Modern information security risks in the context of digital transformation of public and municipal administration: ways to overcome[Современные Риски Информационной Безопасности В Условиях Цифровой Трансформации Государствен-Ного И Муниципального Управления: Пути Преодоления]

Introduction. The article is devoted to topical issues of information security in the public sector. An analysis of cyber threats that can be implemented in the public sector is being conducted. The protection of personal data in general is analyzed. Purpose. Analyze the key risks in the context of the digital transformation of public administration in the field of information security, based on statistical data and empirical indicators, and identify ways to overcome them. Materials and methods. The methodological basis of the research consists of the method of scientific abstraction, the analysis of normative documents and standards, system analysis, comparative analysis of statistical data, the method of trend analysis, as well as the method of expert opinions. Results. The study analyzed the regulatory framework for information security in general. Special attention is paid to electronic document management systems as a tool for the strategic direction of digital transformation of public administration. It is determined that these systems are both state information systems and personal data information systems. A brief algorithm for ensuring information security in this case is given in the context of the implementation of measures ordered by the Federal Service for Technical and Export Control for government information systems and personal data information systems. The statistics of cyber attacks on Russian government authorities in recent years are given. The main trends in the activities of intruders and methods of combating them are analyzed. Conclusions. Government institutions remain a high-priority target for intruders, despite the development of protective mechanisms. It is important to highlight the necessary measures to strengthen information security: comprehensive implementation of regulatory requirements (Federal Service for Technical and Export Control, Federal Security Service), introduction of modern technical means of information protection, advanced training of government officials in the field of information security, constant monitoring and updating of protection systems, development of domestic cybersecurity technologies. Promising areas of development include: the integration of artificial intelligence into security systems, the development of predictive threat analytics technologies, the improvement of attack early detection mechanisms, and the strengthening of the regulatory framework in the field of information security. Thus, despite the successes achieved in the digitalization of public administration, continued systematic work is required to strengthen information security. Special attention should be paid to the development of domestic technological solutions and improving the competence of personnel in the field of information security.