Peculiarities of forming a cybersecurity management system for enterprises in wartime: Theoretical and applied aspect
Andrij ZaverbnyjThe article examines the peculiarities of forming a cybersecurity management system for enterprises in wartime. The paper presents the theoretical and applied aspect of this issue. The purpose of the article is to study the peculiarities and theoretical and applied aspects of forming a cybersecurity management system for enterprises in wartime. The main methods used in the study are analysis, synthesis, statistical methods, etc. The importance of enterprise cybersecurity management for their economic security and achievement of the required level of national security is substantiated. A review and analysis of literary sources on the problem of defining the essence of the concept of "cybersecurity" is carried out. It is proved that for effective cybersecurity management it is advisable to classify cyberattacks. It is also advisable to add the following classification features to the existing classification features: "by the level of insurance", i.e. whether it is possible to insure (over-insure) against the threat itself and its consequences, and "by the level of loss", i.e. the level of losses from cyber attacks. Modern cyberattacks and their consequences are analyzed. The key stages of building an effective cybersecurity management system are formed. The key aspects of determining the security policy of enterprises, their proactive response to highly dynamic economic conditions (primarily in the field of cybersecurity) in wartime are indicated. The system of enterprise cybersecurity management and organization should provide for the possibility of timely selection of specific means and ways to ensure it. The author analyzes the functional and managerial aspect of forming a cybersecurity management system for enterprises in wartime. The key measures to develop the potential of the security and defense sector of Ukraine are investigated. The study proposes a conceptual model for the formation of an effective cybersecurity management system for enterprises in wartime. Each of its stages is characterized. The functions of the cybersecurity management system of enterprises in wartime are described
References
[1] Fedorova, K. (2023). 6 high-profile cyberattacks on business: Cases of Yahoo, GitHub, and Marriott. Retrieved from https://hub.kyivstar.ua/articles/6-guchnyh-kiberatak-na-biznes-kejsy-yahoo-github-i-marriott.
[2] Biliavska, Yu., & Shestak, Ya. (2022). Cyber security and cyber hygiene: A new era of digital technologies. Commodities and Markets, 3(43), 47-59. doi: 10.31617/2.2022(43)04.
[3] Vyshnivskyi, V.V., & Pampukha, A.I. (2002). Cybersecurity in Ukraine. In Scientific and Practical Online Conference “Digital Transformation of Cybersecurity” (pp. 31-33). Kyiv: State University of Telecommunications.
[4] Hnatiuk, S., Berdybaiev, R., Sydorenko, V., Zhyharevych, O., & Smirnova, T. (2023). System for correlating events and managing cybersecurity incidents at critical infrastructure facilities. Cybersecurity: Education, science, technique, 3(19), 76-196. doi: 10.28925/2663-4023.2023.19.176196.
[5] Hrytsiuk, Yu.I. (2016). Cyber intervention and cyber security of Ukraine: Problems and prospects of overcoming them. Scientific Bulletin of UNFU, 26(8), 327-337. doi: 10.15421/40260850.
[6] Davydenko, Y. (2023). Corporate security at Ukrainian enterprises in time of war. Economy and Society, 58. doi: 10.32782/2524-0072/2023-58-44.
[7] Diorditsa, І. (2017). The concept and content of cyber threats at the present stage. Entrepreneurship, economy and law, 4, 99-107.
[8] Dovhan, O.D., & Doronin, I.M. (2017). Escalation of cyber threats to Ukraine's national interests and legal aspects of cyber defence. Kyiv: Publishing House “ArtEk”.
[9] Zhylin, A.V., Shapoval, O.M., & Uspenskyi, O.A (2020). Technologies of information protection in information and telecommunication systems. Kyiv: Igor Sikorsky Kyiv Polytechnic Institute.
[10] Law of Ukraine No. 2163-VIII “On the Basic Principles of Cybersecurity in Ukraine”. (2017, October). Retrieved from https://zakon.rada.gov.ua/laws/show/2163-19#Text.
[11] Zаnudа, А. (2023). Attack on Kyivstar. What dangers does it pose, besides the lack of communication. Retrieved from https://www.bbc.com/ukrainian/articles/cglp7kz0rjmo.
[12] Kyrychenko, А. (2023). Cybersecurity in Ukraine: Ways of development and opportunities. Retrieved from https://www.ukrinform.ua/rubric-technology/3704093-kiberbezpeka-v-ukraini-slahi-rozvitku-ta-mozlivosti.html.
[13] Business cybersecurity in an uncertain environment. (2022). Retrieved from https://www.pwc.com/ua/uk/publications/2022/cybersecurity-uncertainty-state.html.
[14] Panasiuk, O. (2022). Cybersecurity: How Ukrainian businesses can protect themselves from Russian hackers' attacks during the war. Tips from IT experts. Retrieved from https://uaspectr.com/2022/07/27/yak-ukrayinskomu-biznesu-zahystytysya-vid-atak-hakeriv/.
[15] Kuzmenkо, О., Маkliuk, О., & Chеrnyshovа, О. (2022). Business cyber security in time of war. Economy and Society, 44. doi: 10.32782/2524-0072/2022-44-21.
[16] Lynnyk, O.I., & Artemenko, N.V. (2013). Enterprise economic security strategy as a factor in reducing the impact of external and internal threats. Bulletin of the National Technical University “KhPI”, 67, 159-169.
[17] Pеshkо, М., & Zаvеrbnyj, А. (2023). Digitalization of the Ukrainian economy in the conditions of european integration. Economy and Society, 47. doi: 10.32782/2524-0072/2023-47-56.
[18] Resolution of the Cabinet of Ministers of Ukraine No. 1163-2023-р “On approval of the action plan for 2023-2024 to implement the Cybersecurity Strategy of Ukraine”. (2023, December). Retrieved from https://zakon.rada.gov.ua/laws/show/1163-2023-%D1%80?lang=en#Text.
[19] Order of the President of Ukraine No. 447/2021 “On the Decision of the National Security and Defence Council of Ukraine of 14 May 2021 “On the Cybersecurity Strategy of Ukraine”. (2021, August). Retrieved from https://zakon.rada.gov.ua/laws/show/447/2021#n12.
[20] Franchuk, V.I. (2009). Theoretical foundations of corporate security. Actual Problems of Economics, 7, 161-167.
[21] Shyra, T.B. (2018). Corporate security of enterprises in Ukraine: Identification of key threats. Scientific notes of Taurida National V.I. Vernadsky University, 29(68(6)), 93-96.