Center for Strategic Assessment and forecasts

Autonomous non-profit organization

Home / Science and Society / Future of the Information Society / Articles
Global society and security issue: an expert view
Material posted: -Publication date: 28-11-2003

Both of us have ever lived in a fascinating, very dynamic, eventful, but at the same time dramatic period of history. Not every generation is able to meet not only a new century but a new Millennium. We were lucky enough to observe and in addition changing formations of the modern society! We have witnessed the transformation processes that led post-industrial society of the last third of the twentieth century to the information society of the XXI century. A major driving force for these processes is Informatization: deep penetration of information and telecommunication technologies in all spheres of life and human activity.

It is now well established distributed network information and computing systems can play an equally important role in public life than in his time played electrification, telephones, radio and television combined. An example of this was the development of a global network of Internet that triggers the process of creating a new virtual environment of civilization. Today, the Internet is a dynamic, largely self-organizing system, allowing to speak about a new social phenomenon – the Internet community.

In the modern world the subject of fierce competition is not only material resources, the key to success is the skillful management of information resources and capabilities. Today it became apparent that the information sphere as a system factor of the modern society actively influences the state of political, economic, defense and other components of the security of States. In many respects the integrity of the modern world as a community is achieved through intensive information exchange. One of the main factors of formation of the company are the global communication using the Internet.

Active and comprehensive implementation of information technologies that has transformed the very structure of the world community are gradually being erased national boundaries. In all fields there are new functional structure, based on the Network. This transnational corporations, and the e-economy and the pooling of research teams working on the same problem but located in different parts of the world. But such changes were made and the shadow side of human life. Network structures have become the Foundation of the world of crime.

 

What are the major geopolitical trends of the world development in the XXI century?

According to leading domestic and foreign experts, first of all is the rapid formation of a global all-planet society on the basis of achievements of information and telecommunication revolution. Grow the scale of the crisis of the spiritual sphere of human activity. In the world created a single global information space in which information turned geostrategic rivalry between the leading countries of the world for the achievement of excellence in the global information пространстве1. the pace, especially in Metropolitan areas, key centres of the global information society. This leads to more frequent crises: today people lives almost constantly under stress.

In the conditions of collision with the challenges and threats of a fundamentally new to human nature, to which he has not had time to adapt and develop countermeasures, particularly urgent action to ensure security of life – security in a broad sense, covering all spheres of social life.

Yesterday when one or another of the threat the man could use the historical experience of the generation of the necessary measures: in the end of XX century worked well enough traditional instruments of world politics that allowed them to resolve again quite traditional forms of conflict that provided the military security of society. Classical Economics was provided an opportunity to apply management methods, allowing to avoid fatal economic crises, which in turn provided security and economic spheres. Clear rules of engagement in the capitalist or socialist models in the absence of the primeval struggle for the redivision of markets and spheres of influence ensured a fairly low level of crime and criminalization of society in General – the personal security of the little man threatened.

Today the experience is practically useless: yesterday the experts, calculating the stability of protective bunker, believed the probability to fall on mainline aircraft extremely improbable event – the terrorist attacks in USA of September 11, 2001 changed everything.

First target of the terrorists were not military or government facilities, and a major center of global business. Along with the tragedy of the situation in General, professionals it was impossible not to note several important points. So, despite the loud statements of American experts with the new York stock exchange on the stability and reliability of the information infrastructure, the auction was not held for the week, which almost triggered a panic in business circles. The business was not ready for emergency circumstances. This was due to the fact that most experts in the field of security before the tragic events operated on the threat model of post-industrial society, in which asymmetric actions of terrorists and the use of passenger aircraft as weapons of terror either completely excluded, or had a very insignificant probability of realization.

All this with a new force raised the question about necessity of development and improvement of the action plan aimed at ensuring the sustainable functioning of information infrastructure for business even in conditions of force majeure.

Global communication using public networks today have become the norm of doing business. With a light hand B. gates appeared even a new business model- "business at the speed of thought".

However, these benefits of globalization in September 2003, a significant portion of the U.S. East coast remained without electricity. And again the majority of companies are unable to meet extraordinary circumstances.

It is therefore not surprising that, perhaps, the only item of expenditure on information technology that American companies have not reduced after the events of September 11, 2001, the cost of information security. In many cases, the costs of protecting corporate networks and databases in the West even increased. About Russia not going to say that, although we have the problem of information security is no less acute.

