State regulation of information security in the regions is determined by prohibitions, strict requirements and the lack of (limited) access to information. This policy should be considered as a closed system that provides a risk-oriented approach with the mandatory development of threat models. Objectives. Determining the interaction of the Institute of Information Security on the sustainable development of regions. Methods.
The article used information from statistical reports of state and interdepartmental services in the field of information technology development. The monitoring of scientific literature of foreign domestic authors is carried out. Results. An assessment of the theoretical component of the concept of «information security» from the standpoint of history, concepts, government regulation and methodology were made. All this information helped in the assessment of system indicators and a review of existing approaches and directions for implementing information security in regional development.
The review of the state of information security indicates a positive trend and the cost increase has almost doubled compared with last year. At the same time, the number of leaks continues to grow and the total losses of organizations from the damage caused amount to hundreds of billions of rubles. However, the main reason for data compromise remains the human factor. After all, there is no established practice of punishment and a proper system of investigative work in this specificity, which should have restrained a person from the possibility of obtaining information at an early age. Conclusions and Relevance.
It is concluded that the development institute of this area is open and has a flexible system for responding to changes in the external environment. An important link is the existence of a large legal foundation, which is aimed at ensuring equal protection for both the state and business, and for the individual in particular.
In addition to all this, the experience of foreign countries is characterized by a confident tendency to increase costs and include information security not only as a topic for consideration at the meeting, but also as a foundation in the company’s fixed costs.