Security Entities Research Articles

Hyper attack graph: Constructing a hypergraph for cyber threat intelligence analysis

Cybersecurity experts are actively exploring and implementing automated technologies to extract and present attack information from Cyber Threat Intelligence. However, there are multiple relations among security entities within Cyber Threat Intelligence, a feature that existing technologies often overlook. Additionally, integrating external security knowledge into cyber threat intelligence intuitively during analysis and presentation poses challenges. We propose the Hyper Attack Graph (HAG) framework, the first work to apply hypergraph data structures in the analysis of cyber threat intelligence. Our approach uses a joint extraction model that incorporates a multi-head selection mechanism, effectively addressing the extraction of multiple relations among security entities. We use hypergraph to display tactics and techniques in cyber threat intelligence. Our evaluation of the HAG framework on 685 real-world cyber threat intelligence reports shows an increase in the F1 score for security entity extraction by 11.12% and for relation extraction by 6.71% over existing efforts. Furthermore, HAG’s ability to visually represent external security knowledge on hypergraphs demonstrates its potential as a valuable tool in cybersecurity analysis.

Uncovering Multi-step Attacks with Threat Knowledge Graph Reasoning

The rapid advancement of information technologies has significantly intensified the focus on cyberspace security across various sectors. In this evolving landscape, attackers deploy many of techniques- including exploits, weakness identification, and complex multi-step attacks- to gain unauthorized access to systems. Conversely, defenders harness insights from a variety of sources to pinpoint potential threats. Prominent public cybersecurity databases such as the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK), Common Attack Pattern Enumeration and Classification (CAPEC), Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE), and Common Platform Enumeration (CPE) provide extensive data on security entities and their interrelations, playing a pivotal role in enriching the understanding of cybersecurity challenges and assisting in comprehensive defensive analyses. However, the semantic cross-analysis of these databases, crucial for identifying obscure threat patterns, remains underexploited. In this study, we amalgamate data from these disparate sources into a cohesive threat knowledge graph and introduce a novel knowledge representation learning approach, A4CKGE (ATT&CK-CAPEC-CWE-CVE-CPE Knowledge Graph Embedding). This method utilizes advanced structural and textual analytics to predict interactions among security entities such as products, vulnerabilities, weaknesses, and multi-step attack sequences, employing complex attack templates generated through a Large Language Model (LLM). Our extensive experiments demonstrate that this approach significantly outperforms existing state-of-the-art methods in effectively predicting these relationships. The findings validate the efficacy of our threat knowledge graph in unveiling hidden connections, thereby highlighting its potential to strengthen cybersecurity defenses substantially.

ORGANISATIONAL AND LEGAL FRAMEWORK FOR THE IMPLEMENTATION AND FINANCIAL SUPPORT OF INTERACTION BETWEEN LOCAL SELF-GOVERNMENT BODIES AND THE POLICE UNDER MARTIAL LAW

The article examines the organisational and legal framework for implementing certain projects of interaction between local self-government bodies and the police under martial law, and identifies the specifics of their financial support. The purpose of the study is to identify promising projects of cooperation between local self-government bodies and the police and other authorities in creating a secure environment and the means of their organisational and economic support. The objectives of the research are to clarify the legal basis and forms of cooperation between local self-government (LSG) bodies and the police in the area of ensuring the vital activity of the region; to identify promising projects of cooperation between local self-government bodies and the police and other bodies in creating a secure environment that have been implemented and are planned for implementation and ways to finance them. The methodological basis of the paper is the dialectical method, the application of which allowed to comprehensively reveal the nature of forms and methods of interaction between local self-government bodies and the police. The study established that the interaction of the National Police of Ukraine with other public security entities during the anti-terrorist operation should be understood as an activity based on legislative and by-law regulations and coordinated in terms of objectives, time and place of conduct between entities directly involved in the fight against terrorism, arising from the organisational activities of specially created coordination bodies, and other equal and independent state bodies, local self-government bodies and the public with the aim of their coordinated functioning to protect the rights, freedoms and security of citizens, prevent and suppress terrorist acts and other offences through the most appropriate combination of forms and methods inherent in these subjects. It is found that, taking into account the analysis of positive foreign experience, it is advisable to develop a model programme of interaction of local self-government bodies at the regional level with the police and other authorities to create a secure environment in Ukraine, which should define: the legal basis for interaction; areas of interaction; forms, means and methods of interaction; and the procedure for joint financing of security programmes of interaction in this area.

