International Information Security in the Era of Technological Transformation: A Mixed Methods Study

Plain Language Summary Infographic

Introduction

In the context of the rapid development of digital technologies and global informatisation, the issues of ensuring international information security are becoming particularly relevant. Technological transformation creates not only new development opportunities but also substantial challenges for national and international security. In developing nations like the Kyrgyz Republic, where rapid digital transformation processes are accompanied by serious security dangers and institutional obstacles, the topic of information security is especially pertinent. These vulnerabilities are confirmed by regional studies: In their study on cybercrime risk awareness among students in Kyrgyzstan and Kazakhstan, Ismailova et al. found that awareness levels are still low and that students are not adequately prepared to combat cyberthreats.¹ By examining Kyrgyz e-justice changes and highlighting the conflict between protecting sensitive data and allowing judicial processes to be transparent, Maralbaeva brought attention to the legal system’s weaknesses and emphasized the need for a more robust and cohesive regulatory framework.² In Central Asia, where digitization frequently surpasses the creation of a national cybersecurity strategy, these investigations highlight systemic flaws.

The theoretical underpinnings of international information security are covered in a sizable body of work that goes beyond the regional viewpoint. In their thorough analysis of cyberattacks and defenses, Li and Liu pointed out that coordinated worldwide responses are necessary due to the threats’ size and sophistication.³ A taxonomy that highlights the intricacy of the threat environment and the interdependence of technological and human elements was also provided by Humayun et al., who systematized cyber threats and vulnerabilities in contemporary information systems.⁴ These comments demonstrate the widespread agreement that effective information security requires international cooperation and that national solutions alone are insufficient.

Institutional factors have also received significant attention. In their analysis of cybersecurity concerns in connection with smart grids, Gunduz and Das showed that vital infrastructures are particularly vulnerable to technological change and need state-level, systematic safeguards.⁵ The institutional factor also permeates organizational decision-making processes. Wu et al. looked at how company interdependencies impact information security choices, demonstrating how disjointed approaches to risk management can compromise the overall resilience of a system.⁶ In the context of Industry 4.0, Pereira et al. reaffirmed this viewpoint by pointing out that the integration of cyber-physical systems raises vulnerability to network attacks and necessitates more coordinated defenses.⁷ Emerging technical solutions have also received more attention recently. In their analysis of blockchain’s function in maintaining security and privacy, Rao et al. made the case that distributed ledger technologies can give information systems additional levels of resilience and trust.⁸ This emphasis on innovation is indicative of a larger academic movement in which research on information security increasingly looks at ways to incorporate security into future technologies’ core architecture in addition to defending against current dangers.

Despite these advances, a significant research gap remains: the adaptation of international information security standards to the specific needs and limitations of developing countries and the mechanisms by which regional cooperation can enhance resilience to cyber threats. This problem is particularly relevant for the Kyrgyz Republic, where information security systems are still in the process of formation. Limited resources, institutional fragmentation, and the need to build a professional workforce create barriers to implementing global cybersecurity standards in practice. At the same time, the country’s active involvement in international and regional cooperation formats demonstrates both the demand and potential for strengthening resilience through shared experience, information exchange, and harmonization of approaches.

The novelty of this study lies in its attempt to connect the national case of the Kyrgyz Republic with the broader dynamics of international information security under conditions of technological transformation. While previous research has offered models of cyber threat classification and infrastructure protection, few studies have systematically examined how developing countries can adapt international standards to local realities and enhance international cooperation mechanisms. This study addresses that gap by analysing the dynamics of information security development in Kyrgyzstan and proposing a model that links national efforts with international frameworks. This study aimed to develop a theoretical model of international information security, incorporating the specifics of technological transformation in the Kyrgyz Republic. The following tasks have been set to achieve this goal:

1. Analyse modern approaches to international information security in the context of technological transformation.
2. Study the peculiarities of the formation of the information security system in the Kyrgyz Republic, considering international standards and regional specifics.
3. Develop recommendations for improving the mechanisms of international cooperation in the field of information security.

Materials and Methods

The research design was based on a combination of content analysis, comparative analysis, and theoretical modelling, applied in sequence to ensure methodological consistency and reproducibility. At the first stage, content analysis was employed to examine the regulatory framework and scholarly literature. Inclusion criteria comprised peer-reviewed articles, monographs, and official international and national regulatory documents addressing information security in the context of digital transformation. Exclusion criteria eliminated opinion pieces, non-scholarly reports, and sources lacking methodological clarity. The time frame was restricted to the years 2014–2025, and English- and Russian-language sources were included. The databases consulted were Scopus, Web of Science, IEEE Xplore, and Google Scholar, complemented by official repositories of the ITU, NIST, the Council of Europe, and the Ministry of Digital Development of the Kyrgyz Republic. International documents such as ISO/IEC 27001 and ISO/IEC 27002 standards, the NIST Cybersecurity Framework 2.0, and ITU recommendations were systematically reviewed to extract key principles, requirements, and best practices.^9–12 At the national level, key legislative acts were analyzed, including Law of the Kyrgyz Republic No. 107 “On Informatisation”, Concept of Information Policy of the Kyrgyz Republic for the Period from 2021 to 2025, National Development Programme of the Kyrgyz Republic until 2030, and Resolution of the Cabinet of Ministers of the Kyrgyz Republic No. 352 “On Approval of the Action Plan of the Cabinet of Ministers of the Kyrgyz Republic for the Implementation of the National Development Programme of the Kyrgyz Republic until 2026”,^13–16 with the aim of identifying the institutional and legal foundations of the national information security system. The analytical procedure consisted of identifying recurring categories, coding legal provisions according to their relevance to regulatory, technological, and institutional aspects, and comparing them with international standards to detect areas of convergence and divergence. The study selection proceeded in three phases: an initial pool of 312 sources was identified, 124 passed title and abstract screening, and 63 were retained after full-text review.

At the second stage, comparative analysis was conducted to assess similarities and differences in the development of information security systems in Kyrgyzstan and other Central Asian countries. The Resolution of the Government of the Republic of Kazakhstan No. 407 “On Approval of the Concept of Cybersecurity” (“Cyber Shield of Kazakhstan”) and Decree of the President of the Republic of Uzbekistan No. UP-6079 “On Approval of the Strategy Digital Uzbekistan-2030 and Measures for its Effective Implementation”^17,18 were studied alongside Kyrgyz regulatory initiatives. The comparison focused on institutional arrangements, priorities of technological development, and approaches to human capital formation. By systematically contrasting the scope, objectives, and implementation mechanisms of each country’s policies, the analysis enabled the identification of regional trends, strengths, and weaknesses relevant for the Kyrgyz Republic.

The third stage involved a review of analytical materials from international organizations: annual reports of the ITU Global Cybersecurity Index, World Economic Forum Global Risks Report, as well as statistics of the National Centre for Information Security of the Kyrgyz Republic on cyber incidents for the period 2020–2025. These materials provided a comprehensive analysis of the state of information security in the context of international standards and regional practices. Finally, the insights from content and comparative analyses were synthesised into a conceptual model that reflects the technological, institutional, and human dimensions of information security in the Kyrgyz context, providing a concise framework for understanding national and regional priorities. To strengthen external validity, the proposed model was also compared with documented national and regional initiatives (the Resolution of the Government of the Republic of Kazakhstan No. 407 “On Approval of the Concept of Cybersecurity” (“Cyber Shield of Kazakhstan”) and Decree of the President of the Republic of Uzbekistan No. UP-6079 “On Approval of the Strategy Digital Uzbekistan-2030 and Measures for its Effective Implementation”)^17,18 to illustrate correspondence between the model’s components and practical implementation cases.

