Markova O.M.Financial University under Government of Russian Federation, Moscow, Russian Federation markova1310@bk.ru
Importance Considering the changes in requirements to the information security of banking transactions, the research overviews important amendments to legislative regulation of electronic payments, and new models for managing security systems, which allow mitigating risks of possible losses when making electronic payments. Objectives The research strives to reflect the changes in legislative regulation of electronic payments assuming that the Bank of Russia's standard Ensuring the Information Security of Entities Operating in the Banking System of the Russian Federation is applied. The article discloses areas for improving the electronic-payment security management systems on the basis of payment security quality management, thus increasing the security of the credit institution in terms of information technologies and making the banking business more sustainable. Methods The research analyzes various aspects of information security in banking, and determines the most effective systems for managing the information security in banking. Results I present my proposals for improving the information security and ways to keep it in commercial banks. For this, it is necessary to identify information and technological resources to be protected, potential threats and data leakage channels; assess susceptibility and risks of information considering threats and data leakage channels; determine requirements to the protection system; to choose data protection means and their characteristics; organize and enforce the measures, methods and means of protection; control the data protection system integrity. Conclusions and Relevance I conclude that tightened economic sanctions considerably increase requirements to information security of electronic payments, thus making the banking business in Russia more reliable and safe.
Keywords: management system, information security, electronic payments, automation, banking system
Balijon Johan. Sovremennye tendentsii v oblasti informatsionnoi bezopasnosti bankov [Modern trends in information security of banks]. Bankovskoe delo = Banking, 2014, no. 10, pp. 60–63.
Lakhno Yu.V. Innovatsionnye resheniya v strukture natsional'noi platezhnoi sistemy [Innovative solutions in the national payment system]. Bankovskoe delo = Banking, 2014, no. 8, pp. 56–58.
Serdyuk V. Rol' standartov Banka Rossii v obespechenii informatsionnoi bezopasnosti kreditno-finansovykh organizatsii [The role of standards of the Bank of Russia in ensuring the security of credit and financial institutions]. Bukhgalteriya i banki = Accounting and Banks, 2008, no. 3.
Frolov D., Nevalennyi A. Protivodeistvovat' krizisu. Osobennosti obespecheniya informatsionnoi bezopasnosti v kreditno-finansovoi sfere v usloviyakh krizisa [Countering the crisis. Specifics of ensuring the information security in the lending and financial sector during the crisis]. BIS Journal. Informatsionnaya bezopasnost' bankov = BIS Journal. Information Security of Banks, 2015, no. 2.
Mardanov R.Kh., Il'in I.V. Standarty informatsionnoi bezopasnosti v bankovskoi sisteme [Information security standards in the banking system]. Vestnik Ufimskogo gosudarstvennogo aviatsionnogo tekhnicheskogo universiteta = Vestnik of Ufa State Aviation Technical University, 2013, vol. 17, no. 7, pp. 55–60.
Summanen K. Avtomatizatsiya upravleniya bankovskimi riskami [Automation of banking risks management]. Connect. Mir informatsionnykh tekhnologii = Connect. The World of Information Technologies, 2015, no. 5.
Astakhov A. Iskusstvo upravleniya informatsionnymi riskami [The art of managing information risks]. Moscow, DMK Press Publ., 2010, 314 p.
Deming W.E. Novaya ekonomika dlya promyshlennosti, pravitel'stva i obrazovaniya [The New Economics for Industry, Government and Education]. Moscow, Ekonomika Publ., 2003, 328 p.
Pushchilin V. Evolyutsiya IT-sistem – vliyanie na bankovskii biznes [The evolution of IT systems is an impact on banking]. Bankovskie tekhnologii= Banking Technologies, 2015, no. 4.
Varfolomeev A.A. Osnovy informatsionnoi bezopasnosti [Fundamentals of information security]. Moscow, Peoples' Friendship University of Russia Publ., 2008, 412 p.
Filipenkov N. Smogut li banki vyzhit' bez sovremennoi sistemy risk-menedzhmenta [Will banks be able to survive without a modern risk management system?]. Bankovskoe obozrenie = Banking Review, 2014, no. 11.
Vybornov A. Ustranenie uyazvimostei [Fixing of vulnerabilities]. BIS Journal. Informatsionnaya bezopasnost' bankov = BIS Journal. Information Security of Banks, 2014, no. 4.
Nikpur A., Donyuk Kh. Osnovnye tendentsii v upravlenii kachestvom elektronnykh bankovskikh uslug [Major trends in quality management of electronic banking services]. Bankovskoe delo = Banking, 2015, no. 3, pp. 54–58.
Hubbard D.W. Otsenka stoimosti informatsii: sokrashchenie poter' i rasshirenie vozmozhnostei [Measuring the Value of Information. In: How to Measure Anything]. Available at: Link. (In Russ.)
Dubrovskii Yu.V. Integratsiya informatsionnykh sistem korporativnykh klientov i banka [Integration of information systems of corporate clients and Bank]. Bankovskoe delo = Banking, 2015, no. 1, pp. 62–64.
Prosvirina E.M. Indikatory ekonomicheskoi bezopasnosti [Indicators of economic security]. Bankovskoe delo = Banking, 2014, no. 12, pp. 76–81.
