Comparison of information security doctrines
Over the past two decades, not only the real, but also the virtual world has changed significantly. Therefore, in 2016, the need arose to replace the Doctrine of Information Security of the Russian Federation. In December, Vladimir Putin signed a decree replacing the old Doctrine with a new one. It takes into account all the current and future information security features. How does it differ from the 2000 document?
Comparison of the IS Doctrines of the Russian Federation in 2000 and 2016
The new Doctrine of Information Security is, first of all, a part of the overall National Security Strategy of the Russian Federation, and meets new requirements, threats and realities. For example, in 2000, the Internet was just beginning to gain popularity in Russia, and in 2016 it is already an inseparable part of the country's life. The global network affects the dissemination of information and other aspects.
Compared to the expired Doctrine, the new document has a clearer and more consistent structure.
The strategies include the following:
- countering security threats;
- protection against the use of information technology as a weapon for terrorist and extremist purposes;
- weakening of the leading position of foreign technologies and products, protection of national interests (import substitution).
Also in the new Doctrine a special place is given to the legal aspects of information security. An innovation is that now information security should be provided not only by the authorities, but also by the media, telecom operators, educational organizations, organizations of the financial and banking sectors, and providers.
From now on, information security is dealt with by a much wider circle of citizens. But these achievements do not yet mean the final victory over the threats associated with theft of information, hacks and attacks on key elements of critical information infrastructure.
Analysis of the provisions of the Doctrine of information security of the Russian Federation
An important place in the Doctrine is given to the protection of information in four areas: scientific, financial, defense and government. In the economic aspect, the emphasis is on enhancing the role of domestic achievements in the field of protecting the information field, on getting out of the influence of foreign technologies. In the military sphere, the prevention of acts of terrorism is important.
In science, the most important point is the development of new developments in the information sphere at a rapid pace. The security of society and the state is highlighted. In particular, the importance of suppressing control by other states is emphasized, which carries a possible threat to the information security of the Russian Federation.
The idea of developing and improving the Russian-speaking segment on the Internet, on the one hand, and international strategic cooperation on an equal footing, on the other, is being promoted. Separate points are devoted to individual information security, personal space on the Internet, privacy of personal data of users. And yet, one of the main directions and the most important issue that the Doctrine raises and tries to solve is cybersecurity.
A breakthrough for the new document was that, unlike the old one, the Doctrine of 2016 is based on the already passed experience of protection against information threats, including hacker attacks, hacking of financial systems and leakage of funds, revitalization of prohibited organizations, and other criminal precedents. Thus, clear legal principles of data protection and security in the information field are laid down.
Doctrine 2.0: how information threats have changed in 16 years
Both the old and the new Doctrine provide actual threats that need to be overcome with the help of certain innovations. For the 2000 Information Security Doctrine, the key problems were the decay of the moral values of young people, the outflow of security specialists.
The new Doctrine names cybercrime and the dissemination of materials destabilizing the situation in the country from abroad, in particular, criticizing the Russian Federation and popularizing tendencies that are pressing on young people, as the main threats. According to the authorities, the problem lies in the fact that information systems are still weak for international competition and need support.
Terrorism is an important point. By the way, in the Doctrine of 2016 this word is encountered for the first time, and it is given top priority in connection with the spread of this phenomenon in the world. The main task of state policy to combat these threats is the Doctrine's protection of their own information spheres from external trends, countering information threats, in particular, information war, which is quite capable of escalating into a real military conflict.
New and old Doctrines of information security in Russia. What are the innovations?
In fact, the new Doctrine radically changed the information security paradigm. A new concept of protecting the national field from foreign influences has emerged, based on obtaining reliable information. The main need was the protection of consciousness, the prevention of information warfare, criticism of the Russian Federation, the decline of spiritual and moral values among the population, especially young people.
The innovation was the confident handling of new terms, which in the old Doctrine were referred to more as prediction and assumption than as a real situation. Nowadays such words as “web page”, “confidentiality”, “information war” are in use. This has become a reality of the new time, because the society of the Russian Federation and the whole world has entered a new era with information problems.
The key task of the modern Doctrine is to formulate a clear system for ensuring control over the flow of information, filtering the influence of foreign media. In general, a number of innovations are presented that demonstrate what has already been done in the field of information security.
New Doctrine of Information Security: Issues of Legal Protection of Information
Information security in the new Doctrine is considered from the point of view of international legal relations. The 2016 document lacks a description of the sources of information security threats. This is due to a change in the priorities and emphasis of the modern policy of the Russian Federation in relation to national security. Now the legal protection of information affects the international level, and not just some aspects within the country. The creation of international legal mechanisms is becoming key.
New terms and problems have appeared in the legal field due to the fact that the information field is rapidly developing and covers more and more aspects of real life. In particular, information warfare has become a real problem, which along the way raises many other questions.
Attention has increased to the direction and distribution of funds for financing and providing new domestic technologies, their development, legal approval, as well as increasing competitiveness in relation to foreign information systems.
Cybercrime, which previously did not have such a scale, today requires legal regulation and suppression with new methods. In fact, the legal framework was created back in 2000 with the old Doctrine. But in connection with modern realities and problems requiring an advanced look, amendments and additions are introduced, and in some places completely new concepts and areas of activity related to domestic technologies, international legal acts, reputation abroad, and protection of the population from certain influences.
All this is expressed in the need to create legal justifications suitable for modern realities, expand the legal area to provide wider opportunities for national manufacturers and safety specialists.
In general, a lot of work has been done to update a number of legal aspects affecting the national cybersecurity field and information flows. The experience of 16 years has been analyzed and worked out, during which global trends and realities have changed. The New Doctrine corresponds to them and provides a complete legal basis.