Results

Current trends and challenges in international information security

In the context of digital transformation, current trends in international information security demonstrate significant changes in both the nature of threats and information protection mechanisms. The development of new technologies creates additional vulnerabilities in critical infrastructure that require comprehensive security solutions. Table 1 shows the main trends, current challenges and relevant response mechanisms in the field of international information security. An analysis of the data presented in the table demonstrated that current trends in the development of information technology are shaping a new cyber threat landscape that requires adequate protection mechanisms. Of relevance is the development of preventive protection mechanisms and early warning systems that can effectively counteract modern information security challenges.

Table 1: Key trends and challenges in international information security (2020–2024).
Trends	Challenges	Response Mechanisms
The development of artificial intelligence	Using artificial intelligence (AI) for cyberattacks	Implementation of intelligent security systems
The spread of the Internet of Things	Vulnerabilities in IoT devices	Development of IoT security standards
Cloud technologies	Risks of data leakage	Strengthening encryption mechanisms
Mobile technologies	Mobile threats	Developing mobile security
Social media	Social engineering	Improving digital literacy
Source: Compiled by the authors based on Admass et al.63

The growing complexity and scale of cyber threats are increasing the need to develop comprehensive approaches to information security that incorporate both technical and organisational aspects of protection. International cooperation in countering modern information threats, including the exchange of experience and the development of common security standards, is becoming increasingly important.^19,20 In the context of technological transformation, there is a significant evolution in information threats. Traditional security methods are becoming insufficiently effective in the face of new challenges, which require the development of innovative approaches to protecting information systems. The protection of critical infrastructure, including energy systems, transport networks, and financial institutions, is becoming particularly important.

The spread of artificial intelligence and machine learning technologies is having a significant impact on the development of international information security.^21,22 These technologies create new opportunities for both protecting information systems and conducting cyberattacks. An important aspect is ensuring the security of artificial intelligence systems, protecting them from manipulation and unauthorised access. ^23,24 The development of cloud technologies and distributed computing also creates new challenges for international information security. There is a need to develop effective mechanisms for protecting data stored in cloud systems and ensuring the security of cross-border information transfer. In this regard, the harmonisation of international standards and rules in the field of information security is of particular importance. An important factor is the growing role of mobile technologies and the Internet of Things, which create new vulnerabilities in information systems. The increase in the number of connected devices expands the surface for potential attacks, which requires the development of specialised protection mechanisms and security standards for IoT devices.^25,26

In the context of global digitalisation, the importance of the human factor in ensuring information security is growing.^27,28 Social engineering methods are becoming increasingly sophisticated, which requires raising the level of digital literacy and developing an information security culture. International cooperation in the field of education and training of information security specialists is of particular importance. Comparing the policies of Kazakhstan and Uzbekistan reveals both similarities and notable distinctions in how their information security systems were established. Kazakhstan prioritizes bolstering technical infrastructure and institutional coordination mechanisms through the Resolution of the Government of the Republic of Kazakhstan No. 407 “On Approval of the Concept of Cybersecurity” (“Cyber Shield of Kazakhstan”).¹⁷ The establishment of incident response centers, the construction of state-controlled monitoring platforms, and the incorporation of cybersecurity into vital infrastructure industries like finance and energy all receive significant funding. Kazakhstan launched its first national Computer Emergency Response Teams (CERT) in 2010, which by 2020 had achieved functional maturity, handling over 14,000 incidents annually. Reflecting this centralized and security-driven paradigm, Kazakhstan ranked 31st globally in the ITU Global Cybersecurity Index (GCI) 2020 with a score of 0.79, indicating strong alignment with international norms but limited private-sector adaptability.²⁹

In turn, Uzbekistan incorporates information security into a larger program of digital transformation and socioeconomic development through the Decree of the President of the Republic of Uzbekistan No. UP-6079 “On Approval of the Strategy Digital Uzbekistan-2030 and Measures for its Effective Implementation”.¹⁸ Resources are allocated more evenly between population digital literacy, protection of critical technologies, and business sector involvement in cybersecurity projects. The Computer Emergency Response Team of Uzbekistan was created later, in 2018, and is still at an intermediate maturity stage, with a growing role in coordinating government-private sector responses.³⁰ Uzbekistan’s GCI 2020 ranking (64th, score 0.59) illustrates rapid progress but a lag in technological infrastructure compared to Kazakhstan. The strategy’s emphasis on digital inclusion and public trust reflects a broader governance model that balances technological protection with cultural and human-capital dimensions.

Kazakhstan has thus made significant progress in developing state-level cyber defense systems and aligning standards with global norms, but its centralized model may limit flexibility and private-sector innovation. Uzbekistan, conversely, has advanced in building public-private partnerships and improving digital culture, but still struggles to match Kazakhstan’s level of infrastructural investment and CERT maturity.³¹ These divergent approaches also shape international cooperation: Kazakhstan emphasizes integration into global technical standards, while Uzbekistan prioritizes regional cooperation and localized adaptation of international norms. To situate these developments within a broader Central Asian picture, Kyrgyzstan demonstrates intermediate progress, with a GCI score of 0.59 in 2020 (similar to Uzbekistan) but stronger emphasis on international cooperation mechanisms. By contrast, Tajikistan and Turkmenistan remain the least developed in the region in cybersecurity terms. Tajikistan only recently established a national CERT (2020) with limited operational scope, ranking 106th in GCI 2020 (score 0.33), while Turkmenistan has yet to establish a fully functional national CERT and did not participate in GCI assessments, indicating minimal international integration. This gradient underscores the asymmetry within Central Asia: Kazakhstan leads in technical centralization, Uzbekistan in digital inclusivity, Kyrgyzstan in cooperation, while Tajikistan and Turkmenistan lag behind in institutional readiness.^32,33

Kazakhstan has made significant progress in developing state-level cyber defense systems and bringing its standards into line with global norms in terms of implementation effectiveness. This strategy, meanwhile, may restrict adaptability and private sector creativity. Although Uzbekistan has made strides in developing public-private partnerships and a culture of information security, it still has difficulties in guaranteeing Kazakhstan’s level of technological infrastructure development. Although both nations acknowledge the necessity of joining international cooperation structures, their strategies are different: While Uzbekistan balances technological, cultural, and educational aspects to foster inclusivity and regional cooperation, Kazakhstan aims to bolster national security through centralization and technological domination. These disparities explain why they participate in international projects differently: Uzbekistan places more emphasis on regional cooperation and cultural adaption of international norms, whereas Kazakhstan is more active in aligning with global technical standards.

Peculiarities of forming an information security system in the Kyrgyz Republic

Following the NIST Cybersecurity Framework, the development of the national information security system is assessed by five key components, including technical infrastructure, regulatory framework, competence development, international cooperation and the overall level of digital culture.⁹ These components and their dynamics are shown in Figure 1. The data presented in the figure were collected through assessments conducted over the years 2020 to 2024, based on key performance indicators (KPIs) for each component. These assessments, which were informed by national reports, government agencies, and expert evaluations, reflect the progress made in alignment with ISO/IEC 27000 standards. All percentage data were taken from a study conducted by Maralbaeva2 and Usmonov.³⁴ The analysis of the data presented in Figure 1 following ISO/IEC 27000 standards demonstrates the uneven development of the components of the information security system of the Kyrgyz Republic. The most significant progress has been made in international cooperation, where the indicator has increased from 59% to 82%, reflecting the country’s successful integration into international cybersecurity mechanisms and compliance with global information security standards.

