The previous version of the doctrine was approved 16 years ago (09/09/2000), during which time the information environment has changed almost beyond recognition. As rightly noted in the new document, information technologies have acquired a global cross-border character and have become an integral part of all spheres of activity of the individual, society and the state.
Against this background, the scale of the use of means of providing information and psychological impact on the part of foreign intelligence services is constantly expanding. Their efforts are aimed at destabilizing the internal political and social situation in various regions of the world, undermining the sovereignty and territorial integrity of other states. We can observe the tragic consequences of such “activity” in the example of the Syrian conflict and the Ukrainian crisis.
Obviously, due to its specificity, information security is a separate area that deserves special attention from the state. This is due both to the need for physical data protection in the era of "digital espionage", and with the information and psychological aspect. information security. Namely, ensuring national security in the field of culture, preserving the cultural, historical, spiritual and moral values of our people, neutralizing the information impact aimed at eroding traditional Russian spiritual and moral values, including through the formation of a culture of personal information security.
international security
The new doctrine of information security reasonably expands the international context, and its individual provisions organically complement the concept of foreign policy (November 30, 2016). In particular, the state of information security in the field of strategic stability and equal strategic partnership is characterized in the document by the desire of individual states to use technological superiority to dominate the information space.
First of all, this concerns the unequal distribution of Internet resources between countries and the lack of relevant international legal norms in this area, which makes it difficult to form a common international information security.
At the same time, the possibilities of cross-border circulation of information are increasingly being used to achieve geopolitical, military-political, terrorist and other goals to the detriment of international security and strategic stability.
Proceeding from this, the strategic goal of Russia is the formation of a stable system of non-conflict interstate relations in the information space. The main direction of ensuring information security is the development of a national management system for the Russian segment of the Internet and participation in the formation of an international information security system that excludes the use of information technologies for military-political and other illegal purposes from the point of view of international law.
Information wars
In addition, the increase in tendentious materials containing a biased assessment of Russian policy in foreign media is separately stated, while Russian journalists are subjected to outright discrimination abroad.
In this regard, the doctrine emphasizes the need to communicate to the international community reliable information about state policy and the official position of the Russian leadership on significant events in the country and the world and to increase the effectiveness of information support for the implementation of state policy. For this, the mass media and mass communications in the doctrine are classified as the main participants in the information security system.
national defense
The state of information security in the field of national defense is considered separately. There is an increase in the use of information technologies by individual states for military-political purposes. The revealed trend poses a direct threat both to the security of Russia and our allies, and to international security in general.
In this regard, one of the main directions of ensuring information security in the field of defense is the strategic deterrence and prevention of military conflicts, as a result of the use of information technologies. To this end, the security of critical infrastructure, weapons models and automated control systems is being increased, the forces and means of information warfare are being improved, including the Armed Forces of the Russian Federation. The assessment and forecasting of military threats in information sphere. Including information and psychological impact aimed at undermining the historical foundations and patriotic traditions for the defense of the Fatherland.
Another know-how of the doctrine is the provision on regular training (exercises) as part of the improvement of the information security system. Sudden checks of combat readiness are now expected not only by the Armed Forces of the Russian Federation, but also by other departments responsible for information security.
Economic sphere
In addition, the doctrine analyzes the state of information security in the economic sphere, as well as separately in the field of science, technology and education. In this regard, it is fundamentally important that the state for the first time raises the problem of lack of domestic technologies, products and qualified personnel in the information sphere to the level of threats to national security.
One of the obvious advantages of the new doctrine is a noticeable strengthening of the analytical component. The document is not limited to a simple list information threats– each of them is analyzed taking into account the current state of information security and strategic national interests. Moreover, the information-analytical and scientific-technical aspects of the functioning of the information security system will continue to improve. And the tasks of state bodies now include, among other things, constant monitoring, assessment and forecasting of information threats.
The coordinating role in the implementation of the doctrine, as before, is assigned to the Security Council of the Russian Federation, which will determine the list of priority areas for ensuring information security in the medium term, taking into account the strategic forecast. The implementation of the Information Security Doctrine will be reported annually to the President.
The material was prepared in cooperation with the Information and Analytical Agency "Foreign Policy Expertise".
Evsey Vasiliev, Candidate of Political Sciences, Associate Professor of the Department of International Security, IAI RSUH
Yesterday (December 5, 2016) the updated Information Security Doctrine was finally approved Russian Federation(here is a link to the text). Let me remind you that old version document was already from 2000, and by now it, of course, is outdated. It is strange that the final version differs significantly from the project discussed earlier, but okay ...
In my opinion, the document turned out to be quite sensible and concise (only 16 pages), but rather received only cosmetic changes. Unfortunately, the document is not very convenient to use, certain topics (import substitution, CII protection, incident response, etc.) are blurred, important provisions need to be collected ...
When I first read the document, I noticed this (in comparison with the 2000 edition):
1. Updated terms
The basic term "information security of the Russian Federation" has changed (expanded).
It was:
The information security of the Russian Federation is understood as the state of protection of its national interests in the information sphere, determined by the totality of balanced interests of the individual, society and the state.
It became:
Information security of the Russian Federation - the state of protection of the individual, society and the state from internal and external information threats, which ensures the implementation of constitutional rights and freedoms of man and citizen, worthy quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation , defense and security of the state.