Primary Objectives of the Activities of Actors Ensuring National Security

The article is devoted to clarifying the key tasks of the actors ensuring national security, taking into account modern understanding of national security and its provision. Based on the analysis of current scientific literature, the authors highlight the approaches of Ukrainian scientists to the understanding of the complex of tasks of ensuring national security, which are consistent with the modern doctrine of national security and its provision. Considering the scientific views on the structure of the tasks of ensuring national security, seven main groups of the objectives of the national security entities are outlined. It is concluded that these targets envisage planning, creation, improvement and monitoring (in particular, for clarity and legal certainty, consistency and adaptability, taking into account complex and dynamic features of modern risks and challenges faced by the national security actors) in national security law making, and the results of standard-setting.

A state-of-the-art universal machine learning framework for decoding suspect coded messages

This proposed framework aims to mitigate global terrorist threats, suspicious activities, and legal violations by introducing an innovative system that monitors encrypted short-text messages across instant messaging programs. In the current landscape, criminals, terrorists, and clandestine entities extensively employ encrypted messages for illicit endeavours on a global scale. Despite the escalating use of encrypted messages on social media platforms, a comprehensive solution for combating online crime is notably absent.The outlined framework addresses this gap by employing a cryptographic system that integrates semantic web ontology, a Predefined Dataset, and machine learning technology for encryption, decryption, and cryptanalysis. A key feature is the framework's ability to predict potential crimes by analyzing blogs for suspicious terminology conveyed through coded information. The identified information is then promptly communicated to law enforcement agencies, thereby alleviating the burden on numerous security entities and offering an efficient strategy against global crime.What sets this proposed framework apart is its unique utilization of encrypted text, a dimension that has remained unexplored in previous studies. The cohesive integration of its components expedites the process of anticipating crime types and significantly reduces the incidence of encrypted crimes on a global scale.

ТЕХНОЛОГІЯ ОЦІНЮВАННЯ РЕЗУЛЬТАТИВНОСТІ БЕЗПЕКОВОЇ ДІЯЛЬНОСТІ ТОРГОВЕЛЬНОГО ПІДПРИЄМСТВА

COVID-19 and military operations have significantly changed the security situation for Ukrainian enterprises. The existing security systems were not ready for the existing critically high and difficult to predict dynamics of influence of previously secondary factors. The weak link turned out to be subsystems of information and analytical support, which were mostly focused on assessing the economic security of the enterprise based on reporting data. The current attempts of trade enterprises to adapt to the conditions of operation during the martial law actualized the problem of improving the information base of security activities. The purpose of the study is to develop a technology for evaluating the effectiveness of security activities of a trading enterprise. To develop a technology for evaluating the effectiveness of the security activities of a trading company, the following methods were used: induction and deduction, comparison and systematization – during the study of the existing practice of evaluating the security activities of enterprises; synthesis and analysis – for the calculation of primary indices, group and integral indicators; morphological analysis – to determine the list of primary indexes; expert survey – to establish weighting factors; graphic – for visual representation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. On the basis of a careful study of existing developments, a variant of the technology for evaluating the effectiveness of security activities of trade enterprises is proposed. The developed technology is a combination of knowledge (including methods, tools, techniques, principles), experience, organizational, technical and other decisions about the conditions, principles and sequence of operations, the implementation of which allows you to get a holistic vision of the course of security processes and the activity of sub security entities in the performance of specified tasks. The three components involve the calculation of a wide list of primary indicators, followed by their unification into group indicators and the determination of an integral indicator, which is facilitated by weighting factors that maximally take into account the specifics of trade and ensuring security in the conditions of the relevant economic entity. The use of the developed technology made it possible to obtain information about the actual results of the security activities of individual trade enterprises during 2021–2023, in particular in terms of countermeasures and elimination of threats related to COVID-19 and military actions.