The development of technological infrastructure, as measured by the NIST Cybersecurity Framework, showed a steady increase from 55% to 78% in 2020–2024.12 This indicates the successful implementation of modern technical solutions and compliance with the basic requirements of international information security standards. Progress is particularly noticeable with the creation of incident response centres and the introduction of threat monitoring systems. The legal framework assessed following the ITU recommendations showed an increase from 52% to 79%.11 This indicates a significant improvement in cybersecurity legislation and its harmonisation with international legal standards. Significant progress has been made in regulating the protection of personal data and critical information infrastructure. Human resource development, as measured by information security professional competency standards, increased from 48% to 72%.10 This growth reflects the strengthening of educational programmes and the development of a professional certification system for information security professionals. However, there is still a need for further development of specialised educational programmes and professional development of existing specialists. Despite an increase from 45% to 70%, the digital literacy rate of the population remains the lowest among all components of the system. This indicates the need to strengthen programmes to raise public awareness of information security and develop basic information security skills in accordance with international digital literacy standards.²

According to the recommendations of the ITU and the National Institute of Standards and Technology (NIST), further development of the technological infrastructure of information security in the Kyrgyz Republic is critical.^11,12 Particular attention should be paid to the introduction of artificial intelligence systems to detect and prevent cyber threats, as well as the development of cloud-based data protection technologies. At the same time, it is necessary to ensure that technical solutions comply with the requirements of international standards ISO/IEC 27001 and ISO/IEC 27002.¹⁰ In the context of the development of the regulatory framework, it is important to note the importance of further harmonisation of national legislation with international standards. This includes improving the mechanisms for protecting critical information infrastructure, regulating cross-border data transfer, and developing mechanisms for international cooperation in the field of cybersecurity.

An essential factor in the development of the information security system is the strengthening of human resources. Following international competency standards, it is necessary to expand training programs for information security specialists, including the development of speciality courses and certification programs. Training specialists in cyber threat analysis and information security risk management should receive special attention. International cooperation, which demonstrates the highest development rates, needs to be further strengthened through participation in international cybersecurity initiatives and the development of mechanisms for exchanging information on cyber threats. Another important aspect is the development of regional cooperation within the framework of existing international organisations and interaction formats. To provide a clearer view of the relationship between the national regulatory and institutional framework and international requirements, a policy mapping exercise was conducted. Table 2 presents the alignment of key Kyrgyz legal acts and institutions with the ISO/IEC 27001 control domains and NIST Cybersecurity Framework (CSF) functions. The table also indicates existing gaps and priority actions required to strengthen compliance with global standards.

Table 2: Mapping of Kyrgyz legal acts and institutions to ISO/IEC 27001 domains and NIST CSF functions, with gaps and priorities.
Kyrgyz Legal Act/Institution	ISO/IEC 27001 Control Domain	NIST CSF Function (Identify, Protect, Detect, Respond, Recover)	Coverage/Gaps	Priority Actions
Law of the Kyrgyz Republic No. 107 “On Informatisation”	A.5 Information Security Policies; A.6 Organization of Information Security	Identify/Protect	Establishes basic principles for information systems but lacks detailed cybersecurity requirements.	Update to include AI, IoT, and cloud-specific security provisions.
Concept of Information Policy of the Kyrgyz Republic for the Period from 2021 to 2025	A.18 Compliance; A.7 Human Resource Security	Identify/Protect	Sets strategic direction but implementation mechanisms remain vague.	Introduce enforceable standards and integrate NIST CSF guidance.
National Development Program of the Kyrgyz Republic until 2030	A.14 System Acquisition, Development, and Maintenance	Protect	Aligns digital transformation goals with IS needs but no operational security controls.	Link program KPIs to measurable ISO/IEC 27001 and NIST CSF outcomes.
Resolution of the Cabinet of Ministers of the Kyrgyz Republic No. 352 “On Approval of the Action Plan of the Cabinet of Ministers of the Kyrgyz Republic for the Implementation of the National Development Program of the Kyrgyz Republic until 2026”	A.15 Supplier Relationships; A.16 Information Security Incident Management	Detect/Respond	Provides project-level initiatives but limited in cybersecurity incident response planning.	Establish national CSIRT protocols consistent with NIST Respond/Recover.
National Centre for Information Security of the Kyrgyz Republic	A.12 Operations Security; A.16 Incident Management	Detect/Respond/Recover	Handles incident monitoring and response but lacks resources and trained staff.	Expand technical capacity, integrate regional intelligence sharing platforms.
Educational and Training Institutions (universities, IT academies)	A.7 Human Resource Security; A.17 Information Security Aspects of Business Continuity	Protect/Recover	Emerging programs exist but skills gap remains significant.	Develop accredited certification programs aligned with ISO/NIST competencies.
Source: Compiled by the authors based on.13–16

The mapping reveals a number of significant tendencies. First, even though the Kyrgyz legal system provides a fundamental framework for information security (especially through Law of the Kyrgyz Republic No. 107 “On Informatization”), the provisions are still primarily declarative and need to be updated to take into account new developments in technology, such as cloud computing, artificial intelligence, and the Internet of Things. Second, while strategic planning documents like the National Development Program and the Concept of Information Policy set broad priorities, they lack practical means of carrying them out, especially when it comes to connecting domestic objectives to quantifiable international standards. Third, despite resource and capability limitations, institutional mechanisms are essential to incident monitoring and response. Lastly, while being covered in the policy framework, human capital development is still not well institutionalized, which emphasizes the necessity of internationally recognized training and certification programs. When combined, these shortcomings indicate a twin priority: updating the legal and regulatory framework to comply with NIST CSF and ISO/IEC 27001 while also making investments in personnel development and institutional capability. By addressing systemic vulnerabilities and strengthening these areas, the Kyrgyz Republic will be able to better conform with international standards.

Key Recommendations for Advancing International Cooperation in Information Security

The analysis of trends in the development of international cooperation in the field of information security reveals several key areas that are particularly relevant for the Kyrgyz Republic in the context of technological transformation. The priority is to develop mechanisms for exchanging information on cyber threats. According to Ismailova et al., the effectiveness of countering modern cyber threats directly depends on the speed and quality of information exchange between countries.¹ In this context, the creation of regional information exchange centres and early warning systems for cyber threats is of particular importance. The second area is related to the harmonisation of the regulatory framework. Maralbaeva notes the need to harmonise national information security standards with international requirements.² This includes the development of unified approaches to personal data protection, regulation of cross-border information transfer, and critical infrastructure security. The development of joint educational programmes and the exchange of experience in training specialists is the third important area of international cooperation. According to research by Humayun et al., there is an urgent need to unify the requirements for the competencies of information security professionals and develop international certification programmes.⁴

The fourth area is the creation of joint mechanisms for responding to information security incidents. This involves the formation of international response teams, the development of joint protocols for dealing with cyber incidents, and the creation of coordination systems for countering cross-border cyber threats. The fifth area concerns the development of technological cooperation, including joint research and development in the field of information security. Of particular importance is cooperation in the development of artificial intelligence for cybersecurity and the creation of innovative information security systems.^35,36 In the context of regional cooperation, it is important to strengthen cooperation within existing international organisations and develop new partnership formats. This includes increased participation in regional cybersecurity initiatives and the development of bilateral cooperation mechanisms with key partners.