All terms were even singled out in a separate paragraph, and they give definitions to the following concepts: “national interests of the Russian Federation in the information sphere”, “threat to the information security of the Russian Federation”, “information security of the Russian Federation”, “ensuring information security”, “information security forces ”, “information security tools”, “information security system”, “information infrastructure of the Russian Federation”.
2. It appeared about the security of critical information infrastructure (CII), and they began to talk about the need for its uninterrupted functioning
Now they are talking about CII explicitly, but there are few specifics. Of course, I wanted to hear about GosSOPKA, but there are only echoes of it:
…
c) increased security critical information infrastructure and the stability of its functioning, the development of mechanisms for detecting and preventing information threats and eliminating the consequences of their manifestation, increasing the protection of citizens and territories from the consequences of emergencies caused by information and technical impact on critical information infrastructure facilities;
d) improving the safety of operation information infrastructure facilities, including for the purpose of ensuring stable interaction between state bodies, preventing foreign control over the operation of such facilities, ensuring the integrity, stability and security of the unified telecommunications network of the Russian Federation, as well as ensuring the security of information transmitted over it and processed in information systems on the territory of the Russian Federation;
The Russian segment of the Internet is mentioned separately:
29. The main directions for ensuring information security in the field of strategic stability and equal strategic partnership are:
…
e) development of a national management system for the Russian segment of the Internet.
3. Much, much talk about the information and psychological impact
They mention the need to “bring to the attention of the Russian and international public credible information on public policy”, focus on “the extent of the use of means of providing information and psychological impact aimed at destabilizing the domestic political and social situation" and "aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland", they write about "the trend towards an increase in the volume of materials in foreign media containing biased assessment state policy”, are afraid of “erosion of traditional Russian spiritual and moral values". The questions, of course, are important and correct, they were mentioned in the old edition, but there is too much about it ...
4. Focus on providing information security in the financial sector
And also PD mention:
14. Computer crime is on the rise, especially in credit and financial sphere, the number of crimes related to the violation of the constitutional rights and freedoms of a person and a citizen is increasing, including in terms of privacy, personal and family secrets, when processing personal data using information technology. At the same time, the methods, methods and means of committing such crimes are becoming more sophisticated.
5. They talk about the problem of implementing IT without taking into account information security issues
At the same time, the practice of introducing information technologies without linking them to ensuring information security significantly increases the likelihood of information threats.
This unfortunately happens often...
6. A lot of text about import substitution is expected.
I will write a separate note about this with quotes.
7. Development of information security services has become a national priority
8. National interests in the information sphere are:
…
c) development in the Russian Federation of the information technology and electronic industry, as well as improving the activities of industrial, scientific and scientific and technical organizations in the development, production and operation of information security tools, the provision of services in the field of information security;
Hello consulting and outsourcing!
8. Finally, they began to talk about the prevention and combating of crime
23. The main directions for ensuring information security in the field of state and public security are:
…
e) increasing the effectiveness of preventing crimes committed using information technology and combating such crimes;
This is only a preliminary analysis of the final document, I will study it more carefully.
In order to ensure the information security of the Russian Federation, I decide:
1. Approve the attached information security of the Russian Federation.
2. Recognize as invalid the Doctrine of Information Security of the Russian Federation, approved by the President of the Russian Federation on September 9, 2000 No. Pr-1895.
3. This Decree comes into force from the date of its signing.
| President of Russian Federation | V. Putin |
Doctrine
information security of the Russian Federation
(approved by the President of the Russian Federation of December 5, 2016 No. 646)
I. General provisions
1. This Doctrine is a system of official views on ensuring the national security of the Russian Federation in the information sphere.
In this Doctrine, the information sphere is understood as a set of information, objects of informatization, information systems, sites in the information and telecommunications network "Internet" (hereinafter referred to as the "Internet"), communication networks, information technologies, entities whose activities are related to the formation and processing of information , development and use of these technologies, ensuring information security, as well as a set of mechanisms for regulating relevant social relations.
2. The following basic concepts are used in this Doctrine:
a) the national interests of the Russian Federation in the information sphere (hereinafter - the national interests in the information sphere) - the objectively significant needs of the individual, society and the state in ensuring their security and sustainable development in terms of the information sphere;
b) threat to the information security of the Russian Federation (hereinafter referred to as the information threat) - a set of actions and factors that create the danger of causing damage to national interests in the information sphere;
c) information security of the Russian Federation (hereinafter - information security) - the state of protection of the individual, society and the state from internal and external information threats, which ensures the implementation of the constitutional rights and freedoms of man and citizen, a decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, defense and security of the state;
d) ensuring information security - the implementation of interrelated legal, organizational, operational-search, intelligence, counterintelligence, scientific, technical, information-analytical, personnel, economic and other measures to predict, detect, contain, prevent, repel information threats and eliminate their consequences manifestations;
e) information security forces - state bodies, as well as divisions and officials of state bodies, local governments and organizations authorized to solve information security tasks in accordance with the legislation of the Russian Federation;
f) information security means - legal, organizational, technical and other means used by information security forces;
g) information security system - a set of forces for ensuring information security, carrying out coordinated and planned activities, and the means used by them to ensure information security;
h) information infrastructure of the Russian Federation (hereinafter - information infrastructure) - a set of informatization objects, information systems, sites on the Internet and communication networks located on the territory of the Russian Federation, as well as in territories under the jurisdiction of the Russian Federation or used on the basis of international treaties of the Russian Federation.