БАЗОВІ ТЕОРЕТИЧНІ ЗАСАДИ ІНТЕЛЕКТУАЛІЗАЦІЇ БЕЗПЕКОВОЇ ДІЯЛЬНОСТІ ТОРГОВЕЛЬНИХ ПІДПРИЄМСТВ

Today, the progress of Ukrainian trade enterprises in the transition to a new model of business organization – electronic trade, which was a consequence of the gradual impact of COVID-19 and military actions on the territory of the country, is clearly visible. Such transformations are accompanied by the emergence of new risks and threats, the experience of countering which is absent, which requires a review of the principles of security activities. Current systems of economic security function on the basis of strict compliance with the developed instructions, which reduces the effectiveness of the actions of security entities in conditions of rapid and difficult to predict changes in the security situation. The question of a creative approach to decision-making in atypical situations is inhibited both by the need to observe the established regime and by the lack of stimulation for the manifestations of creativity in actions. The purpose of the study is to create the necessary theoretical basis for the formation of a methodological basis for the intellectualization of security activities of trade enterprises In order to find out the content of the process of intellectualization of the security activities of trade enterprises, the following methods were used: induction and deduction, comparison and systematization – in the study of the essential characteristics of the terms “intelligence” and “intellectualization”; synthesis and analysis – to take into account the specifics of the activity of trading enterprises; morphological analysis – to clarify the target direction of measures in the course of intellectualization of the security activities of a trade enterprise; abstract-logical – for theoretical generalizations and research conclusions. It has been found that trade enterprises in Ukraine have some experience in implementing intellectualization, but such efforts are not characterized by systematicity, that is, in most cases they are fragmentary and without due attention to changes in security activities. Critical clarification of changes in the interpretation of the terms “intelligence” and “intellectualization” made it possible to consider the intellectualization of the security activities of trade enterprises as an increase in the intellectual activity of participants in the security process due to the implementation of a set of measures that enable the development of mental abilities for the purpose of generating and effectively applying knowledge as well as the improvement of the technological base, which collectively contributes to the fulfillment of tasks related to maintaining the economic security of the enterprise at the level necessary for the development and realization of economic interests.

APT Attack Detection Based on Graph Convolutional Neural Networks

Advanced persistent threat (APT) attacks are malicious and targeted forms of cyberattacks that pose significant challenges to the information security of governments and enterprises. Traditional detection methods struggle to extract long-term relationships within these attacks effectively. This paper proposes an APT attack detection model based on graph convolutional neural networks (GCNs) to address this issue. The aim is to detect known attacks based on vulnerabilities and attack contexts. We extract organization-vulnerability relationships from publicly available APT threat intelligence, along with the names and relationships of software security entities from CVE, CWE, and CAPEC, to generate triple data and construct a knowledge graph of APT attack behaviors. This knowledge graph is transformed into a homogeneous graph, and GCNs are employed to process graph features, enabling effective APT attack detection. We evaluate the proposed method on the dataset constructed in this paper. The results show that the detection accuracy of the GCN method reaches 95.9%, improving by approximately 2.1% compared to the GraphSage method. This approach proves to be effective in real-world APT attack detection scenarios.

