Factors for creating a security strategy for information technologies of modern enterpris

Abstract

The purpose of this work is to analyze the current state of information security of modern enterprises and to provide recommendations for the construction of a protection strategy for information technology. In order to achieve this goal, the state of information security of the enterprise is analyzed, problems that arise in the work of information systems are considered, and recommendations are given to specialists of information technology units regarding their solution.
The problem of increasing the threat of cyber espionage and sabotage for enterprises on the example of energy industry organizations is considered and the necessity of understanding by the heads of information technology departments of risks of information security and objects of protection is stated. A set of recommendations is proposed to increase funding for information security measures that can be used by cyber security officials. The disappearance of the perimeter of the information network is considered in detail as one of the main modern factors of the cybersecurity strategy. The use of artificial intelligence technology can simplify initial analysis of network activity, filter out what is normal, and focus efforts on investigating and eliminating high-risk threats. One of the important areas for improving information security is the certification of business websites for online trust audits. The introduction of advanced 5G technologies and the use of IoT services in the work of telecommunications companies increases the threats to information systems. It is recommended to use closed loop automation (CLA), which uses machine learning and artificial intelligence, to evaluate the state of the network in real time. Attention is paid to the analysis of the organization of work with the personnel of the enterprise as the main factor of reliability of the information security system, the basic rules of cyber hygiene are given.
The results of the work can be used to develop a strategy for information security of enterprises, including telecommunication companies using modern 5G technologies and IoT services in their work.

Keywords: information security, enterprise information system, threats.

References
1. Cyber espionage and sabotage attacks pose an increasing threat to the energy industry. Help Net Security (2019), April 17.
2. Evaluating the biggest cyber threats to the electric power sector. Help Net Security (2019), February 4.
3. Zeljka Zorz, Building a sound security strategy for an energy sector company. Help Net Security (2018), July 30.
4. Which organizations place a premium on security and privacy? Help Net Security (2019), April 18.
5. John DiLullo, The perimeter is vanishing, how will you secure your network? Help Net Security (2019), April 18.
6. One hundred percent of endpoint security tools eventually fail. Help Net Security (2019), April 18.
7. Robert MacDonald, Employee cybersecurity essentials part 2: Lost devices and unsafe connections. Help Net Security (2019), April 16.
8. Arthur Zavalkovsky. Closed loop automation combats IoT security threats in the 5G age. Help Net Security (2019), April 10.
9. Bad security hygiene still a major risk for enterprise IT networks. Help Net Security (2019), April 16.
10. Basic rules of cyber hygiene, April 20 (2019). https://cert.gov.ua/recommendations/21.