3. Based on the analysis of the main information threats and the assessment of the state of information security, this Doctrine defines the strategic goals and main directions for ensuring information security, taking into account the strategic national priorities of the Russian Federation.
4. The legal basis of this Doctrine is the Constitution of the Russian Federation, generally recognized principles and norms of international law, international treaties of the Russian Federation, federal constitutional laws, federal laws, as well as regulatory legal acts of the President of the Russian Federation and the Government of the Russian Federation.
5. This Doctrine is a strategic planning document in the field of ensuring the national security of the Russian Federation, which develops the provisions of the National Security Strategy of the Russian Federation, approved by Decree of the President of the Russian Federation of December 31, 2015 No. 683, as well as other strategic planning documents in this area.
6. This Doctrine is the basis for the formation of state policy and the development of public relations in the field of information security, as well as for the development of measures to improve the information security system.
II. National interests in the information sphere
7. Information technologies have acquired a global cross-border character and have become an integral part of all spheres of activity of the individual, society and the state. Their effective application is a factor in accelerating the economic development of the state and the formation of the information society.
The information sphere plays an important role in ensuring the implementation of the strategic national priorities of the Russian Federation.
8. National interests in the information sphere are:
a) ensuring and protecting the constitutional rights and freedoms of a person and a citizen in terms of obtaining and using information, privacy when using information technologies, providing information support for democratic institutions, mechanisms for interaction between the state and civil society, as well as the use of information technologies in the interests of preserving cultural, historical, spiritual and moral values of the multinational people of the Russian Federation;
b) ensuring the stable and uninterrupted functioning of the information infrastructure, primarily the critical information infrastructure of the Russian Federation (hereinafter referred to as the critical information infrastructure) and the unified telecommunication network of the Russian Federation, in peacetime, in times of direct threat of aggression and in wartime;
c) development in the Russian Federation of the information technology and electronic industry, as well as improving the activities of industrial, scientific and scientific and technical organizations in the development, production and operation of information security tools, the provision of services in the field of information security;
d) bringing to the Russian and international public reliable information about the state policy of the Russian Federation and its official position on socially significant events in the country and the world, the use of information technologies to ensure the national security of the Russian Federation in the field of culture;
e) assistance in the formation of an international information security system aimed at countering the threats of the use of information technologies in order to violate strategic stability, at strengthening an equal strategic partnership in the field of information security, as well as at protecting the sovereignty of the Russian Federation in the information space.
9. The implementation of national interests in the information sphere is aimed at creating a safe environment for the circulation of reliable information and resistant to various types the impact of the information infrastructure in order to ensure the constitutional rights and freedoms of man and citizen, the stable socio-economic development of the country, as well as the national security of the Russian Federation.
III. The main information threats and the state of information security
10. Expanding the scope of information technology, being a factor in the development of the economy and improving the functioning of public and state institutions, simultaneously generates new information threats.
The possibilities of cross-border circulation of information are increasingly being used to achieve geopolitical, military-political, as well as terrorist, extremist, criminal and other illegal goals, contrary to international law, to the detriment of international security and strategic stability.
At the same time, the practice of introducing information technologies without linking them to ensuring information security significantly increases the likelihood of information threats.
11. One of the main negative factors affecting the state of information security is the build-up by a number of foreign countries of the possibilities of information and technical influence on the information infrastructure for military purposes.
At the same time, the activities of organizations carrying out technical intelligence in relation to Russian state bodies, scientific organizations and enterprises of the military-industrial complex are intensifying.
12. The use by special services of individual states of means of providing information and psychological impact is expanding, aimed at destabilizing the domestic political and social situation in various regions of the world and leading to undermining the sovereignty and violation of the territorial integrity of other states. Religious, ethnic, human rights and other organizations, as well as certain groups of citizens, are involved in this activity, while the possibilities of information technologies are widely used.
There is a trend towards an increase in the volume of materials in foreign mass media containing a biased assessment of the state policy of the Russian Federation. Russian mass media are often openly discriminated against abroad, and Russian journalists are hindered from exercising their professional activities.
The information impact on the population of Russia, primarily on young people, is increasing in order to erode traditional Russian spiritual and moral values.
13. Various terrorist and extremist organizations widely use the mechanisms of informational influence on individual, group and public consciousness in order to escalate interethnic and social tension, incite ethnic and religious hatred or enmity, propagate extremist ideology, and also attract new supporters to terrorist activities. For illegal purposes, such organizations are actively creating means of destructive impact on critical information infrastructure facilities.
14. The scale of computer crime is growing, primarily in the credit and financial sphere, the number of crimes related to the violation of the constitutional rights and freedoms of a person and a citizen is increasing, including in terms of privacy, personal and family secrets, in the processing of personal data using information technology. At the same time, the methods, methods and means of committing such crimes are becoming more sophisticated.
15. The state of information security in the field of national defense is characterized by an increase in the use by individual states and organizations of information technologies for military-political purposes, including for the implementation of actions contrary to international law aimed at undermining the sovereignty, political and social stability, and territorial integrity of the Russian Federation and its allies and posing a threat international peace, global and regional security.
16. The state of information security in the field of state and public security is characterized by a constant increase in complexity, an increase in the scale and an increase in the coordination of computer attacks on objects of critical information infrastructure, an increase in intelligence activities of foreign states in relation to the Russian Federation, as well as an increase in threats to the use of information technologies in order to cause damage sovereignty, territorial integrity, political and social stability of the Russian Federation.