ADMINISTRATIVE AND LEGAL SUPPORT OF POLICE MANAGEMENT IN THE CONTEXT OF ECONOMIC INTEGRATION

The subject matter of the study is the conceptual, theoretical, empirical and methodological foundations of legal and economic aspects of administrative and legal support for the management of police activities in the context of economic integration. Methodology. The study uses general scientific and special methods of cognition. The dialectical method was used to analyse the essence of police management in the context of economic integration in both the legal and economic dimensions in a wide range of parameters. The analysis provided the basis for a multidimensional study of all the characteristic features of police management in the context of economic integration in economic and legal etymology. The synthesis created the basis for generalising the characteristic features of this police activity as a law enforcement agency. The formal legal method allowed for an accurate interpretation of the legal provisions defining the general and special legal framework for administrative and legal support of police management in the context of economic integration. The article aims at defining the essence of administrative and legal support for management of police activities in the context of economic integration and developing proposals for its improvement. The results of the publication show that the administrative and legal support of police management in the context of economic integration covers a number of comprehensive measures in various areas of activity of the relevant police unit, primarily aimed at ensuring economic security. The paper identifies areas for improving the administrative and legal support of police management in the context of economic integration, with a significant emphasis on lawmaking. Conclusion. In the context of economic globalisation, so-called transnational crimes play a significant role, including the creation of and participation in organised criminal groups, corruption offences, obstruction of justice, and money (income) laundering. The National Police of Ukraine is taking a number of measures to counteract unlawful manifestations in the economic sphere, which are largely components of transnational crime, by implementing appropriate management measures. In the context of administrative and legal support of the National Police, the article examines the structural elements of transnational crime and the powers of the police in this area. Some aspects related to combating crimes committed by organised groups and criminal organisations, corruption offences, economic crimes and the prevention of economic crime were highlighted. In order to overcome the negative manifestations of economic crime in the conditions of economic integration, relevant measures have been proposed, including: participation in legislative work, which should primarily incorporate the best practices of the international community in this area; development of the concept of service activities, which mediate the form and content of law enforcement activities in the economic sphere; improvement of management activities in combating manifestations of corruption in the economic sphere; creation of a qualified personnel potential in the relevant units of the National Police, whose activities are aimed at ensuring economic security in accordance with the above directions, etc. The paper provides proposals for improving the legislative definition of the concept of economic security and delineating the competence of national security entities in this area, including police units.

The Analysis of World Information Warfare and Information Security in the Context of the Russian-Ukrainian War

The appearance of significant transnational information processes has given rise to new threats to international security, such as information warfare. The problem of employing information warfare, which has become particularly acute and relevant, can be observed through the example of the full-scale war between the Russian Federation and Ukraine. Numerous information attacks by the aggressor country in the form of fake news dissemination confirm this. The latter requires in-depth study for the development of countermeasures, the application of combat algorithms, and the organization of modern information security.This article aims to introduce a methodology of information security based on several advanced defensive administrative measures, including a review of a series of response cycles to information attacks, mainly when conducted through hybrid and information technologies in the context of the Russian-Ukrainian war. Given the rapid dynamics of contemporary information processes and associated information threats, a complex set of countermeasures is necessary enabling an effective response to threats and timely prediction.The research methodology is based on general scientific and empirical methods of analysis and scientific cognition, including observation, systemic analysis, classification, scientific abstraction, statistical analysis, analogy, graphical generalization, and systematization. According to the results of the conducted research, it has been established that the distribution of managerial decisions into "fast" and "slow" allows for combining response to attacks with information accumulation to identify the most vulnerable elements and predict future information warfare. In particular, a process of responding to information attacks consisting of several stages of administrative measures has been proposed. Attention is given to the need to consider the initial data for further use in each relevant war period when repeating the cycle following the completion of the specified four-step countermeasure algorithm. Additionally, it has been identified that transmitting data on unlawful aggressor attacks to the information collection system requires careful planning and coordination among various operations and structures. The authors have substantiated and proposed the necessity and application of coordinated administrative measures among information security entities.

Fuzzy-based Misbehavior Detection for Internet of Things in Multi-access Edge Computing Environment

Today, an emerging paradigm of edge computing, called Multi-Access Edge Computing (MEC), is widely used in a broad range of applications. MEC has been recently used as a driving technology for 5G networks. However, MEC encompasses some security problems, such as communicating with untrusted third-party service providers commonly known as location-based service (LBS) providers. In this paper, we propose a novel fuzzy-based misbehavior detection system for Internet of Things (IoT) in a 5G-based MEC environment to solve the previous problems. Our proposed system is comprised of a multi-tier architecture that is linked by IoT gateways and mobile core network. In our architecture, we employ a novel mechanism that embeds a security entity called Regional Certificate Authority in a 5G macro base station. This security entity acts as a passport for the IoT gateway to communicate with other security entities present in our system that are located in the core infrastructure. Besides that, our system utilizes a distributed certificate revocation mechanism for malicious LBS providers via simultaneously updating the internal blocklists employed by more than one system entity. In addition, we adopt in our architecture a novel penalty system for malicious LBS providers, which is used for penalizing providers in case proved to be malicious as well as actively isolating them from the network. On the other hand, our system provides conditional anonymity for the incident’s reporter. Also, we present various security features maintained by the proposed system to thwart well-known attacks as well as we demonstrate efficiency and robustness of our system. Finally, we provide the overhead of our system and compare it with other state-of-the-art approaches where results show that the proposed system relatively incurs the least overhead.

