CYBER INCIDENT MANAGEMENT: APPROACHES AND BEST PRACTICES

LIUDMYLA VOLODYMYRIVNA RYBALCHENKO
PhD, Associate Professor , Dnipropetrovsk State University of Internal Affairs, Dnipropetrovsk region, Ukraine
ORCID: 0000-0003-0413-8296
Email: luda_r@ukr.net

OLHA ANDRIIVNA HABORETS
PhD, Associate Professor , Donetsk State University of Internal Affairs, Kropyvnytskyi, Ukraine
ORCID: 0000-0001-7791-6795
Email: olga-gaborets@ukr.net

DOI: https://doi.org/10.24818/cike2025.59

Pages: 488–491

📄 Download PDF

Abstract

When analysing the state of the modern digital environment, it is necessary to emphasise that cyber threats pose a constant risk factor for both private companies and government institutions. It has been established that cyberattacks have become targeted, and their number is on the rise. Therefore, in order to quickly detect, respond to, and reduce the level of cyber incidents, it is necessary to create more effective mechanisms for countering and managing information security incidents.

The purpose of this article is to study cyber incidents that have a negative impact on the country’s information space and pose threats to all areas of activity.

It has been found that cyber incidents vary in nature, including phishing attacks, sending spam to mailboxes, fraudulent messages, hacking private accounts, ransomware, creating complex and targeted attacks on critical infrastructure, and attacks that cause significant financial losses and lead to user distrust of the resources they use most often are also common.

The research used the methods of analysis, synthesis, evaluative and situational, comparative, graphical and generalisation.

It is becoming increasingly difficult to counter cyber threats, as with the development of information technology, fraudsters and cybercriminals are complicating and refining their methods of influence, which is why new, more effective methods of countering them are being developed.

It has been established that cyber attacks most often have political and economic factors, so such attacks pose a particular threat when high-tech means are used. Areas such as economic, social and national security are the most at risk, where cyber incidents pose a significant threat. Therefore, the development of effective and efficient strategies for managing such cyber incidents is currently a pressing issue.

The article concludes that there is a need to develop an effective and comprehensive approach to  detecting, responding to, and restoring information that has been damaged after cyber incidents. It is discussed that with the increase in the level of threats, the requirements for the creation of modern approaches to  integrating all important measures to ensure the resilience of digital systems to cyber threats, which have become increasingly widespread in recent years, are only possible through a combination of modern innovative technologies, the creation of effective security policies and international cooperation.

Thus, cyber incident management is a continuous process that requires the training of highly qualified cybersecurity specialists, the creation of effective technical protection, interaction between teams, and a culture of security within the organisation. In the context of growing cyber threats and crime, it is important for law enforcement agencies to develop effective strategies to combat crime and take measures to protect the rights and freedoms of every citizen and the security of the entire state.

 

Keywords: cyber incidents, technological innovations, security policy, digital systems, cyber attacks, confidential information

JEL Classification: G14, H56, L86

References

    1. ISO/IEC 27035:2020-2024 — Information technology — Information security incident management. https://www.iso27001security.com/html/27035.html
    2. Rybalchenko, L., & Ohrimenco, S. (2024). The impact of cybersecurity and crime on national security. Philosophy, Economics and Law Review, 4(2), 62-72. doi: 10.31733/2786-491X-2024-2-62.
    3. Rybalchenko, L., & Grebinyuk, A.M. (2020). Fundamentals of Information Security Management: Textbook. – Dnipro: Dnipro State University of Internal Affairs. – 144 с.
    4. Department of Cyber Police of the National Police of Ukraine. (2024). Retrieved from https://cyberpolice.gov.ua.
    1. Rybalchenko L.V., & Kosychenko O.O., & Klinitskyi I.I. Ensuring economic security of enterprises taking into account the peculiarities of information security.  Philosophy, Economics and Law Review. Volume 2, no. 1, 2022 p. 96-102. doi:10.31733/2078-3566-2022-5-121-126
    2. Directive of the European Parliament and of the Council No. 2022/2555 “On Network and Information Security (NIS2) and the operation of the domain name system DNS”. (2022, December). https://ccl.org.ua/positionsRetrieved from https://www.nis-2-directive.com/.
    1. European Union Agency for Network and Information Security. (2022). Retrieved from https://www.enisa.europa.eu/.
    2. Dovhan, O., & Lytvynova, L., & Dorohykh, S. (2024). Cybersecurity in the information society: Information and analytical digest. Kyiv: State Scientific Institution “Institute of Information, Security and Law of the National Academy of Sciences of Ukraine”; Vernadsky National Library of Ukraine.
    3. Kolosovskyi, Е. (2023). The current state of cybersecurity of Ukraine in the conditions of wartime. Legal Scientific Electronic Journal, 12, 402-405. doi: 10.32782/2524-0374/2023-12/100.
    4. Sverdlyk, Z. (2022). Cybersecurity and cyber defence: Issues on the agenda in Ukrainian society. Ukrainian Journal of Library and Information Science, 10, 175-188. doi: 10.31866/2616-7654.10.2022.269495.
Scroll to Top