Digital transformation of cyber security at the micro-level under martial status
Kateryna Kraus, Nataliia Kraus, Olena ShtepaThe article describes the possible transformational processes of cybersecurity of business entities in martial law. Authors argue that the security criteria of modern digital entrepreneurship include the following mandatory facts: data must always be encrypted during storage and transmission; encryption must take place at the client level; only the client should have access to the encryption keys; actual data should not be transmitted through open mail channels; the company must control the storage of encrypted information and access keys to it. A number of current external and internal threats to doing business are listed, including network intrusion, loss of devices with saved passwords, and encryption viruses. Main tasks of enterprises in terms of cybersecurity, namely: identification of potential threats to cybersecurity of enterprises and vulnerabilities; cyber incident prevention; neutralization or minimization of threats to information security of the enterprise. Authors consider the impact of the information security management system ISO / IEC 27001: 2013 on the work of organizations. It has been found that this system provides an opportunity to implement best practices to improve data protection and eliminate the threat of security breaches of information systems. The article focuses on the fact that in the framework of cybersecurity in martial law and in the further digitization of activities at the micro level, the basic and priority tasks should be mainly new quality of production processes of technological laboratories: planning work in accordance with requirements industry standards, guidelines and best practices; sampling into the system by assigning it a specific identifier; calculation of results and their design. Entrepreneurial practice shows that, for example, Ramsomware is the most common threat in the implementation of business processes. Ramsomware is divided into two main types – cryptographers (“cryptoransomware”) and blockers (blockers –“blockers”). Encryptors, when they get to the main computer of the enterprise, encrypt valuable files such as documents, photos, databases. Ramsomware’s business threats include, for example, temporary data loss, which can completely disrupt critical business processes; constant data losses, leading to a decline in the company’s competitiveness, reduced sales revenue in the long run, disrupted continuous access to data. Authors of the article came to the conclusion that in the light of such criminal cyberattacks, of course, it is logical to develop various types of protection in order to protect data from their interception. This protection must be: invisible to the naked eye; have a secure mail channel; e-mail certificate; e-mail safe; e-mail shredder; cybersecurity center; encryption of letters and attachments; protected view
References
[1] Viter, S.A., & Svitlyshyn, I.I. (2017). Protection of accounting information and cyber security of the enterprise. Economy and Society, 11, 497-502.
[2] Desiatko, A.M. (2020). Cyber hygiene. Cyber security. State security. Kyiv: Kyiv National University of Trade and Economics.
[3] Makovets, O.P., & Drozd, I.K. (2020). Cybersecurity as factor of financial security of the enterprise. Economics. Finanсes. Law. 5(3), 31-35. doi: 10.37634/efp.2020.5(3).8.
[4] Kohut, Yu.I. (2019). Cyber security of digital economy for business owners. Kyiv: LLC "Consulting company ‘SIDCON’".
[5] Kraus, K.M., Kraus, N.M., & Manzhura, O.V. (2021). E-commerce and online trading. Kyiv: Agrar Media Group.
[6] Kraus, K.M., & Kraus, N.M. (2019). Retrospective and modernity of taxation in Ukraine and abroad. Kyiv: Agrar Media Group.
[7] Kraus, N.M., & Kraus, K.M. (2018). Digitalization in the context of institutional transformation of the economy: Basic components and tools of digital technologies. Intellect XXI, 1, 211-214.
[8] Kraus, N.M. (2019). Innovative economy in a globalized world: Institutional basis of formation and development trajectory. Kyiv: Agrar Media Group.
[9] Kryvoruchko, O.V., Synichuk, O.M., Shvets, D.V., & Minin, O.V. (2020). Analysis of the security status of information and telecommunication systems. Managing the Development of Complex Systems, 42, 56-62.
[10] Law of Ukraine No. 2163-VIII "On the Basic Principles of Cybersecurity in Ukraine". (2017, October). Retrieved from https://zakon.rada.gov.ua/laws/show/2163-19?lang=en#Text.
[11] Raietskyi, A. (n.d.). Business cybersecurity is not just about technical measures. Retrieved from https://legalitgroup.com/kiberbezpeka-biznesu-tse-ne-lishe-tehnichni-zahodi/#pll_switcher.
[12] Deloitte. (2016). A new era of digital transformation. Central and Eastern Europe. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/ua/Documents/research/c500/CETop500_2016_ua.pdf.
[13] ISO/IEC 27032:2012. (2012). Information technology – Security techniques – Guidelines for cybersecurity. Retrieved from https://www.iso.org/standard/44375.html.
[14] Shtepa, O., Kraus, N., & Kraus, K. (Eds.). (2021). Teaching guidelines for digital entrepreneurship. Krakow: Krakow University of Economics.
[15] Kraus, N., Kraus, K., & Osetskyi, V. (2020). New quality of financial institutions and business management. Baltic Journal of Economic Studies, 6(1), 59-66. doi: 10.30525/2256-0742/2020-6-1-59-66.
[16] Kraus, K., Kraus, N., & Manzhura, O. (2021). Digitalization of business processes of enterprises of the ecosystem of Industry 4.0: Virtual-real aspect of economic growth reserves. WSEAS Transactions on Business and Economics, 18, 569-580. doi: 10.37394/23207.2021.18.57.