17. The state of information security in the economic sphere is characterized by an insufficient level of development of competitive information technologies and their use for the production of products and the provision of services. The level of dependence of the domestic industry on foreign information technologies remains high in terms of the electronic component base, software, computers and communications, which makes the socio-economic development of the Russian Federation dependent on the geopolitical interests of foreign countries.
18. The state of information security in the field of science, technology and education is characterized by insufficient efficiency of scientific research aimed at creating promising information technologies, a low level of implementation of domestic developments and insufficient staffing in the field of information security, as well as low awareness of citizens in matters of ensuring personal information security . At the same time, measures to ensure the security of the information infrastructure, including its integrity, availability and sustainable operation, using domestic information technologies and domestic products often do not have a comprehensive framework.
19. The state of information security in the field of strategic stability and equal strategic partnership is characterized by the desire of individual states to use technological superiority to dominate the information space.
The current distribution between countries of the resources necessary to ensure the safe and stable functioning of the Internet does not allow for joint fair management based on the principles of trust.
The absence of international legal norms governing interstate relations in the information space, as well as mechanisms and procedures for their application, taking into account the specifics of information technology, makes it difficult to form an international information security system aimed at achieving strategic stability and equal strategic partnership.
IV. Strategic goals and main directions for ensuring information security
20. The strategic goal of ensuring information security in the field of national defense is to protect the vital interests of the individual, society and the state from internal and external threats associated with the use of information technologies for military and political purposes that are contrary to international law, including for the purpose of carrying out hostile actions and acts of aggression aimed at undermining the sovereignty, violating the territorial integrity of states and posing a threat to international peace, security and strategic stability.
21. In accordance with the military policy of the Russian Federation, the main directions for ensuring information security in the field of national defense are:
a) strategic deterrence and prevention of military conflicts that may arise as a result of the use of information technologies;
b) improving the information security system of the Armed Forces of the Russian Federation, other troops, military formations and bodies, which includes the forces and means of information warfare;
c) forecasting, detection and assessment of information threats, including threats to the Armed Forces of the Russian Federation in the information sphere;
d) assistance in ensuring the protection of the interests of the allies of the Russian Federation in the information sphere;
e) neutralization of information and psychological impact, including those aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland.
22. The strategic goals of ensuring information security in the field of state and public security are the protection of sovereignty, the maintenance of political and social stability, the territorial integrity of the Russian Federation, the provision of fundamental rights and freedoms of man and citizen, as well as the protection of critical information infrastructure.
23. The main directions for ensuring information security in the field of state and public security are:
a) countering the use of information technology to promote extremist ideology, the spread of xenophobia, ideas of national exclusiveness in order to undermine sovereignty, political and social stability, forcibly change the constitutional order, violate the territorial integrity of the Russian Federation;
b) suppression of activities that damage the national security of the Russian Federation, carried out using technical means and information technologies by special services and organizations of foreign states, as well as by individuals;
c) increasing the security of critical information infrastructure and the stability of its operation, developing mechanisms for detecting and preventing information threats and eliminating the consequences of their manifestation, increasing the protection of citizens and territories from the consequences of emergencies caused by information and technical impact on critical information infrastructure facilities;
d) improving the security of the operation of information infrastructure facilities, including in order to ensure sustainable interaction between state bodies, preventing foreign control over the operation of such facilities, ensuring the integrity, stability and security of the unified telecommunications network of the Russian Federation, as well as ensuring the security of information transmitted over it and processed in information systems on the territory of the Russian Federation;
e) improving the safety of functioning of weapons, military and special equipment and automated control systems;
f) increasing the efficiency of prevention of offenses committed with the use of information technologies and counteraction to such offenses;
g) ensuring the protection of information containing information constituting a state secret, other information of limited access and distribution, including by increasing the security of relevant information technologies;
h) improvement of methods and methods of production and safe use of products, provision of services based on information technology using domestic developments that meet the requirements of information security;
i) improving the efficiency of information support for the implementation of the state policy of the Russian Federation;
j) neutralization of information impact aimed at erosion of traditional Russian spiritual and moral values.
24. The strategic goals of ensuring information security in the economic sphere are to reduce to the minimum possible level the impact of negative factors caused by the insufficient level of development of the domestic information technology and electronic industries, the development and production of competitive information security tools, as well as increasing the volume and quality of services in the field of information security.
25. The main directions of ensuring information security in the economic sphere are:
a) innovative development of the information technology and electronics industry, an increase in the share of products of this industry in the gross domestic product, in the structure of the country's exports;
b) eliminating the dependence of the domestic industry on foreign information technologies and means of ensuring information security through the creation, development and widespread implementation of domestic developments, as well as the production of products and the provision of services based on them;
c) increasing competitiveness Russian companies operating in the information technology and electronics industries, developing, manufacturing and operating information security tools, providing services in the field of information security, including through the creation favorable conditions to carry out activities on the territory of the Russian Federation;
d) development of domestic competitive electronic component base and production technologies electronic components, meeting the needs of the domestic market for such products and the release of these products to the world market.
26. The strategic goal of ensuring information security in the field of science, technology and education is to support the innovative and accelerated development of the information security system, the information technology industry and the electronics industry.