It is also promising to establish joint centres of competence and laboratories for information security, which will enable a combination of resources and expertise from different countries to solve common problems in the field of cybersecurity. Significant attention in the development of international cooperation is paid to the formation of mechanisms for jointly countering new types of cyber threats, including threats to critical infrastructure and national information systems. The creation of multilateral platforms for the exchange of information on new types of cyberattacks and methods of protection is of relevance. An important aspect is the development of mechanisms for rapid response to information security incidents affecting several countries. An additional factor in strengthening international cooperation is the need to coordinate actions in the investigation of cybercrime that has a transboundary nature.

The development of international certification and standardisation mechanisms in the field of information security is another promising area of cooperation.^37–39 This area includes the development of common approaches to assessing the level of security of information systems and the formation of common security criteria. An important element is the creation of international certification centres for information security specialists, which will ensure a uniform level of competence in different countries. Of particular importance is the development of international security standards for new technologies, including artificial intelligence systems and the Internet of Things. The formation of a global cyber threat monitoring system is becoming one of the key areas of international cooperation in the field of information security.⁴⁰ Such a system involves creating a network of national and regional monitoring centres united by a single information platform. An important component is the development of common methodologies for risk assessment and forecasting of cyber threats at the international level. The creation of an early warning system for cyber threats will help to improve the effectiveness of countering international cybercrime. Another necessary element is the development of mechanisms for the rapid exchange of data on identified threats and vulnerabilities.

A comprehensive approach to implementing these areas is particularly important for the Kyrgyz Republic in the context of developing international cooperation in information security. Integration into international systems for the exchange of information on cyber threats, and participation in joint educational programmes and research projects creates the basis for strengthening the national information security system. Active cooperation with international partners in the field of standardisation and certification helps improve the security of information systems and develop the professional competencies of specialists. An important factor in the successful development of international cooperation is the balance between national interests in the field of information security and the requirements of international standards and interaction protocols. Implementation of the outlined areas of cooperation can efficiently integrate Kyrgyz Republic into the global information security system and successfully counteract modern cyber threats.

Thus, promising areas for the development of international cooperation in the field of information security form a comprehensive programme of action aimed at strengthening both national and regional security. Effective implementation of these areas requires coordination of efforts by all stakeholders at the national and international levels. Of particular importance is the development of mechanisms for multilateral cooperation and the establishment of sustainable partnerships in the field of information security.⁴¹ The achievement of the set goals in the field of international cooperation will help to increase the level of security in the information space and develop the capacity to counter modern cyber threats. Promising areas for developing international cooperation in information security closely relate to the internal transformation processes in the Kyrgyz Republic. Analysis of the dynamics for 2018–2023 shows that changes in approaches to international cooperation correlate with the stages of the national digital transformation. In particular, the increased emphasis on international cooperation in 2021–2023 coincides with a period of active modernisation of the national digital infrastructure and public administration reform.

There is a tendency to strengthen the role of international cooperation in times of internal institutional change. For instance, increased participation in international cybersecurity initiatives accompanied the adoption of new regulations in the field of information security in 2022. The digitalisation of public services in 2021–2022 also played a significant role in expanding international cooperation in the protection of critical information infrastructure. The development of the national education and training system particularly highlights the dynamics of changes in approaches to international cooperation. The active development of international partnerships with leading educational centres coincides with the introduction of new educational programs in the field of information security. There is a direct correlation between the development of national educational programs and the intensity of international cooperation in the educational sphere. An important trend is the strengthening of the regional component in international cooperation, which reflects the general direction of the Kyrgyz Republic’s foreign policy. The analysis demonstrated that the development of regional mechanisms for cooperation in the field of information security is occurring in parallel with the strengthening of regional economic and political ties. The result is evidence of the complex nature of regional integration processes and their impact on the information security sphere. In the context of technological transformation, there is a trend towards diversification of international cooperation formats. While traditional forms of interaction used to prevail, new formats of cooperation were developed, including the creation of joint cyber threat response centres and information exchange platforms. This transformation reflects both the country’s domestic needs for the development of information security systems and global trends in this area.

Building on the identified challenges and priorities, this study proposes the contextualised information security cooperation model, designed specifically for developing countries such as the Kyrgyz Republic. The model integrates technological, institutional, and human factors into a unified framework to strengthen national and regional cybersecurity capacities. The regulatory framework is the central element of the model that provides legitimacy and structure to all other components, covering laws, policies, and standards harmonised with international requirements. Technological infrastructure encompasses hardware, software, and monitoring systems that form the backbone of cybersecurity, including national Computer Emergency Response Teams, incident monitoring platforms, and secure data exchange channels. Human resources refer to the trained professionals capable of developing, implementing, and managing information security measures, supported by education, certification, and capacity-building initiatives. Digital literacy reflects the awareness and everyday skills among the general population that reduce vulnerability to social engineering, phishing, and misinformation. International cooperation highlights cross-border collaboration in threat intelligence sharing, standardisation, joint incident response, and cooperative research, strengthening all other components through access to best practices and pooled expertise.

Figure 2 visualises the interconnections among these constructs, showing the central role of the regulatory framework and the reinforcing function of international cooperation. The regulatory framework enables and aligns both technological infrastructure and international cooperation. Human resources are essential for maintaining and improving both the infrastructure and the regulatory framework. Digital literacy reinforces institutional resilience, reducing the risk of human-factor vulnerabilities. International cooperation acts as a multiplier, enhancing the effectiveness of the other four components by providing resources, knowledge, and legitimacy. The model’s applicability is supported by parallels with existing initiatives. For instance, the regulatory-technological nexus reflects priorities of the Resolution of the Government of the Republic of Kazakhstan No. 407 “On Approval of the Concept of Cybersecurity” (“Cyber Shield of Kazakhstan”) programme, while the emphasis on human resources and digital literacy corresponds with Decree of the President of the Republic of Uzbekistan No. UP-6079 “On Approval of the Strategy Digital Uzbekistan-2030 and Measures for its Effective Implementation” strategy.^17,18 Similarly, Kyrgyzstan’s own e-justice reforms highlight the centrality of institutional and legal frameworks. These examples confirm that the model’s components are consistent with documented regional practices.

Discussion

The results of the study demonstrate a significant transformation of the nature of international information security under the influence of technological changes. The data obtained on trends in the development of information threats are consistent with the findings of Humayun et al., who also note the growing role of technological factors in the formation of new types of cyber threats.⁴ A striking example of this transformation is the impact of the COVID-19 pandemic, which accelerated digitalization globally, particularly in healthcare. As organizations rapidly adopted telemedicine, cloud computing, and IoT-enabled devices, critical cybersecurity vulnerabilities were exposed, especially in developing countries. This aligns with the findings of Garcia-Perez et al.,⁴² who emphasize that healthcare systems became prime targets for ransomware, phishing, and supply chain attacks due to unsecured networks and underprepared staff. The pandemic highlighted the importance of resilience-centric cybersecurity, which prioritizes adaptive capacity, uncertainty management, and systemic interdependence over purely technical solutions. These observations resonate with the present study’s findings on the Kyrgyz Republic, where institutional factors and international cooperation play a more significant role than technological infrastructure alone.

