet rzeczy. Wnioski: Sformułowano kilka sugestii, które mogą być wskazówkami do dalszych badań nad bezpieczeństwem cybernetycznym w zarządzaniu łańcuchem dostaw.

16

Reflection of the Act on Cybersecurity in aviation education

Kelemen Miroslav, Polishchuk Volodymyr, Kelemen Martin, Polishchuk Andriy

Cybersecurity and Law

|

2021

|

No. 1

129--138

EN

The paper presents knowledge in the field of professional and legal implementation of building a strong cyber security of the European Union at the national level of a Member State, in the context of the implementation of a new legal norm on cyber security of the state. Part of the expert knowledge is the implementation of the law and the response to the praxeological problems of cyber security in the critical infrastructure sectors, including the TRANSPORT sector, resp. Air transport, as part of flight education.

PL

W artykule przedstawiono wiedzę na temat zawodowych i prawnych aspektów kształtowania silnego cyberbezpieczeństwa Unii Europejskiej na poziomie państwa członkowskiego, w kontekście wdrażania nowej normy prawnej dotyczącej cyberbezpieczeństwa państwa. Wiedza fachowa obejmuje wdrażanie przepisów prawa i reagowanie na prakseologiczne problemy cyberbezpieczeństwa w sektorach infrastruktury krytycznej, w tym w sektorze TRANSPORTU, a szczególnie transportu lotniczego, w ramach edukacji lotniczej.

17

The impact of the COVID-19 pandemic on cybercrime

Gryszczyńska Agnieszka

Bulletin of the Polish Academy of Sciences. Technical Sciences

|

2021

|

Vol. 69, nr 4

art. no. e137933

EN

The COVID-19 pandemic is accompanied by a cyber pandemic, involving changes in the modi operandi of perpetrators of various crimes, and an infodemic, associated with the spread of disinformation. The article analyses the impact of the COVID-19 pandemic on cybercrime and presents the latest research on the number of cybercrime cases in Poland and their growth dynamics. It determines the factors that contribute to the commission of a crime and prevent easy identification of criminals. It also suggests the legal and organisational changes that could reduce the number and effects of the most frequently recorded cyberattacks at a time of COVID-19. Particular attention is paid to legal problems of the growing phenomenon of identity theft, and the need to ensure better protection of users from phishing, including through education and proactive security measures consisting in blocking Internet domains used for fraudulent attempts to obtain data and financial resources.

18

Narzędzia programowe do poprawy parametrów jakościowych zasilania, cyberbezpieczeństwa i redukcji kosztów eksploatacji

Bryczek Cezary

Wiadomości Elektrotechniczne

|

2020

|

R. 88, nr 8

17--25

PL

Wyzwaniem dla operatorów zarówno sieci przesyłowej, jak i dystrybucyjnej jest sprostanie wysokim wymaganiom odbiorców i ustawodawców, dotyczących jakości i niezawodności dostarczania energii elektrycznej. Również układy zasilania zakładów przemysłowych, z uwagi na wymóg zachowania ciągłości produkcji, powinny cechować się wysoką niezawodnością. Przerwy w dostarczaniu energii elektrycznej, oprócz skutków natury finansowej, mogą nieść za sobą skutki społeczne a nawet zagrożenie życia. W niniejszym artykule na przykładzie oprogramowania GEM firmy GE (Grid Enterprise Manager) omówiono narzędzia programowe poprawiające parametry jakościowe zasilania, cyberbezpieczeństwo i redukujące koszty eksploatacji. Przedstawiono przykładową analizę kosztów i zysków z wdrożenia tego typu narzędzi z wykorzystaniem kalkulatora szacowania kosztów przerw ICE (Interruption Cost Estimate).

EN

The challenge for both transmission and distribution network operators is to meet the high requirements of customers and legislators regarding the quality and reliability of electricity supply. Also, power supply systems for industrial plants, due to the requirement for maintain of production continuity, should be characterized by high reliability. Interruptions in power supply, in addition to financial effects may also have social consequences and even life-threatening consequences. In this article, tools for improving metrics for reliability of the grid, cybersecurity and reducing operating costs are discussed, based on the example of GE’s software GEM (Grid Enterprise Manager). An example of costs and profits analysis, resulting from implementation of such the tool is presented, using the ICE (Interruption Cost Estimate) calculator.

19

Cybersecurity – One of the Greatest Challenges for Civil Aviation in the 21st Century

Żmigrodzka Małgorzata

Safety & Defense

|

2020

|

2

33--41

EN

In every aspect of aviation’s operations, from ground handling, aircraft designing and production, ensuring the continuity of flights, technical service, to air carriers, there is a possibility that cybercrime may occur. Ubiquitous computers, telephones, and internet carry the risk of various types of threats – from simple viruses, to personal data theft, to taking over of an aircraft by cybercriminals. The aim of the paper is to describe the main cyberthreats in the area of civil aviation. The theoretical analysis of the available source materials and empirical usage of security procedures in aviation organizations served as the main research methods that have been utilized in the analysis of the cybersecurity problem. The author’s extensive professional experience in the aviation sector, especially in the field of quality and security, provided the possibility to verify and understand these vital problems for the aviation industry.

20

Asian Cyber Security Standards

Kuczabski Mateusz J.

Safety & Defense

|

2020

|

2

21--32

EN

The scientific considerations outlined in this article address the threat to the cyber security quality system arising from unclear security standards implemented by China. Over the past few years, the Chinese government has imposed almost 300 new national cyber security standards. These norms cover a variety of information and communication technology (ICT) services as well as products, including software, routers, switches and firewalls. This standardization increases the threat to the cybersecurity quality system, and the more the US places pressure on the western world for Chinese companies investing outside China and on western firms trading in China, the more difficult the situation becomes. The aim of this assessment is to identify these threats, which are also difficulties encountered by Western companies trying to develop their operations in China in order to minimize them. The study was compiled as an analysis of Chinese cybersecurity standardization policy documents and their confrontation with the practice of foreign businesses and as an analysis of international reports and standardization documents on cybersecurity. The theoretical investigative methods used in this paper are: synthesis, analysis, abstraction and generalization.