Versatility of legislation on information security challenges the effective usage of
existing legal instruments on local, national and international levels, because the
information and cyber security issues have no borders. The authors assume that
understanding of legislation implementation on different levels will help to consider
the peculiarities of their application both in terms of the society’s vital functions and
in terms of national interests.
The suggested multilevel approach (MEGA – for international level, META – for
national one, MACRO – for state one, MEZO – for the level of region (municipal),
MICRO – for the level of legal entity, and NANO – for the level of a natural person)
enables to arrange the legal regulation of relations between the society, its members
and the state, between the legal entities and natural persons, taking to account
international trends in this field.
For the relevant regulation of relations between the levels it is crucial to
understand correctly the main components of information security and functions of its
legal regulation. The authors identify the following components of the information
security legal provision:
1.
Legal and scientific basis
2.
Structure and competences of the authorities in charge of information
technologies security provision
3.
Organizational, technical and special methods and actions (Information
Security Policy)
4.
Software and technical means of information security provision.
The functions of the legal provision of information security may be defined as
follows:
1.
multilevel regulation of relations between the subjects of information security
with their rights, obligations and responsibilities identification;
2.
legal provision of actions of information security subjects in all the levels
(legal entity, regional and state authorities, nation);
3.
regulation of usage of various means and tools for information security
provision.
Thus, the information security legislation should be screened according to the
mentioned above levels in the light of the existing hierarchy of legal acts, the content
of relations and the list of persons under the legislation (Figure 1):
MEGA –international acts on information security;
META – provisions of Constitution of Ukraine which are conceptual for all the
spheres, and the provisions of such laws as “On National Security” [46] and President’s
Order on Strategy of National Security of Ukraine [40]. The mentioned documents
consider main rules from international acts and agreements which have been once
ratified by the Supreme Council of Ukraine.
- 1038 -