ТРАНСФОРМАЦІЯ УМОВ ФУНКЦІОНУВАННЯ ТА ЗАСАД ЗДІЙСНЕННЯ БЕЗПЕКОВОЇ ДІЯЛЬНОСТІ ТОРГОВЕЛЬНИХ ПІДПРИЄМСТВ

Military actions on the territory of Ukraine since 2014 negatively affect the development of the national economy, one of the consequences of which is a slightly lower share of the digital economy. Despite this, the e-commerce sector is developing, requiring a priority review of the principles of implementing security activities in the conditions of each enterprise. The research is aimed at clarifying the differences between traditional and electronic trade, in particular in terms of the need to make changes in security activities as the basis for a controlled and safe transformation of each trade enterprise. In order to consider the key aspects of the transformation of the operating conditions and the principles of the implementation of security activities of trade enterprises, the following methods were used: induction and deduction, comparison and systematization – in the study of the essential characteristics of traditional and electronic trade; synthesis and analysis – to identify differences in the parameters of the trade and technological process of the functioning of enterprises of traditional and electronic trade; morphological analysis – to characterize the content of new technologies that expand the possibilities of using electronic commerce; graphic – for visual representation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. Within the framework of the conducted research, a holistic view of the necessary changes in security activities was formed on the basis of a study of the main parameters of the trade-technological process of the functioning of enterprises of traditional and electronic trade. It has been proven that security entities should change their actions not only as a result of digitization, digitization and digital transformation of a trade enterprise, but based on trends in the use of the latest technologies, in particular augmented and virtual reality, ROPO, mobile format, syndication, multi-channel, artificial intelligence etc. The generalized and expressed own considerations are aimed at proving the fact of the current and future high dynamics in the development of electronic commerce, which requires not only appropriate, but also early changes in security activities to enable the transition of a trading enterprise to the next stage of digital transformation. Such changes should take place in advance, based on the specifics of the transformation of each trade enterprise, as well as the need to reduce the gap with foreign competitors.

ТЕОРЕТИЧНЕ ПІДҐРУНТЯ СТВОРЕННЯ СИСТЕМИ ЕКОНОМІЧНОЇ БЕЗПЕКИ ПІДПРИЄМСТВА

The operating conditions of Ukrainian enterprises require maximum attention to business security issues. Each enterprise has its own system of economic security based on existing experience and in accordance with existing theoretical developments. The effectiveness of security activities within each enterprise is not high due to the spread among top management of the belief that the system of economic security is immutable and the focus of the actions of security entities on the elimination of the consequences of the implementation of the main threats. The purpose of the study was to create a theoretical basis for the development of the enterprise's economic security system, based on the current tasks facing security entities and changes in the external environment of the functioning of Ukrainian enterprises. To consider the theoretical foundations of the formation of the economic security system of the enterprise, the following methods were applied: induction and deduction, comparison and systematization – in the study of the essential characteristics of the terms "system", "system approach" and "system of economic security of the enterprise"; synthesis and analysis – to consider the phasing of the formation of the enterprise's economic security system; morphological analysis – to specify the components of the enterprise's economic security system; graphic – for visual presentation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. The importance of rethinking the foundations of the formation of the enterprise's economic security system is substantiated, taking into account the current trends in increasing the share of the digital economy, digitalization of the labor market and the need for the appropriate digital transformation of the enterprise. Based on the generalization of the modern interpretation of the concepts "system", "system approach" and "system of economic security of the enterprise" a model of the formation of the system of economic security of the enterprise in the conditions of digitization of the labor market has been developed. As structural components of such a system, the following are highlighted: target orientations of security activities; task; subjects and objects of security; functions; politics; strategy, principles, security objects; provisioning mechanism. Attention is paid to the tools and equipment that determine the effectiveness of security entities in the ability to maintain the level of security necessary for the development of the enterprise.