According to Russian developer of information security systems, unauthorized invasion of private employees pay up to 70% loss of total hacking attempts networks. In addition, according to statistics of the Russian representative office SARC (Symantec Antivirus Research Center), the percentage of new viruses in files sent from Russia, about 10 times higher than in Europe as a whole. The average viral attack on the server costs the company $ 8366. As a result of infection occurs 40-minute simple machines, and then another 44 minutes is required for server recovery. Simple human resources is 22 person-days. While 22% of firms recorded a loss of information, 12% experienced theft of data and trade secrets.

However, information security is not only program and technical means, but above all a strict company policy in the sphere of security. According to IDC, 83% of Western European companies rules information security is enshrined in a special document. Moreover, small firms with 50-100 employees are as serious about security as companies with a staff of 5 thousand people. For Russian companies a comprehensive approach to information security are not typical.

Volume of the Russian market of information security systems in 2001 amounted to no more than 15-20 million, i.e. only 0.5% of the total market of information technology. According to experts, security must be given not less than 10-15% of the project budget on system integration. Analysts at Brunswick UBS Warburg estimated the volume of Russian market of system integration in 2002 to 510 million dollars, consequently, the security company should have invested at least 50 million, however, the real figures are much less.

Thus, in recent years in Russia there was a quite alarming situation in the field of information security and information protection, especially for the enterprises of private form of ownership. One gets the impression that our business exists by itself, and the state itself. Accepted the doctrine on information security, where kind is taken into account, and the private sector, but in the future, its existence is safely "forget" and try to ensure the information security of Russia without taking into account more than half of its economy. The fact that the main participants in this sector of the economy – banks recently was due to the decreased interest in the security of their information systems. In our opinion, the reason is that the cost of creating a reliable information security systems are higher than losses borne by the Bank or other Bank as a result of unauthorized actions to access its information resources. It's no secret that today many seek to settle problems at the expense of internal reserves, without revealing the problems. Often, buying a particular software product, the Bank refuses to pay for the necessary level of information protection. This situation had a negative impact on the developers. Now many of them just ignore the need to protect information.

However, it should be remembered that the protection of information allows not only to prevent unwanted consequences associated with disruption of the normal functioning of information systems or information loss but also to have full control over the information system, ensuring their own security from unlawful methods of use of information Bank system in the interest of criminal groups.

To date enterprises of private form of ownership, in the first place-Bank financial sector, remain "out of orbit" works aimed at ensuring Russia's interests in the information sphere in accordance with the doctrine of information security.

In many respects this situation is due to the fact that at the state level has not yet developed a unified approach to information security and information protection in the private sector of the Russian economy. Today this is reflected in the fact that a number of legislative initiatives put forward by the Government of the Russian Federation, has many disadvantages that hinder their implementation. Thus, as adopted on 8 August 2002 a new version of the Federal Law "On licensing certain types of activities subject to licensing" introduced several new activities, in particular development and/or production of confidential information security; technical protection of confidential information. Compulsory licensing and the activities of issuing e-digital signature certificate and application of cryptocredits to protect confidential information.

Thus, confidential information gets more than 60% of all the information circulating in the information systems of enterprises of different ownership forms.

However in the Russian legislation there is no governing thesis about the requirement to protect confidential information, which complicates the interpretation of the law.

In January 2003, adopted the Law "On electronic digital signature", a number of provisions which clearly does not increase the efficiency of electronic business in Russia. First of all it concerns maintenance of activity of trusted time, many of the measures are very far from the vital needs of Russian business, there is no coordination of the public and private sectors of the economy in these matters.

Meanwhile, the goals for information security of the state without the involvement of private capital impossible. The same idea is the basis of the "National plan for information systems protection USA", adopted in January 2000.

Taking the process of harmonization of the conditions for Russia's accession to the world trade organization. Along with a host of other issues, this event will entail certain consequences for organizations working in the field of information security.

WTO accession will make the real and the prospect of signing Russia international Agreement on a common criteria security evaluation of information technologies that will lead to a massive influx of foreign funds to protect the information on the Russian market. As a result, exacerbated the problem of competitiveness of products of Russian developers.

Course on national security

The key to the successful development of domestic business is the creation of a single national technological and information space. The urgency of this problem is due to the fact that the integration of Russia into the world financial system is impossible without a single, unified and standardized in accordance with international standards of technological capabilities.

Given the new nature of threats emanating from international terrorism, we can assume that in the near future will be revised approaches to the formation of the concept of national security of several countries, including Russia. Emphasis will be placed on the development of a wide network of security services to both large and medium and small organizations. Tasks of the state security services will be kept to coordinate the security network formed from such structures.

Today it is necessary more actively involve Russian business participation in lawmaking in the field of information security and e-Commerce.

Source: http://www.connect.ru/article.asp?id=4094

Tags: security , threat


RELATED MATERIALS: Science and Society