27. The main directions for ensuring information security in the field of science, technology and education are:
a) achieving the competitiveness of Russian information technologies and developing scientific and technical potential in the field of information security;
b) creation and implementation of information technologies that are initially resistant to various types of impact;
c) conducting scientific research and experimental development in order to create advanced information technologies and means of ensuring information security;
d) development of human resources in the field of information security and the use of information technologies;
e) ensuring the protection of citizens from information threats, including through the formation of a culture of personal information security.
28. The strategic goal of ensuring information security in the field of strategic stability and equal strategic partnership is the formation of a stable system of non-conflict interstate relations in the information space.
29. The main directions for ensuring information security in the field of strategic stability and equal strategic partnership are:
a) protecting the sovereignty of the Russian Federation in the information space through the implementation of an independent and independent policy aimed at realizing national interests in the information sphere;
b) participation in the formation of an international information security system that provides effective counteraction to the use of information technologies for military and political purposes that are contrary to international law, as well as for terrorist, extremist, criminal and other illegal purposes;
c) creation of international legal mechanisms, taking into account the specifics of information technologies, in order to prevent and resolve interstate conflicts in the information space;
d) promotion within the framework of the activities of international organizations of the position of the Russian Federation, which provides for the provision of equal and mutually beneficial cooperation of all interested parties in the information sphere;
e) development of a national management system for the Russian segment of the Internet.
V. Organizational bases for ensuring information security
30. The information security system is part of the national security system of the Russian Federation.
Ensuring information security is carried out on the basis of a combination of legislative, law enforcement, law enforcement, judicial, control and other forms of activity of state bodies in cooperation with local governments, organizations and citizens.
31. The system for ensuring information security is built on the basis of the delimitation of powers of legislative, executive and judicial authorities in this area, taking into account the jurisdiction of federal government authorities, government authorities of the constituent entities of the Russian Federation, as well as local governments determined by the legislation of the Russian Federation in the field of security security.
32. The composition of the information security system is determined by the President of the Russian Federation.
33. The organizational basis of the information security system is made up of: the Federation Council of the Federal Assembly of the Russian Federation, the State Duma of the Federal Assembly of the Russian Federation, the Government of the Russian Federation, the Security Council of the Russian Federation, federal executive authorities, the Central Bank of the Russian Federation, the Military Industrial Commission of the Russian Federation, interdepartmental bodies created by the President of the Russian Federation and the Government of the Russian Federation, executive authorities of the constituent entities of the Russian Federation, local governments, judicial authorities participating in solving problems of ensuring information security in accordance with the legislation of the Russian Federation.
Participants in the information security system are: owners of critical information infrastructure facilities and organizations operating such facilities, mass media and mass communications, organizations in the monetary, foreign exchange, banking and other areas of the financial market, telecom operators, information system operators, organizations that carry out activities for the creation and operation of information systems and communication networks, for the development, production and operation of information security tools, for the provision of services in the field of information security, organizations engaged in educational activities in this area, public associations, other organizations and citizens who in accordance with the legislation of the Russian Federation, they participate in solving problems of ensuring information security.
34. The activities of state bodies to ensure information security are based on the following principles:
a) the legality of public relations in the information sphere and the legal equality of all participants in such relations, based on the constitutional right of citizens to freely seek, receive, transmit, produce and disseminate information in any legal way;
b) constructive interaction of state bodies, organizations and citizens in solving problems to ensure information security;
c) maintaining a balance between the need of citizens for the free exchange of information and restrictions associated with the need to ensure national security, including in the information sphere;
d) sufficiency of forces and means to ensure information security, determined, among other things, through continuous monitoring of information threats;
e) observance of generally recognized principles and norms of international law, international treaties of the Russian Federation, as well as the legislation of the Russian Federation.
35. The tasks of state bodies in the framework of activities to ensure information security are:
a) ensuring the protection of the rights and legitimate interests of citizens and organizations in the information sphere;
b) assessing the state of information security, forecasting and detecting information threats, determining priority areas for their prevention and elimination of the consequences of their manifestation;
c) planning, implementation and evaluation of the effectiveness of a set of measures to ensure information security;
d) organizing activities and coordinating the interaction of information security forces, improving their legal, organizational, operational-investigative, intelligence, counterintelligence, scientific, technical, information-analytical, personnel and economic security;
e) development and implementation of state support measures for organizations engaged in the development, production and operation of information security tools, for the provision of services in the field of information security, as well as organizations engaged in educational activities in this area.
36. The tasks of state bodies in the framework of activities to develop and improve the information security system are:
a) strengthening the vertical of control and centralization of information security forces at the federal, interregional, regional, municipal levels, as well as at the level of informatization objects, operators of information systems and communication networks;
b) improving the forms and methods of interaction between information security forces in order to increase their readiness to counter information threats, including through regular training (exercises);
c) improvement of information-analytical and scientific-technical aspects of the functioning of the information security system;
d) increasing the efficiency of interaction between state bodies, local governments, organizations and citizens in solving problems of ensuring information security.
37. The implementation of this Doctrine is carried out on the basis of sectoral strategic planning documents of the Russian Federation. In order to update such documents, the Security Council of the Russian Federation determines a list of priority areas for ensuring information security in the medium term, taking into account the provisions of the strategic forecast of the Russian Federation.
38. The results of monitoring the implementation of this Doctrine are reflected in the annual report of the Secretary of the Security Council of the Russian Federation to the President of the Russian Federation on the state of national security and measures to strengthen it.
