Challenges on introducing information security standards: A case study

Abstract

The article discusses the current state and prospects for the further development (modernization) in the area of information security (IS) in Kazakhstan. Special attention is paid to the challenges that may arise when taking cyber security measures in relation to special requirements of standards to security and an independent IS audit at essential objects of the information and communication infrastructure (EOICI).The purpose of the study is to analyze the challenges on introducing modern standards of IS in the context of forming the national cyber security system in the Republic of Kazakhstan. The study has determined that the current challenges on introducing modern IS standards to maintain a high level of cyber security are related to the underdevelopment of the regulatory framework for the list of EOICI, the creation of an IS audit system and an information and analytical system to form national IS indicators. Recommendations have been given, and areas for the further study have been identified.