Analysis of the Information Security Arrangement in Russia and Other Countries

Abstract

Purpose of research. This article discusses various techniques for information security implementation used in certain countries; presents analysis and comparison of the degree of information security development in the Russian Federation. A brief history of the origin and subsequent dynamics of the development of this area in different countries is given. The objectives of this article are to analyze the legislation basis of different countries, namely the laws, regulations, decrees related to the sphere of information and personal data security and to develop a technique to increase the share of prevented attacks against information systems. Methods. The peculiarities of forms of information security implementations in the Russian Federation, the United States of America, Germany,and Francewas studied. The article analizes the current global international standards for standardization of security measures and systems related to the ISO / IEC 27000system, and the level of their implementation in Russia. The method of Saati hierarchies was chosen as the research method. Results. Theconducted research allowed us to reveal possible shortcomings of information security implementation in Russia by means of drawing an analogy with other countries with a more developed information security systems. Russian legislative framework contains many laws and regulations that affect personal data protection and processing, but their number and arrangement clarity is not sufficient and needs to be enhanced. Conclusion. As a result of the analysis it can be concluded that Russia pays considerable attention to information security implementation; different measures have been taken to its ensurance; a number of Federal laws have been enacted. However, the regulatory framework of the Russian Federation, the purpose of which is to protect information and personal data, has a relatively short history of development and needs enhancement.