THE ROLE OF PERSONNEL IN ENSURING THE CYBERSECURITY OF CRITICALLY IMPORTANT INFRASTRUCTURE OF UKRAINE

Authors

  • T. V. Pidlisna Khmelnytskyi University of Management and Law named after Leonid Yuzkov, Department of Public Management and Administration, Heroiv Maidanu str., 8, Khmelnytskyi, 29000, Ukraine https://orcid.org/0000-0002-7492-923X

DOI:

https://doi.org/10.15330/apred.2.20.95-112

Keywords:

cybersecurity, personnel, strategies, training, security culture, role of personnel

Abstract

The research aims to study strategies for enhancing the role of personnel in cybersecurity within organizational settings. The main objective is to identify the most effective approaches to ensure active participation of personnel in defending against cyber threats and maintaining cybersecurity in organizations. The study is based on the analysis of literature sources, including scholarly articles, materials, reports, and practical case studies. Synthesis and analysis methods are applied to determine strategies and practical recommendations for organizations. The research identified a range of strategies for enhancing the role of personnel in cybersecurity, including comprehensive training and awareness raising, fostering a culture of security, defining clear roles and responsibilities, promoting cross-functional collaboration, and providing recognition and incentives. These results have practical significance for implementation in organizations. The research offers an original perspective on cybersecurity through the active participation of personnel in organizations and considers strategies that can be applied to enhance the effectiveness of cybersecurity measures. The recommendations and conclusions of the study have practical significance for organizations seeking to strengthen their cybersecurity and maximize internal resources for protection against cyber threats.

Key findings of the research emphasize the importance of personnel as a critical component of cybersecurity strategies. Personnel serve as the first line of defense against cyber threats, acting as a "human firewall" to detect, prevent, and respond to potential security incidents. By promoting a security-conscious mindset among personnel, organizations can significantly reduce the likelihood of successful cyber-attacks and minimize the impact of security breaches. The study also highlights the necessity of comprehensive training programs, continuous education, and awareness campaigns to equip personnel with the knowledge and skills required to recognize and mitigate cyber risks. Additionally, the research underscores the importance of clear roles and responsibilities, cross-functional collaboration, and incentivizing cybersecurity efforts to foster a culture of security awareness and proactive defense.

The research provides a detailed analysis of case studies from various organizations that have successfully implemented cybersecurity initiatives. These case studies offer valuable insights into effective practices, including the establishment of Incident Response Teams (IRT), the implementation of security awareness training programs, and proactive insider threat mitigation strategies. By examining these real-world examples, organizations can gain practical guidance on enhancing their cybersecurity posture and resilience against evolving cyber threats.

The research emphasizes that the active involvement of personnel is crucial for the effective implementation and maintenance of cybersecurity measures within organizations. By investing in personnel training, fostering a culture of security awareness, and promoting collaboration, organizations can enhance their ability to defend against cyber threats and safeguard their critical infrastructure. The findings and recommendations of this study are intended to provide practical insights and strategies for organizations aiming to strengthen their cybersecurity defenses and maximize their internal resources for effective protection against cyber threats.

Author Biography

T. V. Pidlisna, Khmelnytskyi University of Management and Law named after Leonid Yuzkov, Department of Public Management and Administration, Heroiv Maidanu str., 8, Khmelnytskyi, 29000, Ukraine

PhD (Public admin.), Associate Professor

References

Skrynkovskyy, R. M.,, & O. Ye. Malashko. “Structural and classification characteristics of information security.” Internauka. Seriia: Yurydychni nauky, no.7(29), 2020, pp. 25–32..

Malashko, O. Ye., Skrynkovskyy R. M. “Priority areas for improving information security in Ukraine.” Internauka. Seriia: Yurydychni nauky, no.6(28), 2020, pp. 13–19.

Bakalinska, O., and O. Bakalynskyi. “Legal support of cybersecurity in Ukraine.” Pidpryiemnytstvo, hospodarstvo i pravo, no.9, 2019, pp. 100–108, doi: 10.32849/2663-5313/2019.9.17.

General requirements for cyber security of critical infrastructure, 19.06.2019, No 518. Verkhovna Rada of Ukraine,/zakon.rada.gov.ua/laws/show/518-2019-п#n8. Accessed 12 April. 2024.

Tykhomyrov, O. O. Ensuring information security as a function of the modern state. Kyiv, Lira , 2014.

Military Security Strategy of Ukraine "Military Security - Comprehensive Defense", 25.03.2021, No 121/2021. Verkhovna Rada of Ukraine, zakon.rada.gov.ua/laws/show/121/2021#n2. Accessed 12 April. 2024.

The order of formation of the list of objects of critical information infrastructure, 09.10.2020, No 943. Verkhovna Rada of Ukraine, zakon.rada.gov.ua/laws/show/943-2020-п#Text. Accessed 12 April. 2024.

About information, 02.10.1992, No 2657- ХІI. Verkhovna Rada of Ukraine, zakon.rada.gov.ua/laws/show/2657-12#Text. Accessed 12 April. 2024.

About the National Informatization Program, 04.02.1998, No 74/98-BP. Verkhovna Rada of Ukraine,zakon.rada.gov.ua/laws/show/74/98-вр#Text. Accessed 12 April. 2024.

Information society development strategy in Ukraine, 15.03.2013, No 386-p. Verkhovna Rada of Ukraine, zakon.rada.gov.ua/laws/show/386-2013-%D1%80#Text. Accessed 12 April. 2024.

Biriukov, D. S., and S. I. Kondratov. Critical infrastructure protection: problems and prospects of implementation in Ukraine. Kyiv, NISD, 2012.

Hnatiuk, S. O., Sydorenko, V. M., and O. P. Duksenko. “Modern approaches to critical infrastructure objects detection and identification.” Bezpeka informatsii, no.21(3), 2015, pp. 269–275, doi: 10.18372/2225-5036.21.9690.

Hnatiuk, S. O., Riabyi, M. O., and V. M. Liadovska. “Critical Information Infrastructure Definition and Protection - Approach Analysis.” Zv’iazok, no.4, 2014, pp. 3–7.

On the basic principles of cybersecurity of Ukraine, 05.10.2017, No 2163-VIII. Verkhovna Rada of Ukraine, zakon.rada.gov.ua/laws/show/2163-19#Text. Accessed 12 April. 2024.

Downloads

Published

2024-06-15

Issue

Vol. 2 No. 20 (2024): THE ACTUAL PROBLEMS OF REGIONAL ECONOMY DEVELOPMENT

Section

Public management

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Authors who publish with this journal agree to the following terms:
    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution NonCommercial NoDerivs 4.0 Unported License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    1. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  1. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access)