ІНФОРМАЦІЙНЕ ПІДҐРУНТЯ ЗАБЕЗПЕЧЕННЯ ЕКОНОМІЧНОЇ БЕЗПЕКИ ПРОМИСЛОВИХ ПІДПРИЄМСТВ

Security activity in the conditions of Ukrainian industrial enterprises creates the necessary basis for their functioning and development despite a critically high level of uncertainty and insufficient state support. The actions of security entities, based on the acquired experience and available resources, provide for the primary elimination of the consequences of the implementation of internal threats, in particular, in relation to the financial component of the economic security of the enterprise. This form of organization of security activities is becoming less and less effective due to the high dynamics of the external environment, in particular in terms of the materiality of the impact of threats that are associated with changes in the national economy, COVID-19, military actions, etc. The study is focused on the consideration of the main trends in the development of industry and in terms of individual types of economic activity as a necessary addition in the formation of information and analytical support for the safety of industrial enterprises. In order to form the informational basis for ensuring the economic security of industrial enterprises, the following methods were applied: induction and deduction, comparison and systematization – when studying the peculiarities of the financial and economic activity of industrial enterprises; synthesis and analysis – to characterize the trends in the change of the main indicators characterizing the activity of enterprises of the food, pharmaceutical, and machine-building industries; morphological analysis – to specify the parameters of information and analytical support for the safety of industrial enterprises; graphic – for visual presentation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. The need to improve the information and analytical support of security activities through the expansion of the horizons of constant monitoring has been proven, by consistently examining the dynamics of three indicators (number of enterprises, volume of products sold, number of employees) in relation to enterprises of the food, pharmaceutical, and machine-building industries. The results of tracking changes in three main indicators proved the high dynamism of the operating environment of industrial enterprises under the influence of a significant number of factors, the content of which in some cases is common, which is indicated by a certain synchronicity in the change in the number of business structures, but also differs due to the specifics of each individual type of economic activity, which related to the level of need for industrial products to meet certain needs. Making changes to the information and analytical support of security activities should ensure the identification of threats by security entities at the early stages of formation with the corresponding development and implementation of anticipatory measures.

ІНФОРМАЦІЙНЕ ПІДҐРУНТЯ ЗАБЕЗПЕЧЕННЯ ФІНАНСОВОЇ БЕЗПЕКИ ПРОМИСЛОВИХ ПІДПРИЄМСТВ

Modern systems of economic security of enterprises are formed based on the primary need to counteract internal threats. This aspect is also relevant for financial security, which reduces the effectiveness of security actors' actions in recognizing and responding to external threats. The turbulence of the operating conditions within the limits of the last few years, which was provoked by the deepening of the openness of the domestic market, COVID-19 and military actions, requires a review of the principles of ensuring the financial security of industrial enterprises, in particular in terms of changing the information field. The purpose of the study is to justify the need and form the basis of the expansion of the information field, including its external sector, in order to develop adequate and timely management decisions in the process of ensuring the financial security of industrial enterprises. In order to form the basis for improving the informational basis for ensuring the financial security of the enterprise, the following methods were applied: induction and deduction, comparison and systematization – when researching the content of factors affecting the volume of products sold; synthesis and analysis – to determine trends in changes in the volume of sales of industrial enterprises; morphological analysis – to clarify differences in changes in the volume of sales of enterprises by types of economic activity and scale of operation; graphic – for visual representation of theoretical and methodical material; abstractlogical – for theoretical generalizations and research conclusions. It has been proven that changes in the system of ensuring the financial security of industrial enterprises, which are relevant in modern conditions, should be carried out primarily in relation to the information field, in particular its external sector, which should include careful tracking of all changes that would signal the emergence and actual or possible impact of threats, regardless of intensity their manifestation. Tracking and forecasting the emergence of new opportunities, the timely and effective use of which can ensure the company improves specific positions, is no less relevant. It was found out that the change in the volume of sales was influenced by a number of factors, which proves the need for security entities to track all changes in the environment in order to understand the direction of trends in order to further implement changes, in particular, in the financial security system.

