Importance Whereas new IT mechanisms constantly arise, it becomes even more important to ensure and preserve the data confidentiality. Information security is one of the national security priorities in Russia. However, evaluation methods are outdated and inconsistent with the current needs. Objectives The research outlines a new method to evaluate the information security and the future of data protection practices in the Russian Federation. Methods The research is based on statistical data of reports prepared by governmental and interdepartmental units responsible for information development. We also arrange for monitoring of the national scientific literature. We examine the integral indicators of the national information development, basic indicators of information security and its regulation, and analyze methodological approaches to evaluating the differences of regions in terms of their information security. Results The IT development level of the country results from a set of subordinate systems, which merge into the single national framework and form the unified differentiated indicator of the information security. The effectiveness is possible if the main (basic) indicators of information security are timely registered and analyzed, thus identifying strengths and weaknesses of the information security development by constituent entity. Conclusions and Relevance We conclude the State should make new amendments to the process of evaluating the information security level. There should be new evaluation methods and systems for monitoring the information security level in the country. Moreover, it is necessary to adopt new indicators and performance-oriented planning, reflecting the information development level of the given area entirely.
Keywords: IT development, data protection, integral indicator, information technology, telecommunications, information society
References:
Otero A.R. An Information Security Control Assessment Methodology for Organizations' Financial Information. International Journal of Accounting Information Systems, 2015, vol. 18, pp. 26–45. URL: Link
Hohan A.I., Olaru M., Pirnea I.C. Assessment and Continuous Improvement of Information Security Based on TQM and Business Excellence Principles. Procedia Economics and Finance, 2015, vol. 32, pp. 352–359. URL: Link01404-5
Soomro Z.A., Shah M.H., Ahmed J. Information Security Management Needs More Holistic Approach: A Literature Review. International Journal of Information Management, 2016, vol. 36, iss. 2, pp. 215–225. URL: Link
Kolkowska E., Karlsson F. Towards Analysing the Rationale of Information Security Non-Compliance: Devising a Value-Based Compliance Analysis Method. The Journal of Strategic Information Systems, 2017, vol. 26, iss. 1, pp. 39–57. URL: Link
Yazdanmehr A., Wang J. Employees Information Security Policy Compliance: A Norm Activation Perspective. Decision Support Systems, 2016, vol. 92, pp. 36–46. URL: Link
Voronov A.A., L'vovich I.Ya., Preobrazhenskii Yu.P. et al. [Maintenance of a risk management system at occurrence of threats of information safety]. Informatsiya i bezopasnost' = Information and Security, 2006, no. 2, pp. 8–11. (In Russ.)
Zhidko E.A., Popova L.G. [Information security of the modernized Russia: Formulating the goal]. Informatsiya i bezopasnost' = Information and Security, 2011, no. 2, pp. 181–190. (In Russ.)
Shults V.L., Kul'ba V.V., Shelkov A.V., Chernov I.V. [Diagnostics and scenario analysis of the external threats to regional security]. Natsional'naya bezopasnost'/Nota Bene= National Security/Nota Bene, 2014, no. 5, pp. 626–664. URL: Link (In Russ.)
Rovinskaya T.L. [Information security of Russia: Political and cultural aspects]. Mirovaya ekonomika i mezhdunarodnye otnosheniya = World Economy and International Relations, 2011, no. 11, pp. 49–62. (In Russ.)
Vladimirova T.V. [Information security: Social practices and structures]. Natsional'naya bezopasnost'/Nota Bene = NationalSecurity/Nota Bene, 2014, no. 3, pp. 390–397. URL: Link (In Russ.)
Fedorova O.N. [Development of legal regulation of information security in Russia]. Politika i obshchestvo = Politics and Society, 2012, no. 4, pp. 64–67. (In Russ.)
Zefirov S.L. [The problem of measuring and evaluating the information security of an organization]. Otkrytoe obrazovanie = Open Education, 2011, no. 2-2, pp. 134–137. (In Russ.)
Frolov D.B. [Ensuring information security of modern information technologies using a set of Bank of Russia standardization documents 'Maintenance of Information Security of the Russian Banking System Organisations']. Den'gi i kredi = Money and Credit, 2014, no. 12, pp. 63–66. (In Russ.)
Batueva E.V. [The US information wars: Towards defining a national cyber strategy]. Mezhdunarodnye protsessy = International Processes, 2014, vol. 12, iss. 1-2, pp. 117–127. (In Russ.)
Klochkova E.N. [Methodological approaches to an assessment of interregional differentiation on a level of development of information society]. Voprosy regional'noi ekonomiki = Problems of Regional Economy, 2016, vol. 27, no. 2, pp. 70–76. (In Russ.)
Aksmet'yanova A.I., Kuznetsova A.R. [Problems of information security in Russia and its regions]. Fundamental'nye issledovaniya = Fundamental Research, 2016, no. 8-1, pp. 82–86. (In Russ.)
Strel'tsov A.A. [The legal framework for the information security]. Rossiiskii yuridicheskii zhurnal = Russian Juridical Journal, 2003, no. 2, pp. 24–35. (In Russ.)
Smirnov A.A. [Priorities for ensuring the security of the information society: A comparative and legal analysis of programs of Russia and the European Union]. Administrativnoe pravo i protsess = Administrative Law and Procedure, 2012, no. 7, pp. 48–55. (In Russ.)
Artamonova Ya.S. [Information security and problems of the Russian society in the context of globalization]. Innovatsii i investitsii =Innovation and Investment, 2013, no. 6, pp. 250–257. (In Russ.)
Brandman E.M. [Globalization and information security of society]. Filosofiya i obshchestvo = Philosophy and Society, 2006, no. 1, pp. 31–41. (In Russ.)
