PROGRESSIVE DEVELOPMENT OF THE CORPORATE INFORMATION PROTECTION SYSTEM
Abstract
The article determines that a prerequisite for ensuring the effective and profitable operation of corporate structures is to increase the role of the corporate information security system in managing their development. The objective necessity of developing such an information security strategy, which would ensure the flexibility of corporate structures in the conditions of economic, social and political dynamics and would facilitate the possibility of making effective decisions based on adaptive approaches in the management of corporate structures, is scientifically substantiated. It is proved that the effect of flexible corporate systems should be defined as a "strategic" effect of flexible response of corporate information security policy to the changing needs of corporations. The need to achieve such a strategic effect requires a complete accounting of the costs of creating and operating the information security policy of the corporate structure, which would be able to cause such an effect. The most important conditions for achieving the strategic effect of the corporate information security system in terms of the amount of costs associated with the creation, implementation and the final result of the implementation of this system are determined. Generalization and systematization of the composition of costs associated with the creation and implementation of the corporate information protection system allowed to outline the main prerequisites for obtaining the strategic effect of flexible response to changes in the goals of the corporate structure. It is proved that the ability of the corporate information security protection system to respond flexibly to changes in the needs of the corporation is determined by the ratio of the rate of change in the degree of corporate information security policy and the rate of change in costs that ensure its effective functioning over a certain period. It is scientifically substantiated that the progressiveness of the development of the corporate information security system should be understood as its adaptability to the effective, timely and high-quality achievement of the goals and objectives of the functioning of corporations, which has a certain and constantly recurring degree of diversity of corporate information security policy.
References
Валіулліна З.В. Інформаційна безпека корпоративної економіки в умовах глобалізаційних процесів. Вісник Дніпропетровського університету. Серія : Менеджмент інновацій. 2016. Випуск 6. С. 34–41.
Домарєв В.В., Гордієнко О.В. Обґрунтування основних функцій системи управління інформаційною безпекою. Вісник Державного університету інформаційно-комунікаційних технологій. 2012. Т. 10, № 2. С. 102–104.
Жабинець О.Й. Політика інформаційної безпеки страхових компаній: українські реалії та досвід США. Проблеми економіки. 2014. № 4. С. 22–27.
Park, S., and Ruighaver, T. "Strategic Approach to Information Security in Organizations," ICISS. International Conference on Information Science and Security, 2008: IEEE, pp. 26–31.
Hong, K.-S., Chi, Y.-P., Chao, L., and Tang, J.-H. "An Integrated System Theory of Information Security Management," Information Management & Computer Security. 2003. 11:5. Pp. 243–248.
Kim, S.H., Wang, Q.-H., and Ullrich, J.B. "A Comparative Study of Cyberattacks," Communications of the ACM. 2012. 55:3. P. 66.
Soomro, Z.A., Shah, M.H. and Ahmed, J. “Information security management needs more holistic approach: a literature review”, International Journal of Information Management, 2016. Vol. 36 No. 2, pp. 215–225. DOI: https://doi.org/10.1016/j.ijinfomgt.2015.11.009
Valiullina Z.V. (2016) Informatsiina bezpeka korporatyvnoi ekonomiky v umovakh hlobalizatsiinykh protsesiv. [Information security of the corporate economy in the context of globalization processes]. Visnyk Dnipropetrovskoho universytetu. Seriia: Menedzhment innovatsii, vol. 6, pp. 34–41. (in Ukrainian)
Domariev V.V., Hordiienko O.V. (2012) Obgruntuvannia osnovnykh funktsii systemy upravlinnia informatsiinoiu bezpekoiu. [Substantiation of the main functions of the information security management system]. Visnyk Derzhavnoho universytetu informatsiino-komunikatsiinykh tekhnolohii, vol. 10(2), pp. 102–104. (in Ukrainian)
Zhabynets O.Y. (2014) Polityka informatsiinoi bezpeky strakhovykh kompanii: ukrainski realii ta dosvid SShA. [Information security policy of insurance companies: Ukrainian realities and USA experience].– Problemy ekonomiky, vol. 4, pp. 22–27. (in Ukrainian)
Park S., Ruighaver T. (2008). "Strategic Approach to Information Security in Organizations," ICISS. International Conference on Information Science and Security, IEEE, 26–31.
Hong, K.-S., Chi, Y.-P., Chao, L., & Tang, J.-H. (2003). "An Integrated System Theory of Information Security Management," Information Management & Computer Security, (11:5), 243–248.
Kim, S.H., Wang, Q.-H., & Ullrich, J.B. (2012). "A Comparative Study of Cyberattacks". Communications of the ACM, (55:3), 66.
Soomro, Z.A., Shah, M.H. & Ahmed, J. (2016). “Information security management needs more holistic approach: a literature review”, International Journal of Information Management, 36, 2, 215–225. DOI: https://doi.org/10.1016/j.ijinfomgt.2015.11.009