Document overview
A new Doctrine of Information Security of Russia has been approved.
The strategic goals and main directions of ensuring information security are determined.
The main information threats are analyzed. An assessment of the state of information security is given.
It is noted that the practice of introducing information technologies without linking to information security significantly increases the likelihood of information threats.
The state of information security is influenced, in particular, by the fact that some foreign countries are increasing the possibilities of information and technical influence on the information infrastructure for military purposes. The activities of organizations carrying out technical intelligence in relation to Russian government agencies, scientific organizations and defense industry enterprises.
There is a trend towards an increase in the volume of materials in foreign media with a biased assessment of domestic state policy. Russian media are often subjected to outright discrimination abroad.
Various terrorist and extremist organizations widely use the mechanisms of information influence. The scale of computer crime is on the rise.
The main directions of ensuring information security in the field of defense, state and public security, in the economic sphere, in the field of science, technology and education, strategic stability and equal strategic partnership are given.
The composition of the information security system is determined by the President of the Russian Federation. The Security Council of Russia establishes a list of priority areas for ensuring information security in the medium term.
The results of monitoring the implementation of the doctrine are reflected in the annual report of the Secretary of the Security Council to the President of the Russian Federation.
The former Information Security Doctrine of Russia, approved in 2000, has been declared invalid.
The decree comes into force from the date of its signing.
Analysis of the provisions of the Information Security Doctrine of the Russian Federation
Alexander Antipov
Analysis of the provisions of the Information Security Doctrine of the Russian Federation, introduced by Decree of the President of the Russian Federation of December 5, 2016 No. 646.
On December 5, 2016, the Decree of the President of the Russian Federation came into force, approving the new Information Security Doctrine, which replaced the document that had been in force in Russia since 2000. This is a significant step aimed at regulating information security issues in our country. The doctrine reflects national interests, official views on the goals, objectives, principles and main directions of ensuring information security in the Russian Federation. We propose to consider the most significant provisions of the new document and discuss the prerequisites for the changes made.
The doctrine not only describes the strategy of actions to ensure information security in our country for the next ten years, but also explains the existing shortcomings in the effectiveness of the measures taken.
The document was filled with specifics, and the factors affecting the state of information security in Russia covered all areas of the company's activities: the credit and financial sphere, the areas of defense, state and public security, science, technology and education, strategic stability and equal strategic partnership.
Definitions and general provisions
The first section of the new doctrine includes the basic concepts used in the document, which in the new edition have become fuller, broader and more structured. The doctrine is based on the Constitution, federal laws and normative legal acts, which is confirmed by the wording and terms used in the documents. So, for example, the concept of “information infrastructure of the Russian Federation” is based on the term “website on the Internet”, which was introduced into the Federal Law of July 27, 2006 No. 149-FZ “On Information, Information Technologies and Information Protection”, as amended in 2012 of the year.
National interests of the Russian Federation in the information sphere
During the time that has passed since the publication of the first doctrine, the information sphere has undergone significant changes. Information technologies have acquired a global cross-border character and have become an integral part of all areas of human activity, and the economic development of the state has become more dependent on the effectiveness of their application.
It is not surprising that the national interests of the Russian Federation in the information sphere have expanded. Previously, four main components of national interests were distinguished:
"Respect for the constitutional rights and freedoms of man and citizen in the field of obtaining information and using it, ensuring the spiritual renewal of Russia, preserving and strengthening the moral values of society, the traditions of patriotism and humanism, the cultural and scientific potential of the country."
« Information Support of the state policy of the Russian Federation, connected with bringing to the Russian and international public reliable information about the state policy of the Russian Federation, its official position on socially significant events in Russian and international life, with ensuring citizens' access to open state information resources.
“The development of modern information technologies, the domestic information industry, including the industry of informatization, telecommunications and communications, meeting the needs of the domestic market with its products and the entry of these products to the world market, as well as ensuring the accumulation, safety and effective use domestic information resources».
"Protection of information resources from unauthorized access, ensuring information security of information and telecommunication systems, both already deployed and being created on the territory of Russia."
The first two components, despite changes in the wording, have retained their significance, since they are based on the foundations of the constitutional rights and freedoms of a citizen:
“Ensuring and protecting the constitutional rights and freedoms of a person and a citizen in terms of obtaining and using information, privacy when using information technologies, providing information support for democratic institutions, mechanisms for interaction between the state and civil society, as well as the use of information technologies in the interests of preserving cultural , historical, spiritual and moral values of the multinational people of the Russian Federation”.
"Bringing to the Russian and international public reliable information about the state policy of the Russian Federation and its official position on socially significant events in the country and the world, the use of information technology to ensure the national security of the Russian Federation in the field of culture."
As for other categories of national interests, the authors of the doctrine took into account the current situation in the world of information technology and did not bypass the problem of computer attacks aimed at the industrial sector. As Positive Technologies experts have repeatedly noted in their publications, national security depends on the security of critical information infrastructure facilities. State regulatory authorities, in turn, have already developed requirements aimed at improving security at critical and potentially dangerous facilities (for example, FSTEC Order No. 31 and FSTEC guidance documents on protecting key information infrastructure systems). And now security industrial systems became one of the national interests of Russia in the information sphere.
