ДЕТЕРМІНАНТИ УСПІХУ МЕНЕДЖМЕНТУ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ МАЛОГО ТА СЕРЕДНЬОГО БІЗНЕСУ

Abstract

Today poses new challenges in the field of information security for businesses, including E CO N O MI CS AND MA NA G E M E NT OF E NT E RPR IS ES Issue III (83), 2021 81 small and medium. Intangible assets are becoming increasingly important, and new information threats are emerging. Building an information security management system allows businesses be prepared for threats and develop successfully. The purpose of the study is to study and substantiate the success factors of the information security management system of small and medium-sized enterprises (SMEs) in Ukraine. Constructing the logic and structure of the article, we used the method of structural- logical analysis. Methods of grouping and systematization, analysis and synthesis are used to generalize approaches to determining the key success factors of the management system. A systematic method of research and observation was used to form a list of problems, needs and threats of the information environment of SMEs. Study has shown that there is an urgent need for small and medium-sized businesses to use an effective information security management system in their activities, which should be an integral part of overall management. The need for information security management is dictated by two types of threats: the threat of actually dangerous information and the threat of using (influencing) dangerous information technologies. The general and specific needs and problems in information security management at domestic enterprises are substantiated, including protection of business functionality, safe operation of programs and applications, data protection, protection of technological assets of the business. Rapid overcoming of these problems by building an information security management system is possible only if one understands and takes into account the key success factors of such a system. Success factors should reveal the classic functions of management: the success of planning, the success of the organization, the success of motivation, the success of control. Another key success factor can be taking into account the factors significantly influencing the information security culture formation and adoption by the SMEs. Building an information security system in the enterprise based on key success factors allows the entity to achieve a dynamic balance with the external environment and be prepared for possible potentially negative events. A further direction of the research should be the search for and substantiating specific components of these success factors, their detailing and study of the mechanisms of implementation in the SME management practice.