Information security and information protection agencies, their functions and tasks, regulatory activities
Information security agencies, together with legislation, form a state system of information security and information protection.
The State information protection system includes:
legislative, executive and judicial authorities;
legislation regulating relations in the field of information protection and information resources;
the regulatory legal framework for the protection of information;
information protection services (bodies) of enterprises, organizations, and institutions.
Legislative authorities (the State Duma) issue laws regulating relations in the field of information protection. Their list is discussed in the previous section.
The regulatory framework is formed on the basis of normative legal acts in the field of information protection issued by bodies of various branches of government, ministries, departments.
The regulatory framework is based on the guidance documents and standards issued by the State Standard.
The executive authorities (the Government) control the implementation of these laws. The Government adopts relevant regulations in the field of information protection and issues orders that are subordinate regulatory legal acts.
Ministries and departments, in accordance with their purpose, develop and adopt resolutions and decisions that are normative legal acts. In addition, they develop and approve such regulations as regulations, manuals, instructions, rules, and methodological recommendations. Regulations at this level also include orders and letters from heads of departments and ministries.
The main agencies regulating relations in the field of information protection include:
Interdepartmental Commission for the Protection of State Secrets;
Federal Service for Technical and Export Control (FSTEC);
Gosstandart of Russia;
The Federal Security Service (FSB of the Russian Federation).
In addition, the Russian Foreign Intelligence Service and the Federal Border Guard Service take part in ensuring information security.
The main governing body of the state information protection system is the FSTEC. In accordance with its functions, it carries out:
coordination of the activities of bodies and organizations in the field of protection of information processed by technical means;
ensuring the protection of information with the help of technical means;
organizational and methodological management of information protection activities;
development and financing of scientific and technical programs for information protection;
approval of regulatory and technical documentation;
functions of the state body for certification of products according to information security requirements;
licensing of the activities of enterprises providing services in the field of information security.
For the organization and implementation of information protection, the FSTEC issues relevant regulatory documents.
Gosstandart develops standards in the field of information protection.
The bodies of the FSB of the Russian Federation perform their functions:
in the formation and implementation of state and scientific and technical policy in the field of information security, including the use of engineering, technical and cryptographic tools;
when providing cryptographic and engineering methods for the security of information and telecommunications systems, as well as systems of encrypted, classified and other types of special communications in Russia and its institutions located outside Russia;
licensing and certification of certain types of activities providing access to the state secrets of the Russian Federation.
The bodies of the Ministry of Internal Affairs are fighting offenders in the information sphere and computer crimes. To do this, a special department "R" has been created in the structure of the Ministry of Internal Affairs to prevent and solve computer crimes.
The bodies of the State Customs Committee (SCC) are obliged to prevent the illegal import and export of "pirated" products from Russia, thereby ensuring the protection of copyright and patent rights.
Heads of enterprises, organizations, institutions, in accordance with their official duties, in activities related to information that constitutes a state or other secret, create a service (division) for information protection. To organize relevant activities, they issue regulatory legal acts (orders, orders), as well as approve manuals, instructions, regulations, rules, methodological recommendations related to information protection and the activities of information protection services. For activities related to state secrets, the company must have a license for this type of activity, a special department of the FSB is introduced into its structure; all means of protection must be certified.
The judicial authority oversees and holds accountable for violations of legislation in the information sphere. In their activities, the courts are guided by the relevant articles of the Criminal Code of the Russian Federation, the Civil Code of the Russian Federation, and the Administrative Code.
So, information security is an important component of Russia's national security. The State's policy in this area of activity is primarily aimed at organizing the protection of state secrets and developing the legal framework for information protection. Legal protection of information acts as one of the most important ways and methods of information protection.