The identified features of the development of the information security system in the Kyrgyz Republic confirm the observations of Maralbaeva about the need for an integrated approach to information security in developing countries.² However, in contrast to the conclusions of Li and Liu, the present study shows a more significant role of institutional factors in the development of national information security systems.³ The analysis of the dynamics of the development of the elements of the information security system of the Kyrgyz Republic revealed higher growth rates of international cooperation indicators compared to the development of technological infrastructure, which partially contradicts the results of the study by Gunduz and Das, prioritising the technological factors.⁵ This discrepancy can be explained by the unique challenges faced by developing countries, as highlighted by Takavarasha Jr et al.⁴³ Limited budgets often force trade-offs between digital adoption and security investments, while reliance on international cooperation and localized adaptations of global standards becomes essential. The pandemic further revealed that the human factor continues to be the most vulnerable aspect of cybersecurity. This is consistent with the present study’s emphasis on the complex relationship between digital literacy and the effectiveness of information security systems in the Kyrgyz Republic, as well as the need for context-specific strategies, such as regional partnerships and low-cost, high-impact measures like staff training.

The study also situates its findings within the wider global governance arena. The Budapest Convention on Cybercrime, as the first international treaty seeking to address internet and computer crime by harmonizing national laws and improving investigative techniques, provides a key reference point for aligning Kyrgyzstan’s regulatory framework with international legal standards.⁴⁴ Similarly, the UN Open-ended Working Group processes, which involve all UN member states in discussions on responsible state behaviour in cyberspace, confidence-building measures, and capacity-building, highlight the multilateral nature of cybersecurity governance.⁴⁵ These frameworks demonstrate that effective information security depends not only on national and regional measures but also on active engagement in multilateral processes that establish norms, promote trust, and create mechanisms for cooperation. Participation in such initiatives is especially critical for developing countries like the Kyrgyz Republic, as it allows them to strengthen their institutional capacity, benefit from knowledge exchange, and ensure that their national approaches remain consistent with evolving international norms.

Other multilateral initiatives, including the activities of the OSCE, the Shanghai Cooperation Organization, and ITU-led programmes, further broaden the cooperative landscape.⁹ These initiatives reflect the diversity of approaches to cybersecurity governance, ranging from legally binding instruments like the Budapest Convention to political dialogues and capacity-building platforms such as the OEWG. The study underscores that engagement in this broader ecosystem of governance is indispensable for countries with limited resources, as it provides both normative guidance and practical support for developing effective national information security systems. The results of the study of promising areas of international cooperation are in line with the conclusions of Alqahtani on the importance of developing an organisational culture of information security.⁴⁶ At the same time, the study complements the conclusions by emphasising the need to develop regional cooperation mechanisms.

The data obtained on the role of the human factor in ensuring information security confirm the results of the study by Kovačević et al., but the analysis revealed a more complex relationship between the level of digital literacy and the effectiveness of information security systems.⁴⁷ In contrast to the research of. Yee and Zolkipli, which emphasises the primary role of technical infrastructure in the triad of confidentiality, integrity and availability of information, the results show that the effectiveness of the information security system depends more on the quality of international cooperation than on the level of technical infrastructure development.⁴⁸ This is especially important for developing countries, where limited resources require optimising investments in the development of information security systems. A significant result of the study is the identification of the critical role of international standards in the development of national information security systems, which complements the findings of Wu et al. on the interdependence of information security risks on a global scale.⁶

The obtained results open prospects for further research in the field of the development of regional mechanisms for ensuring information security and adapting international standards to the specifics of developing countries. Of particular interest is the study of the impact of cultural and socio-economic factors on the effectiveness of information security systems. Additional analysis shows that the results on the need to develop digital literacy of the population as a key factor in information security were confirmed by Ismailova et al. in a study on the level of awareness of cyber risks among students in Central Asia.¹ However, this study extends these findings by demonstrating the need for a comprehensive approach to improving digital literacy among all segments of the population. The results of the analysis of institutional mechanisms for ensuring information security complement the research of Kessler et al. on the role of organisational climate in ensuring information security.⁴⁹ At the same time, the study revealed a more complex relationship between institutional factors and the effectiveness of information security systems in the context of developing countries. An interesting aspect is the discrepancy between the results obtained and the conclusions of Prislan et al. regarding the priority of technical protection measures.⁵⁰ The analysis demonstrated that for developing countries, the development of international cooperation and exchange of experience is a more critical factor than the implementation of complex technical solutions. This is especially relevant in the context of limited resources and the need to efficiently allocate investments in information security.

The data obtained on the dynamics of the development of components of the information security system in the Kyrgyz Republic create a basis for further research in the field of assessing the effectiveness of national cybersecurity systems. Of particular interest is the study of factors affecting the speed of adaptation of international standards and best practices in different national contexts. In addition, the results of the study on the development of digital literacy in the Kyrgyz Republic complement the findings of Zaini et al. on organisational flexibility in the implementation of information security.⁵¹ At the same time, the analysis revealed a more complex relationship between national digital literacy programmes and the development of organisational security culture. The significant contribution of this study is the identification of models of regional cooperation in the field of information security, which adds new aspects to the conclusions of Tojimamatovich on the conceptual framework of information security.⁵² The analysis demonstrated that regional partnerships often act as a catalyst for the development of national information security capabilities, especially in conditions of limited resources. The results of the study also emphasise the importance of public-private partnerships in the development of information security systems, which confirms Pereira et al.’s findings on the challenges of network security in the context of Industry 4.0.7 At the same time, the data obtained indicate that in developing countries, the effectiveness of such partnerships largely depends on the maturity of the national regulatory framework and institutional mechanisms.

An aspect of the results obtained is the role of adapting international standards in national information security systems. While Alkhudhayr et al. addressed the technical aspects of security implementation, the present study showed that successful adaptation of international standards requires significant consideration of local socio-economic and cultural factors.⁵³ The results of the study on the dynamics of international cooperation in the field of information security partially contradict the conclusions of Lundgren and Möller on the universality of approaches to information security.⁵⁴ The analysis shows that regional specificity plays a more significant role in the formation of effective security mechanisms than previously assumed. The study also broadened the definition of the role of capacity building in the development of information security. While Humayun et al. assessed technical vulnerabilities, the findings highlight the critical importance of human capital and institutional capacity development in building effective security systems.⁴ The analysis of the Kyrgyz Republic’s experience in developing information security systems provides valuable lessons for other developing countries, especially regarding the balance between international integration and national security interests.

Thus, the discussion of the research results identified several key aspects of the development of international information security in the context of technological transformation. First, the importance of institutional factors in the development of national information security systems is confirmed, which complements the conclusions of Choucri et al. on the role of international institutions in the formation of effective cybersecurity mechanisms.⁵⁵ Secondly, the study revealed the special role of regional cooperation in the formation of effective information security mechanisms, which is consistent with the research of Manulis et al. on the importance of creating distributed security systems in modern conditions.⁵⁶ Third, the study demonstrates the need for an integrated approach to developing the population’s digital literacy as an important component of the national information security system. The quality of international cooperation and the effectiveness of national information security systems deserve special attention, especially in the context of optimising the resources of developing countries. This confirms the findings of Zaini et al. on the critical importance of organisational flexibility in implementing information security programmes.⁵¹ Another significant result of the discussion is an understanding of the role of socio-economic and cultural factors in the process of adapting international information security standards to national conditions.

Analysis of the impact of digital transformation on information security has revealed several non-obvious patterns. Gebremeskel et al. highlighted a direct correlation between the speed of digitalisation and the growth of vulnerabilities in information systems.⁵⁷ However, present data show a more complex picture in developing countries, where this relationship is often levelled out by a more cautious approach to the introduction of new technologies. Notably, the divergence of our findings from the predictions of Ghelani regarding the development of cyber threats.⁵⁸ If Ghelani focuses on technological aspects, the results of the present study highlight the dominant role of humans and organisational culture in shaping a secure digital environment. In the context of the development of IoT technologies, the results of Husain and Haroon.⁵⁹ Their approach to protecting IoT devices is effective for developed countries, but our study demonstrates its limited applicability in the Kyrgyz Republic, where basic digital literacy is of paramount importance. Yee and Zolkipli proposed a theoretical model of information security that proved to be too abstract to be applied in developing countries.⁴⁸ Our data show the need to significantly adapt classical security models to local conditions.