ОЦІНЮВАННЯ РОЗВИТКУ СИСТЕМИ ЕКОНОМІЧНОЇ БЕЗПЕКИ ПІДПРИЄМСТВА

COVID-19, with the further escalation of military aggression by the Russian Federation, has significantly changed the operating conditions of Ukrainian enterprises, which requires adjustments to the activities of security entities. The application of relatively recent countermeasures and threat elimination tools is becoming less effective due to the higher dynamism of the external and internal environment. There is an urgent need to develop the economic security system of the enterprise, which is impossible without appropriate information support. The study is focused on substantiating the principles of evaluating the development of the enterprise's economic security system. To develop an approach to the assessment of the development of the enterprise's economic security system, the following methods were used: induction and deduction, comparison and systematization – in the study of the essential parameters of existing approaches to the assessment of the enterprise's economic security; synthesis and analysis – for the formation of theoretical provisions for evaluating the development of the enterprise's economic security system; morphological analysis – to clarify the list of indicators reflecting the main directions of development of the enterprise's economic security system; graphic – for visual representation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. The technology for calculating the integral indicator of the development of the economic security system of the enterprise has been developed, which contains several stages, that is, from primary indicators and group indicators according to the main directions: economic, administrative-legal, information-analytical, technical-technological and personnel The development of methodological principles for evaluating the enterprise's economic security system is an element of further progress in security science due to a paradigm shift from stability in the actions of security entities to systematic improvement in accordance with changes in the conditions of security activities. The developed approach, taking into account all the strengths of the existing practices regarding the assessment of the economic security of the enterprise, allows to take care of the constant modernization of the principles of the functioning of the economic security system of the enterprise, and thus to form safe conditions for the transformation of the enterprise in general.

Súkromné vojenské a bezpečnostné spoločnosti ako súčasť privatizácie bezpečnosti

Private security entities gradually play an increasingly important role in the field of activities related to ensuring security at the national and international level. Over the past few years, they have become an integral part of the state security systems in many countries. This is also why contracts from private entities in the form of various types of private security agencies currently reach several hundred billion dollars a year. For this reason, with the help of basic scientific research methods, the attention will be paid to the issue of private security agencies. In addition to our own knowledge and findings, we use also relevant theoretical starting points found in the works of renowned foreign and domestic authors dealing with the investigated issue and the information provided in official documents of international organizations.

МЕТОДИЧНІ ЗАСАДИ БЕЗПЕКОВОЇ ДІЯЛЬНОСТІ ПІДПРИЄМСТВ У ВІДПОВІДНОСТІ ДО СИСТЕМНОГО ПІДХОДУ

The need to create favorable conditions for conducting business due to the influence of a significant number of external and internal threats contributed to the gradual establishment of the importance of security activities within each enterprise. The current orientation of security entities to the protection of corporate resources and countering threats does not ensure the necessary stability of economic activity and the stability of the enterprise as a system. It is substantiated that despite the activity in the application of the system approach in matters of ensuring the security of the enterprise, some of its positions remain neglected. The purpose of the research is to form an idea about the content of homeostasis as a component of a systemic approach, the application of which contributes to the improvement of safety activities in the conditions of a certain enterprise. For a wider application of the system approach, in particular in the part of maintaining the effectiveness of homeostasis, in the process of safety activities in relation to the enterprise, the following methods are applied: induction and deduction, comparison and systematization – in the study of the essential characteristics of the concept of "homeostasis"; synthesis and analysis – to compare the content of homeostasis, which takes place in different systems; morphological analysis – to clarify the parameters of homeostasis as a mechanism, the effectiveness of which must be enhanced by security subjects; graphic – for visual presentation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. The known results of the study of the essence of homeostasis as a mechanism that ensures the maintenance of the viability of a certain system despite the influence of the habitat can be considered a necessary basis for improving safety activities. The parameters of homeostasis, which are inherent in various systems, were determined and critically considered, which contributed to the creation of appropriate methodological principles for maintaining the effectiveness of such a mechanism in the conditions of the enterprise as the basis for the sustainability of its functioning and development. It is substantiated that homeostasis, which with certain differences exists in each system, allows maintaining a balanced state, but its effectiveness for Ukrainian enterprises in the current difficult business conditions requires additional attention from the security actors. The use of homeostasis as a mechanism ensures a more rational use of resources that are aimed at security activities, with the possibility of fulfilling the tasks assigned to security subjects.

