information security

The article investigates the integration of information security into Agile software development processes, focusing on the adaptation of DevSecOps methods. The goal was to enhance the implementation of security practices by reducing vulnerability detection time, simplifying the integration of security into the development cycle, and improving team collaboration. The analysis revealed that automation of security testing reduces vulnerability detection time by 40%, while cross-functional teams improve collaboration by 30%.

The article examines modern tools and approaches to conducting OSINT — the analysis of open sources of information. The key role of OSINT, along with other intelligence methods such as HUMINT, IMINT, SIGINT, MASINT and GEOINT, lies in creating a holistic information field that combines open, technical, human and geospatial sources. The constant development of methodologies and improvement of automation tools allows to increase the efficiency and accuracy of the analysis of the received information, which makes OSINT one of the most important elements of modern intelligence.

The article considers the problem of ensuring the reliability and security of personal data processed in state registers by using blockchain technologies. The growing requirements for transparency and stability of state data management systems pose new challenges to protecting information from unauthorized changes, interference, and forgery. A method based on implementing a decentralized blockchain architecture is proposed to ensure data integrity, traceability, and transparency during processing and storage.

The increasing complexity of cyber threats requires the development of effective methods for detecting and classifying attacks in network traffic. This study analyzes the effectiveness of three popular machine learning algorithms: Random Forest, which is used for anomaly detection, Support Vector Machines (SVM), which performs cyber threat classification, and autoencoders, which are used for data preprocessing and deep traffic analysis.

The article deals with the issue of criminal liability for crimes against the foundations of national security on the example of domestic and foreign experience of certain countries.

The author specifically analyzes the legislative regulation of criminal liability for crimes against national security in the Republic of Lithuania, the Republic of Latvia, the Republic of Estonia, Georgia, the Republic of Armenia, the Republic of Poland, Switzerland, the Federal Republic of Germany, and the French Republic.

The article discusses key information security principles, focusing on confidentiality, integrity, availability, traceability, and the DIE model (Distributed, Immutable, Ephemeral). Confidentiality emphasizes the importance of secrecy and controlling access to prevent sensitive information from misappropriation. Integrity ensures that data remains accurate and trustworthy, with measures to prevent unauthorized modifications.

The article considers the legal mechanisms for ensuring information security. It has been proven that today, more than ever, when there is a war in Ukraine, the issue of ensuring information security becomes especially relevant and significant, as the information space becomes a “battlefield” on a par with the war front. Enemy forces actively use informational and psychological operations to destabilize the situation inside our country, create panic, spread fakes and undermine trust in state institutions.

nding to emerging threats through the implementation of recognized standards in the field of information security, such as ISO 27001, was considered. The updated edition of the international standard ISO/IEC 27001 of 2022 and, in particular, the main changes in the structure of controls were analyzed. A detailed analysis of the new security control from Appendix A – A.8.9 – Configuration Management and possible ways of its effective implementation in organizations were carried out.

A multi-level structure of safe intellectualization of society’s infrastructure “objects – cyber-physical systems” in the functional space “selection – exchange of information – processing – management” is proposed according to the profiles – confidentiality, integrity, availability for “smart environmental monitoring”, “smart education”, “smart energy”, “intelligent transport system” and other subject areas.

The article, based on a theoretical and practical study of the essence and features of the regulation of information and legal relations in the conditions of russian aggression, focuses on the problematic issues of organizational and legal provision of information security as an activity aimed at the prevention, timely detection and termination of threats that destructively affect vital interests of the individual, society and the state in the information sphere.