A methodology for managing information security programs that emphasizes the value of thorough risk assessments and flexible tactics was put out by Lanz and Sussman.⁶⁰ However, their suggestions are based on a high degree of resource availability and institutional maturity, which may not be possible for emerging nations like the Kyrgyz Republic. In contrast to the extensive deployment of complex security frameworks, the current study proposes an alternate strategy that places an emphasis on resource optimization and small-scale enhancements. Our research shows that a more practical approach is necessary for situations with limited resources, even if Lanz and Sussman emphasize a high-resources approach. In order to optimize authentication techniques, Loo et al. presented a hybrid model that combines the Analytic Hierarchy Process with Evolutionary Game Theory.⁶¹ Their approach, while technically demanding, caters to settings with sophisticated digital infrastructure. On the other hand, the Kyrgyz Republic continues to struggle with infrastructural development and digital literacy. As a result, the current study contends that a gradual implementation of more straightforward security measures, such awareness campaigns and simple password regulations, works better than the intricate, multi-criteria decision-making models suggested by Loo et al. The study’s conclusions highlight the need for more straightforward and flexible solutions in the Kyrgyz setting.

In their study of cybersecurity risks in the space sector, Manulis et al. emphasized the value of global collaboration in reducing cross-border threats.⁵⁶ According to their research, cooperation is essential, especially in highly specialized domains like satellite security. Although they concentrated on space technology, their findings regarding the necessity of global collaboration are consistent with the current study’s focus on Central Asian regional cooperation. The current study makes clear, however, that cultural and institutional closeness are just as important to the success of such collaboration as technical congruence. These elements have a big impact on trust and knowledge exchange, which makes regional collaboration more successful when there are shared institutional frameworks and cultural linkages. Nguyen and Reddi addressed technological solutions in the field of cybersecurity, but present research shows that in developing countries, it is not so much the technological sophistication of solutions that is critical, but their relevance to the real needs and capabilities of local experts.⁶²

According to this study, the degree of international cooperation and the ability to modify international standards to suit local circumstances are directly related to the efficacy of the Kyrgyz Republic’s national information security systems. The examination of the information security system’s dynamics reveals significant advancements in international collaboration, legal frameworks, and technology infrastructure. But there is still a big gap in digital literacy, which calls for focused educational efforts. Harmonized regulatory frameworks, cooperative educational initiatives, and the development of information sharing platforms are promising avenues for international cooperation. Improving national security capacities in Central Asia is largely dependent on regional collaboration. The study also highlights how crucial it is to strike a balance between institutional and human capacity development and technical improvements. This comprehensive strategy, which incorporates institutional, technological, and human variables, is necessary to guarantee that security measures are durable and effective. The study emphasizes how important it is for developing nations to have a holistic approach to information security. In order to guarantee that information security systems are robust, inclusive, and sensitive to changing threats, future research should improve regional collaboration mechanisms and modify international standards to local settings.

Conclusions

The study of current trends and peculiarities of the development of international information security in the era of technological transformation on the example of the Kyrgyz Republic formulated the following conclusions. The study reveals a significant transformation of approaches to information security under the influence of technological changes. The study established that the effectiveness of national information security systems in modern conditions largely depends on the level of international cooperation and the ability to adapt international standards to national conditions. The analysis of the dynamics of the development of the information security system of the Kyrgyz Republic for the period 2020–2025 showed a steady increase in all key components: technological infrastructure (from 55% to 78%), regulatory framework (from 52% to 79%), human resources (from 48% to 72%), international cooperation (from 59% to 82%) and digital literacy of the population (from 45% to 70%). At the same time, the components related to the regulatory framework and technological infrastructure demonstrate the highest growth rates.

The key factors affecting the effectiveness of the information security system in the context of technological transformation, including the level of development of international cooperation, the quality of the regulatory framework, the state of technological infrastructure and the level of digital literacy of the population, are identified. A direct correlation between the intensity of international cooperation and the pace of development of the national information security system was established. The study identified promising areas for the development of international cooperation in the field of information security, including the creation of systems for exchanging information on cyber threats, the development of joint educational programmes, the harmonisation of the regulatory framework and the formation of mechanisms for joint response to information security incidents. Of particular importance is the development of regional cooperation and the creation of multilateral interaction platforms.

The study identified the main constraints in the development of the information security system of the Kyrgyz Republic, including the relatively low level of digital literacy of the population (70%), which is the lowest among all components of the system, limited resources for the development of technological infrastructure and the need to further improve the regulatory framework. These constraints require the development of comprehensive measures to overcome them, considering international experience and national specifics. The results of the study provided a basis for further research into the mechanisms of information security in the context of technological transformation and the development of international cooperation in this area. Of particular interest is the study of the impact of cultural and socio-economic factors on the effectiveness of information security systems in different national contexts.

Several limitations must be considered when interpreting this study’s conclusions. Firstly, its focus on the Kyrgyz Republic restricts its applicability to other regions. The socio-economic, political, and cultural context of the country may influence information security systems, limiting generalization to countries with different digital infrastructure or institutional structures. The study heavily relies on secondary data, including statistical reports, regulatory documents, and scholarly literature, which may introduce biases due to data inconsistencies, gaps, or varying classification of cyber events. Additionally, quantitative indicators such as technological infrastructure and digital literacy may not fully capture qualitative aspects, such as the execution of policies or the real efficacy of security measures. Discrepancies in measurement and reporting across national and international sources may also affect the accuracy of progress assessments. Furthermore, contextual factors, such as public trust in digital systems and institutional maturity, may differ significantly between the Kyrgyz Republic and more technologically advanced countries, thus influencing the study’s applicability to other settings. To enhance the robustness of future research, it is crucial to conduct studies that compare countries with varying levels of digital development. This could involve employing primary data collection methods, such as surveys and expert interviews, to gain deeper insights into the challenges and opportunities related to information security, allowing for more accurate generalizations beyond the Kyrgyz context.

The study demonstrates that its findings and recommendations can be partially generalized to other developing countries facing similar challenges in the field of information security, as universal issues such as the need to adapt international standards, develop international cooperation, improving the digital literacy of the population, and modernizing the regulatory framework are characteristic of many countries with similar levels of digitalization and resource constraints. In particular, countries with similar conditions may find the experience of the Kyrgyz Republic useful in developing systems for sharing information about cyber threats, harmonizing legislation with international requirements, and creating joint educational programs. However, the specifics of the Kyrgyz context, including regional features of cooperation in Central Asia, national socio-economic conditions, the level of digital literacy of the population, and the availability of technological resources, impose limitations on the direct application of the results obtained, requiring their adaptation to local cultural, institutional, and political characteristics, which emphasizes the need for a comprehensive approach that combines international experience with local needs and opportunities.