ЗАСТОСУВАННЯ ХОЛІСТИЧНОГО ПІДХОДУ В ПРОЦЕСІ ЗАБЕЗПЕЧЕННЯ ЕКОНОМІЧНОЇ БЕЗПЕКИ ПІДПРИЄМСТВА

The current orientation of security entities to the detection of internal threats and the subsequent elimination of the consequences of their implementation is characterized by insufficient efficiency in the conditions of high dynamics of the external environment. The application of a holistic approach in the process of ensuring the economic security of the enterprise involves the formation of a holistic view of the set of processes that take place in the internal and external environment of the enterprise. The research is aimed at the application of a holistic approach in the process of ensuring the economic security of the enterprise in the part of conducting a trend analysis in order to characterize the impact of the main factors on the labor market. In order to determine the main trends in the development of the labor market, which have a significant impact on the economic security of the enterprise, the following methods are used: induction and deduction, comparison and systematization – in the study of the essential characteristics of the holistic approach; synthesis and analysis – to determine the main trends in the development of the labor market; morphological analysis – to specify the degree of influence of individual changes in the labor market on the economic security of the enterprise; graphic – for visual presentation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. A systematic trend analysis with the widest possible horizons of the information field allows you to identify the facts of the emergence and change of threats and the emergence of new market opportunities that will contribute to the achievement of corporate goals. The practical application of theoretical developments was implemented in relation to the labor market as a component of the external information field, which made it possible to identify and characterize the factors that most significantly affect the economic security of the enterprise and should be taken into account for the implementation of preventive protective measures. It is substantiated that security subjects should take into account the following parameters of the national labor market, which are associated with: signs of a demographic crisis (decrease in the number of the population due to an increase in mortality, a decrease in the birth rate, a decrease in the average life expectancy and a deterioration in the age structure); workforce reduction; gaps in the development of human capital; high level of unemployment; consequences of COVID-19; a significant number of refugees and internally displaced persons due to the continuation of military aggression on the part of the Russian Federation.

ІНФОРМАЦІЙНЕ ПІДҐРУНТЯ ЗАБЕЗПЕЧЕННЯ ІНВЕСТИЦІЙНОЇ БЕЗПЕКИ МАШИНОБУДІВНИХ ПІДПРИЄМСТВ

In the conditions of the implementation of the fourth industrial revolution, the importance of effective engineering activities is growing, which should be aimed at creating high-tech means of labor, based on the need to more fully satisfy the needs of consumers in the face of growing limitations in natural resources. The purpose of the study was to carry out a thorough analysis of the main parameters of the investment activity of machine-building enterprises in order to form an information base for ensuring their investment security. In order to create an information basis for ensuring the investment security of machine-building enterprises, the following methods were used: induction and deduction, comparison and systematization – when studying the differences in the investment activity of machine-building enterprises according to the main types of economic activity; synthesis and analysis – to consider the dynamics of the main indicators characterizing the investment activity of enterprises and the structure of capital investment sources in 2010–2021; morphological analysis – to identify the impact of the main factors limiting the investment activity of machine-building enterprises; graphic – for visual representation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. The current conditions of the economic activity of Ukrainian enterprises are burdened not only by the results of previously implemented privatization processes and transformations of the national economy, but also by the modern influence of military actions and the latest pandemic, which in general both limits their competitive position on the domestic and foreign markets and actualizes the problem of ensuring investment security. Solving the complex problems of limited investment resources and effective investing in conditions of high investment risks requires, as a priority, the creation of an informational basis for the further development of adequate and effective measures on the part of security entities. It is proposed to create such a foundation not only in relation to the investment activity of a certain enterprise, but based on the general situation in mechanical engineering, that is, a holistic idea of the content of all related processes. The basis of the study is the consideration of the dynamics of capital investments in terms of the main types of economic activity of mechanical engineering, the scale of operation of enterprises, sources of investments and financial results. The result was a critical assessment with the identification of the level of influence of key factors as objects of attention of security subjects for the development of adequate and effective measures.