CONCEPT OF INFORMATION SECURITY MANAGEMENT OF THE DIGITAL ENVIRONMENT IN THE ENTERPRISE ECOSYSTEM

Authors

DOI:

https://doi.org/10.28925/2663-4023.2026.33.1209

Keywords:

security, information security, enterprise ecosystem, digital environment protection, enterprise security management, concept of information security management.

Abstract

The article presents a concept of information security management and protection of the enterprise’s digital environment within the overall ecosystem of “on-demand business.” The transition from segmented protection to the formation of an ecosystem of uninterrupted information flow based on the coherence of stakeholder interaction is substantiated. Within the proposed approach, a decomposition of protection objects is carried out, distinguishing between primary (critical data, business processes) and supporting (IT infrastructure, personnel, facilities) assets. Special attention is paid to the transformation of the role of artificial intelligence in the cybersecurity system; a mechanism for monitoring incoming traffic based on IDS-GAN technology and the implementation of AI agents subject to separate auditing and control are proposed.

The concept is aimed at integrating the internal security management system with the external institutional and regulatory environment of Ukraine, highlighting the role of the National Bank of Ukraine in ensuring the security of financial transactions through the MISP-NBU platform and compliance with the DSTU ISO/IEC 27000 series standards. The relationship between the enterprise’s technical capacity and the requirements of the National Commission for the State Regulation of Electronic Communications is established. Considering blackout risks, the model incorporates the C2M2 model of the Ministry of Energy of Ukraine to assess the cybersecurity of the energy component of business operations. It is demonstrated that effective management of the digital environment requires a multi-level control structure (from strategic to operational) and mandatory cryptographic protection of communication channels. The obtained results may serve as a methodological basis for developing comprehensive cyber resilience programs that ensure continuity of information flows through the synergy of technological innovations and regulatory compliance. In addition, they may be applied by IT departments and risk management specialists to build adaptive protection systems under conditions of high uncertainty.

Downloads

Download data is not yet available.

Author Biographies

Tetiana Muzhanova, State University of Information and Communication Technologies

PhD in Public Administration, Associate Professor, Associate Professor of the Department of Cybersecurity and Information Protection Management

Oleksandr Diachuk, State University of Information and Communication Technologies

Postgraduate of the Department of Cybersecurity and Information Protection Management

References

Mashchenko, M., & Ippolitov, Y. (2024). Formation of an enterprise information security enhancement strategy. Entrepreneurship, Trade and Exchange Activities, 2. https://doi.org/10.32782/2524-0072/2024-70-147

Kramarenko, I., Irtyshcheva, I., Bilousova, S., Irtyshchev, O., & Harahulia, A. (2024). Organizational and managerial mechanisms for ensuring information security of entrepreneurial activity in the context of digital transformation of Ukraine’s economy. Entrepreneurship and Innovation, 32, 246-252. https://doi.org/10.32782/2415-3583/32.38

Ozarko, K. S., & Kopytko, S. B. (2023). Features of the functional approach to enterprise information security management under crisis conditions. Bulletin of Economic Science of Ukraine, 1(44), 45-49.

Hrytsenko, P. (2025). Information security at a state enterprise under martial law and organizational methods of its implementation. Dictum Factum, 1(17), 298-306. https://doi.org/10.32703/2663-6352/2025-1-17-298-306

Sorokivska, O., Kuzhda, T., & Kinal, N. (2025). Digital risks and information security of the corporate sector. Herald of Khmelnytskyi National University. Economic Sciences, 342(3(1)), 95-105. https://doi.org/10.31891/2307-5740-2025-342-3(1)-14

Plesiuk, O. (2025). Digital risks in enterprise development management. Bulletin of Sumy National Agrarian University, 3(103), 65-70. https://doi.org/10.32782/bsnau.2025.3.10

Rezvorovych, K., & Tolmachova, Y. (2025). Digital risks for human rights: Artificial intelligence between progress and irresponsibility. Scientific Bulletin of Dnipro State University of Internal Affairs, 3(136), 76-86.

Stepanov, V. (2024). Digitalization and digital security risks. Bulletin of the National University of Civil Protection of Ukraine. Series: Public Administration, 1, 55-61.

Kostiuk, Y. V., Skladannyi, P. M., Hulak, H. M., Bebeshko, B. T., Khorolska, K. V., & Rzaieva, S. L. (2025). Security of information and communication systems. Borys Grinchenko Kyiv Metropolitan University.

Bolek, V., Romanová, A., & Korček, F. (2023). The information security management systems in e-business. Journal of Global Information Management, 1-29. https://doi.org/10.4018/jgim.316833

Ministry of Energy of Ukraine. (2024). Methodology for assessing the cybersecurity state of electrical networks and cybersecurity practices of electrical networks (Order No. 285). https://zakon.rada.gov.ua/laws/show/z1278-24

Reznikova, V., & Kravets, I. (2019). Classification of goods: Economic and legal aspect. Economics and Law, 2(53). https://doi.org/10.15407/econlaw.2019.02.025

Council of the European Union. (n.d.). EU rules on platform work. https://www.consilium.europa.eu/en/policies/platform-work-eu/#economy

Verkhovna Rada of Ukraine. (2022). Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS 2). https://zakon.rada.gov.ua/laws/show/9a3_001-22

International Organization for Standardization. (2022). ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection – Information security management systems – Requirements. https://www.iso.org/obp/ui/en/#iso:std:iso-iec:27002:ed-3:v2:en:term:3.1.20

National Bank of Ukraine. (n.d.). Authorization of payment market participants. https://bank.gov.ua/ua/supervision/payment-services

TASKOMBANK. (2025). Information security policy. https://tascombank.ua/files/Polityka_informatsiinoi_bezpeky-2025.pdf

National Commission for the State Regulation of Electronic Communications, Radiofrequency Spectrum and Postal Services. (n.d.). Regulatory activities. https://nkek.gov.ua/diialnist/rehuliatorna-diialnist

Downloads


Abstract views: 1

Published

2026-06-25

How to Cite

Kapeliushna, T., Muzhanova, T., & Diachuk, O. (2026). CONCEPT OF INFORMATION SECURITY MANAGEMENT OF THE DIGITAL ENVIRONMENT IN THE ENTERPRISE ECOSYSTEM. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 1(33), 144–155. https://doi.org/10.28925/2663-4023.2026.33.1209

Issue

Vol. 1 No. 33 (2026): Cybersecurity: Education, Science, Technique

Section

Articles

License

Copyright (c) 2026 Тетяна Капелюшна, Тетяна Мужанова, Олександр Дьячук

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Most read articles by the same author(s)