References

1. Ismailova R, Muhametjanova G, Medeni TD, Medeni IT, Soylu D, Dossymbekuly OA. Cybercrime Risk Awareness Rate Among Students in Central Asia: A Comparative Study in Kyrgyzstan and Kazakhstan. Inf Secur J Glob Perspect. 2019;28(4–5):127–135. Available from: https://doi.org/10.1080/19393555.2019.1685142
2. Maralbaeva A. E-justice and Cyber Security: Balancing between Openness of the Courts and Data Protection in Kyrgyzstan. In: Camêlo M-SB, Elmuradov A, editors. Shifting Security and Power Constellations in Central Asia and the Caucasus. Baden-Baden: Nomos Verlagsgesellschaft mbH & Co. KG; 2024, p. 123–150. Available from: http://doi.org/10.5771/9783748918271-123
3. Li Y, Liu Q. A Comprehensive Review Study of Cyber-Attacks and Cyber Security; Emerging Trends and Recent Developments. Energy Rep. 2021;7:8176–8186. Available from: https://doi.org/10.1016/j.egyr.2021.08.126
4. Humayun M, Niazi M, Jhanjhi NZ, Alshayeb M, Mahmood S. Cyber Security Threats and Vulnerabilities: A Systematic Mapping Study. Arab J Sci Eng. 2020;45:3171–3189. Available from: https://doi.org/10.1007/s13369-019-04319-2
5. Gunduz MZ, Das R. Cyber-Security on Smart Grid: Threats and Potential Solutions. Comput Netw. 2020;169:107094. Available from: https://doi.org/10.1016/j.comnet.2019.107094
6. Wu Y, Wang L, Cheng D, Dai T. Information Security Decisions of Firms Considering Security Risk Interdependency. Expert Syst Appl. 2021;178:114990. Available from: https://doi.org/10.1016/j.eswa.2021.114990
7. Pereira T, Barreto L, Amaral A. Network and Information Security Challenges Within Industry 4.0 Paradigm. Procedia Manuf. 2017;13:1253–1260. Available from: https://doi.org/10.1016/j.promfg.2017.09.047
8. Rao UP, Shukla PK, Trivedi C, Gupta S, Shibeshi ZS. Blockchain for Information Security and Privacy. New York: Auerbach Publications; 2021. Available from: https://doi.org/10.1201/9781003129486
9. National Institute of Standards and Technology. The NIST Cybersecurity Framework (CSF) 2.0. NIST Cybersecurity White Paper (CSWP) NIST CSWP 29. 2024. Available from: https://doi.org/10.6028/nist.cswp.29
10. Whitman ME, Mattord HJ. Management of Information Security. Singapore: Cengage Learning; 2019. Available from: https://thuvienso.hoasen.edu.vn/handle/123456789/9285
11. Safitra MF, Lubis M, Fakhrurroja H. Counterattacking Cyber Threats: A Framework for the Future of Cybersecurity. Sustain. 2023;15(18):13369. Available from: https://doi.org/10.3390/su151813369
12. Nieles M, Dempsey K, Pillitteri VY. An Introduction to Information Security. NIST Special Publication 800–12. 2017. Available from: https://doi.org/10.6028/NIST.SP.800-12r1
13. Law of the Kyrgyz Republic No. 107 “On Informatization”. 1999. Available from: https://cbd.minjust.gov.kg/270/edition/818061/ru
14. Concept of Information Policy of the Kyrgyz Republic for the Period from 2021 to 2025. 2021. Available from: https://media.kg/wp-content/uploads/2021/07/konczepcziya-informaczionnoj-politiki-kr-na-period-s-2021-do-2025-goda.pdf
15. National Development Program of the Kyrgyz Republic until 2030. 2025. Available from: https://www.gov.kg/files/news/froala/dd08061311362a4faa610d681b49a92ae4f73a55.pdf
16. Resolution of the Cabinet of Ministers of the Kyrgyz Republic No. 352 “On Approval of the Action Plan of the Cabinet of Ministers of the Kyrgyz Republic for the Implementation of the National Development Program of the Kyrgyz Republic until 2026”. 2021. Available from: https://cbd.minjust.gov.kg/158852/edition/1184856/ru
17. Resolution of the Government of the Republic of Kazakhstan No. 407 “On Approval of the Concept of Cybersecurity” (“Cyber Shield of Kazakhstan”). 2017. Available from: https://adilet.zan.kz/rus/docs/P1700000407
18. Decree of the President of the Republic of Uzbekistan No. UP-6079 “On Approval of the Strategy “Digital Uzbekistan-2030” and Measures for its Effective Implementation”. 2020. Available from: https://lex.uz/docs/5031048
19. Ketners K. Adaptation of State Security to Modern Military Operations and Terrorist Risks in the World. Space Cult Ind. 2025;13(1):1–5. Available from: https://doi.org/10.20896/e3p2jm77
20. Yesimov S, Borovikova V. Methodological foundations of information security research. Soc Leg Stud. 2023;6(1):49–55. Available from: https://doi.org/10.32518/sals1.2023.49
21. Serediuk V. Possibilities of using artificial intelligence and natural language processing to analyse legal norms and interpret them. Soc Leg Stud. 2024;7(2):191–200. Available from: https://doi.org/10.32518/sals2.2024.191
22. Prymostka L, Kysil T. Intelligent information systems of the banking sector: General characteristics and information environment. Sci Bull Mukachevo State Univ Ser Econ. 2023;10(4):43–53. Available from: https://doi.org/10.52566/msu-econ4.2023.43
23. Moskalenko V, Nataliia F, Grinchenko M. The method of forming a dynamic projects portfolio of IT companies. Ceur Workshop Proceed. 2020;2565:152–161.
24. Aidargaliyeva N, Seisekenova M, Kydyrbayeva E. Optimising online sales for small and medium-sized businesses: Integrating e-commerce and digital marketing. Econ Develop. 2025;24(2):77–86. Available from: https://doi.org/10.63341/econ/2.2025.77
25. Gozhyj A, Kalinina I, Gozhyj V, Vysotska V. Web service interaction modeling with colored petri nets. In: Proceedings of the 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2019. Metz: IEEE; 2019; p. 319–323. Available from: https://doi.org/10.1109/IDAACS.2019.8924400
26. Abdullayev K, Aliyeva A, Ibrahimova K, Badalova S, Hajizada S. Current trends in digital transformation and their impact on the national economy. Sci Bull Mukachevo State Univ Ser Econ. 2024;11(1):9–18. Available from: https://doi.org/10.52566/msu-econ1.2024.09
27. Issayeva A, Niyazbekova S, Semenov A, Kerimkhulle S, Sayimova M. Digital technologies and the integration of a green economy: legal peculiarities and electronic transactions. Reliab Theory Applicat. 2024;19(6):1088–1096. Available from: https://doi.org/10.24412/1932-2321-2024-681-1088-1096
28. Babak VP, Scherbak LM, Kuts YV, Zaporozhets AO. Information and measurement technologies for solving problems of energy informatics. CEUR Workshop Proceed. 2021;3039:24–31.
29. International Telecommunication Union Development Sector. Global cybersecurity index; 2020. Available from: https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2021-PDF-E.pdf
30. European Uniopn Agency for Cybersecurity. ENISA CSIRT maturity framework; 2022. Available from: https://www.enisa.europa.eu/sites/default/files/publications/WP%202021%20O.4.1%20ENISA%20CSIRT%20maturity%20metholodogy%20improvement.pdf
31. FIRST. FIRST Members around the world; 2025. Available from: https://www.first.org/members/map
32. World Bank Groupe. Global cybersecurity capacity program; 2019. Available from: https://documents1.worldbank.org/curated/en/947551561459590661/pdf/Global-Cybersecurity-Capacity-Program-Lessons-Learned-and-Recommendations-towards-Strengthening-the-Program.pdf