The priorities of the Russian Federation were also named:
"Ensuring the stable and uninterrupted functioning of the information infrastructure, primarily the critical information infrastructure of the Russian Federation and the unified telecommunication network of the Russian Federation, in peacetime, in times of imminent threat of aggression and in wartime."
"Development in the Russian Federation of the information technology and electronic industry, as well as improving the activities of industrial, scientific and scientific and technical organizations in the development, production and operation of information security tools, the provision of services in the field of information security."
"Promoting the formation of an international information security system aimed at countering the threats of the use of information technologies in order to violate strategic stability, at strengthening equal strategic partnership in the field of information security, as well as protecting the sovereignty of the Russian Federation in the information space."
The last direction also cannot be ignored. The physical borders separating the states do not stop computer attacks, which means that measures taken only within our country are not enough to ensure the information security of Russia. Joining efforts with other states, planned and coordinated joint activities is an important step towards ensuring information security.
The main information threats and the state of information security
As already mentioned, a new version doctrine is more specific. So, when describing the main information threats and the state of information security in the published document, the characteristics and negative factors affecting the state of information security in various areas are given.
Among the main information threats were called "the increase by a number of foreign countries of the possibilities of information and technical influence on the information infrastructure for military purposes" and the strengthening of "the activities of organizations engaged in technical intelligence in relation to Russian state bodies, scientific organizations and enterprises of the military-industrial complex."
Indeed, Positive Technologies' experience in investigating information security incidents has shown that over the past couple of years, the activities of public sector organizations have repeatedly become the target of cyber espionage. For example, in the summer of 2016, a group was discovered using malware software Remsec to spy on a major Russian corporation.
In place of the problems of "crowding out Russian news agencies, the media from the internal information market and deformation of the structure of international information exchange” and “manipulation of information”, which were concerned by the doctrine of 2000, there was a threat of an increase in “the volume of materials in foreign media containing a biased assessment of the state policy of the Russian Federation”. Evidence of this can be seen in the events recent years. The mass media, mainly published on the Internet, today become a weapon for manipulating public opinion, provoking various kinds of conflicts, inciting information wars. In addition, falsification of historical events is often found in foreign publications. This problem was not ignored by the authors of the new doctrine, which states that “the Russian media are often discriminated against abroad”, “the information impact on the population of Russia is increasing”, including those aimed at “undermining the historical foundations and patriotic traditions associated with the protection of Fatherland". This means that the adoption of measures aimed at protecting against information and psychological impact on society becomes necessary.
The new document identifies the following areas that are most susceptible to destructive impacts due to certain shortcomings:
Credit and financial
The damage caused by computer attacks on financial institutions is constantly growing.
Defense
The scale of application of information technologies for military-political purposes is increasing.
State
The number is growing targeted attacks on objects of critical information infrastructure, the intelligence activities of the special services of foreign states are intensifying.
Scientific
The effectiveness of scientific research aimed at creating promising information technologies is insufficient, and measures to ensure the security of information infrastructure using domestic technologies and products often do not have a comprehensive basis. Nevertheless, in comparison with the previous edition, significant changes in the situation with domestic information technologies are visible. Questions about the forced purchase of imported equipment and the involvement of foreign firms in the creation of information systems in government bodies are no longer raised.
Separately, it is worth highlighting the problem of “insufficient staffing in the field of information security”, which for 16 years has not only not been resolved, but has become aggravated. In addition, “low awareness of citizens in matters of ensuring personal information security”, according to Positive Technologies experts, is one of the main shortcomings in the protection system of any organization and the main reason for the success of attacks carried out using social engineering methods.
Strategic goals and main directions for ensuring information security
The description of the strategic goals of ensuring information security in the new doctrine was reduced to a minimum, but retained the main directions.
Thus, in the economic sphere, “the development and production of competitive means of ensuring information security, as well as increasing the volume and quality of services in the field of information security” stand out. In addition to the development of the information technology industry, it is planned to increase the share of domestic developments in the structure of the country's exports and eliminate dependence on foreign technologies.
In the field of defense, ensuring information security should be aimed at containing and preventing military conflicts, "improving the system for providing information security for the Armed Forces of the Russian Federation and other troops, military formations and bodies" of the Russian Federation, and neutralizing the information and psychological impact.
Particular attention in the new doctrine is paid to ensuring state and public security. Particularly highlighted are the areas of increasing the "security of critical information infrastructure and the stability of its functioning", "preventing foreign control over the functioning" of information infrastructure facilities, "suppressing activities that are detrimental to the national security of the Russian Federation" carried out by special services and organizations of foreign states, improving methods and techniques production based on the use of domestic developments.
In the field of science, a strategic goal is highlighted to support the innovative and accelerated development of the information security system.
By participating in the formation of an international information security system, protecting Russia's sovereignty in the information space, developing a national management system for the Russian segment of the Internet, it is supposed to ensure information security in the field of strategic stability and equal strategic partnership.
conclusions
The key to the high efficiency of measures to ensure information security is the awareness of citizens in matters of ensuring personal information security. The doctrine allows people to focus on this problem.
It is impossible not to note the state’s focus on “improving the competitiveness of Russian companies operating in the information technology and electronics industries, developing, manufacturing and operating information security tools, including by creating favorable conditions for carrying out activities on the territory of the Russian Federation”, development of personnel potential.
“Ensuring the sustainable and uninterrupted functioning of information infrastructure, especially critical information infrastructure” is the most important task for all of us. Changes in this area are dictated by the increase in the number of attacks on state structures and industrial facilities, which has been observed in recent years.