33. European Commission. International cyber capacity building: Global trends and scenarios; 2021. Available from: https://www.iss.europa.eu/sites/default/files/EUISSFiles/CCB%20Report%20Final.pdf
34. Usmonov M. Basic Concepts of Information Security. INDEXING. 2024;1(1):81–85. Available from: https://academicsbook.com/index.php/indexing/article/view/148
35. Atamanyuk IP, Kondratenko YP. Computer’s analysis method and reliability assessment of fault-tolerance operation of information systems. Ceur Workshop Proceed. 2015;1356:507–522.
36. Apakhayev N, Madiyarova AS, Aigarinova G, Ryskaliyev DU, Buribayev YA, Khamzina ZA. Current trends of legal regulation of relationships in the social protection sphere. Man Ind. 2017;97(11):221–231.
37. Imamguluyev R, Umarova N. Application of Fuzzy Logic Apparatus to Solve the Problem of Spatial Selection in Architectural-Design Projects. Lect Not Networks Syst. 2022;307:842–848. Available from: https://doi.org/10.1007/978-3-030-85626-7_98
38. Destek MA, Usman M, Saqib N. Do political cooperations and regulations manage Africa’s sustainable mineral policy? Resour Policy. 2025;102:105494. Available from: https://doi.org/10.1016/j.resourpol.2025.105494
39. Orazbayev B, Kozhakhmetova D, Orazbayeva K, Utenova B. Approach to modeling and control of operational modes for chemical and engineering system based on various information. Appl Math Inf Sci. 2020;14(4):547–556. Available from: https://doi.org/10.18576/AMIS/140403
40. Shveda N, Garmatiuk O, Kuzhda T, Mashliy H, Yuryk N. Digital transformation as an imperative for innovative development of business processes under martial law (Ukrainian experience). Econ Develop. 2024;23(2):69–79. Available from: https://doi.org/10.57111/econ/2.2024.69
41. Moskalenko V, Fonta N, Nikulina O, Grinchenko M, Ershova S. Information technology of determination the company’s financial condition for the financial planning subsystem of the epm system. Radioelect Comp Syst. 2022;2022(2):83–96. Available from: https://doi.org/10.32620/reks.2022.2.07
42. Garcia-Perez A, Cegarra-Navarro JG, Sallos MP, Martinez-Caro E, Chinnaswamy A. Resilience in Healthcare Systems: Cyber Security and Digital Transformation. Technovation. 2023;121:102583. Available from: https://doi.org/10.1016/j.technovation.2022.102583
43. Takavarasha Jr S, Van Heerden R, Thakur SC, Jordaan A. Cyber-Security in the Era of the COVID-19 Pandemic: A Developing Countries’ Perspective. Intern J Indus Eng Oper Man. 2023;5(2):77–85. Available from: https://doi.org/10.1108/IJIEOM-02-2023-0026
44. Council of Europe. Convention on Cybercrime (ETS No. 185); 2001. Available from: https://rm.coe.int/1680081561
45. European Union. EU Statement – United Nations open-ended working group on ICT: Rules, norms and principals; 2021. Available from: https://www.eeas.europa.eu/delegations/un-new-york/eu-statement-%E2%80%93-united-nations-open-ended-working-group-ict-rules-norms-and-principals_en
46. Alqahtani FH. Developing an Information Security Policy: A Case Study Approach. Procedia Comput Sci. 2017;124:691–697. Available from: https://doi.org/10.1016/j.procs.2017.12.206
47. Kovačević A, Putnik N, Tošković O. Factors Related to cyber Security Behavior. IEEE Access. 2020;8:125140–125148. Available from: https://doi.org/10.1109/ACCESS.2020.3007867
48. Yee CK, Zolkipli MF. Review on Confidentiality, Integrity and Availability in Information Security. J ICT Educ. 2021;8(2):34–42. Available from: https://doi.org/10.37134/jictie.vol8.2.4.2021
49. Kessler SR, Pindek S, Kleinman G, Andel SA, Spector PE. Information Security Climate and the Assessment of Information Security Risk Among Healthcare Employees. Health Inform J. 2020;26(1):461–473. Available from: https://doi.org/10.1177/1460458219832048
50. Prislan K, Mihelič A, Bernik I. A Real-World Information Security Performance Assessment Using a multidimensional Socio-Technical Approach. PloS ONE. 2020;15(9):e0238739. Available from: https://doi.org/10.1371/journal.pone.0238739
51. Zaini MK, Masrek MN, Sani MKJA. The Impact of Information Security Management Practices on Organisational Agility. Inform Comput Sec 2020;28(5):681–700. Available from: https://doi.org/10.1108/ICS-02-2020-0020
52. Tojimamatovich JV. Concept and Essence of Information Security. Web Synerg Int Interdiscip Res J. 2023;2(4):643–647. Available from: https://journal.univerpublishing.org/index.php/synergy/article/view/1153
53. Alkhudhayr F, Alfarraj S, Aljameeli B, Elkhdiri S. Information Security: A Review of Information Security Issues and Techniques. In: 2019 2nd international conference on computer applications & information security. Riyadh: Institute of Electrical and Electronics Engineers; 2019, p. 1–6. Available from: https://doi.org/10.1109/CAIS.2019.8769504
54. Lundgren B, Möller N. Defining Information Security. Sci Eng Ethics. 2019;25:419–441. Available from: https://doi.org/10.1007/s11948-017-9992-1
55. Choucri N, Madnick S, Ferwerda J. Institutions for Cyber Security: International Responses and Global Imperatives. Inf Technol Dev. 2014;20(2):96–121. Available from: https://doi.org/10.1080/02681102.2013.836699
56. Manulis M, Bridges CP, Harrison R, Sekar V, Davis A. Cyber Security in New Space: Analysis of Threats, Key Enabling Technologies and Challenges. Int J Inf Secur. 2021;20:287–311. Available from: https://doi.org/10.1007/s10207-020-00503-w
57. Gebremeskel BK, Jonathan GM, Yalew SD. Information Security Challenges During Digital Transformation. Procedia Comput Sci. 2023;219:44–51. Available from: https://doi.org/10.1016/j.procs.2023.01.262
58. Ghelani D. Cyber Security, Cyber Threats, Implications and Future Perspectives: A Review. Am J Sci Eng Technol 2022;3(6):12–19. Available from: https://doi.org/10.22541/au.166385207.73483369/v1
59. Husain MS, Haroon M. An Enriched Information Security Framework from Various Attacks in the IoT. Int J Innov Res Comput Sci Technol. 2020;8(3):271–277. Available from: http://doi.org/10.21276/ijircst.2020.8.4.3
60. Lanz J, Sussman BI. Information Security Program Management in A COVID-19 World. 2020. Available from: https://www.cpajournal.com/2020/08/18/icymi-information-security-program-management-in-a-covid-19-world/
61. Loo BW, Tan PL, Tey SK, Chin WY. Authentication Methods Selection in Information Security through Hybrid AHP and EGT. J Adv Res Appl Sci Eng Technol. 2024;50(2):171–185. Available from: https://doi.org/10.37934/araset.50.2.171185
62. Nguyen TT, Reddi VJ. Deep Reinforcement Learning for Cyber Security. IEEE Trans Neural Netw Learn Syst. 2021;34(8):3779–3795. Available from: https://doi.org/10.1109/TNNLS.2021.3121870
63. Admass WS, Munaye YY, Diro AA. Cyber Security: State of the Art, Challenges and Future Directions. Cyber Sec Appl. 2024;2:100031. Available from: https://doi.org/10.1016/j.csa.2023.100031