The provisions reflected in the new doctrine are really relevant, as they reflect the current state of information security in Russia and emphasize the problems and information threats aimed at all areas of society. The information security strategy of 2000 was based on assumptions about potential cyber attacks from criminals, international terrorist organizations, and intelligence agencies of foreign states. The new doctrine takes into account real events that have taken place in the field of information security over the past 16 years. For example, a warning Federal Service Security Council, published in December last year, about the plans of foreign intelligence services to use hackers to destabilize the financial system of Russia, is in good agreement with the provisions of the doctrine, which emphasizes the state's focus on increasing the security of the critical information infrastructure of the Russian Federation. The document included such concepts as “website”, “Internet”, “personal information security”, which are most relevant for citizens today, and took into account the current level of information technology development.
The state is doing tremendous work to ensure the information security of the Russian Federation at the legislative, executive and judicial levels. Reworking the provisions of the 2000 doctrine is one of the steps to improve the information security system. And although the doctrine itself is not a regulatory legal act, it determines the strategy of the Russian Federation in the information sphere for the coming years and serves as the basis for improving the legal, methodological, scientific, technical and organizational support for information security of the Russian Federation, which means changes in legislation will not keep you waiting. This was confirmed by the publication on December 6 of the draft law "On the Security of the Critical Information Infrastructure of the Russian Federation", which establishes the organizational and legal framework for ensuring the security of critical information infrastructure in our country.
Yesterday (December 5, 2016) they finally approved the updated Information Security Doctrine of the Russian Federation (here is a link to the text). Let me remind you that the old version of the document was already from 2000, and by now it, of course, is outdated. It is strange that the final version differs significantly from the project discussed earlier, but okay ...
In my opinion, the document turned out to be quite sensible and concise (only 16 pages), but rather received only cosmetic changes. Unfortunately, the document is not very convenient to use, certain topics (import substitution, CII protection, incident response, etc.) are blurred, important provisions need to be collected...
When I first read the document, I noticed this (in comparison with the 2000 edition):
1. Updated terms
The basic term "information security of the Russian Federation" has changed (expanded).
It was:
The information security of the Russian Federation is understood as the state of protection of its national interests in the information sphere, determined by the totality of balanced interests of the individual, society and the state.
It became:
Information security of the Russian Federation - the state of protection of the individual, society and the state from internal and external information threats, which ensures the implementation of the constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation , defense and security of the state.
All terms were even singled out in a separate paragraph, and they define the following concepts: "national interests of the Russian Federation in the information sphere", "threat to the information security of the Russian Federation", "information security of the Russian Federation", "ensuring information security", "information security forces ", "information security tools", "information security system", "information infrastructure of the Russian Federation".
2. It appeared about the security of critical information infrastructure (CII), and they began to talk about the need for its uninterrupted functioning
Now they are talking about CII explicitly, but there are few specifics. Of course, I wanted to hear about GosSOPKA, but there are only echoes of it:
...
c) increased security critical information infrastructure and the stability of its functioning, the development of mechanisms for detecting and preventing information threats and eliminating the consequences of their manifestation, increasing the protection of citizens and territories from the consequences of emergencies caused by information and technical impact on critical information infrastructure facilities;
d) improving the safety of operation information infrastructure facilities, including for the purpose of ensuring stable interaction between state bodies, preventing foreign control over the operation of such facilities, ensuring the integrity, stability and security of the unified telecommunications network of the Russian Federation, as well as ensuring the security of information transmitted over it and processed in information systems on the territory of the Russian Federation Federations;
The Russian segment of the Internet is mentioned separately:
29. The main directions for ensuring information security in the field of strategic stability and equal strategic partnership are:
...
e) development of a national management system for the Russian segment of the Internet.
3. Much, much talk about the information and psychological impact
Mention the need to "bring to the Russian and international public credible information on public policy", focusing on "the extent to which the means of providing information and psychological impact aimed at destabilizing the domestic political and social situation" and "aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland", they write about "the trend towards an increase in the volume of materials in foreign media containing biased assessment state policy", are afraid of "erosion of traditional Russian spiritual and moral values". The questions are, of course, important and correct, they were mentioned in the old edition, but there is too much about it ...
4. Focus on providing information security in the financial sector
And also PD mention:
14. Computer crime is on the rise, especially in credit and financial sphere, the number of crimes related to the violation of the constitutional rights and freedoms of a person and a citizen is increasing, including in terms of privacy, personal and family secrets, when processing personal data using information technology. At the same time, the methods, methods and means of committing such crimes are becoming more sophisticated.
5. They talk about the problem of implementing IT without taking into account information security issues
At the same time, the practice of introducing information technologies without linking them to ensuring information security significantly increases the likelihood of information threats.
6. A lot of text about import substitution is expected.
I will write a separate note about this with quotes.
7. Development of information security services has become a national priority8. National interests in the information sphere are:Hello consulting and outsourcing!
...
c) development in the Russian Federation of the information technology and electronic industry, as well as improving the activities of industrial, scientific and scientific and technical organizations in the development, production and operation of information security tools, the provision of services in the field of information security;
8. Finally, they began to talk about the prevention and combating of crime
23. The main directions for ensuring information security in the field of state and public security are:
e) increasing the effectiveness of preventing crimes committed using information technology and combating such crimes;