Why did they accept the IB RF doctrine? On approval of the information security doctrine of the Russian Federation

DOCTRINE

information security Russian Federation

I. General provisions

1. This Doctrine represents a system of official views on ensuring the national security of the Russian Federation in the information sphere.
In this Doctrine, the information sphere is understood as the totality of information, objects of informatization, information systems, sites on the information and telecommunications network "Internet" (hereinafter referred to as the "Internet"), communication networks, information technologies, subjects whose activities are related to the formation and processing of information, the development and use of these technologies, ensuring information security, as well as a set of mechanisms for regulating relevant social relations.

2. This Doctrine uses the following basic concepts:
a) national interests of the Russian Federation in the information sphere (hereinafter referred to as national interests in the information sphere) - objectively significant needs of the individual, society and the state to ensure their security and sustainable development as it relates to the information sphere;
b) a threat to the information security of the Russian Federation (hereinafter referred to as an information threat) - a set of actions and factors that create a danger of damage to national interests in the information sphere;
c) information security of the Russian Federation (hereinafter referred to as information security) - the state of protection of the individual, society and the state from internal and external information threats, which ensures the implementation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, defense and security of the state;
d) ensuring information security - implementation of interconnected legal, organizational, operational-search, intelligence, counterintelligence, scientific-technical, information-analytical, personnel, economic and other measures to forecast, detect, contain, prevent, repel information threats and eliminate the consequences of them manifestations;
e) forces for ensuring information security - state bodies, as well as divisions and officials of state bodies, local governments and organizations authorized to solve problems of ensuring information security in accordance with the legislation of the Russian Federation;
f) information security means - legal, organizational, technical and other means used by information security forces;
g) information security system - a set of information security forces that carry out coordinated and planned activities, and the information security tools they use;
h) information infrastructure of the Russian Federation (hereinafter referred to as information infrastructure) - a set of informatization objects, information systems, Internet sites and communication networks located on the territory of the Russian Federation, as well as in territories under the jurisdiction of the Russian Federation or used on the basis of international treaties of the Russian Federation.

3. This Doctrine, based on an analysis of the main information threats and an assessment of the state of information security, defines the strategic goals and main directions for ensuring information security, taking into account the strategic national priorities of the Russian Federation.

4. The legal basis of this Doctrine is the Constitution of the Russian Federation, generally recognized principles and norms of international law, international treaties of the Russian Federation, federal constitutional laws, federal laws, as well as regulatory legal acts of the President of the Russian Federation and the Government of the Russian Federation.

5. This Doctrine is a strategic planning document in the field of ensuring the national security of the Russian Federation, which develops the provisions of the National Security Strategy of the Russian Federation, approved by Decree of the President of the Russian Federation of December 31, 2015 No. 683, as well as other strategic planning documents in this area.

6. This Doctrine is the basis for the formation of state policy and the development of public relations in the field of information security, as well as for the development of measures to improve the information security system.

II. National interests in the information sphere

7. Information technologies have acquired a global cross-border nature and have become an integral part of all spheres of activity of the individual, society and state. Their effective use is a factor in accelerating the economic development of the state and the formation information society.
The information sphere plays an important role in ensuring the implementation of the strategic national priorities of the Russian Federation.

8. National interests in the information sphere are:
a) ensuring and protecting the constitutional rights and freedoms of man and citizen in terms of obtaining and using information, inviolability privacy when using information technologies, providing information support for democratic institutions, mechanisms of interaction between the state and civil society, as well as the use of information technologies in the interests of preserving the cultural, historical, spiritual and moral values of the multinational people of the Russian Federation;
b) ensuring the stable and uninterrupted functioning of the information infrastructure, primarily the critical information infrastructure of the Russian Federation (hereinafter referred to as the critical information infrastructure) and the unified telecommunications network of the Russian Federation, in peacetime, during the period of immediate threat of aggression and in wartime;
c) development of the information technology and electronics industry in the Russian Federation, as well as improvement of the activities of industrial, scientific and scientific-technical organizations in the development, production and operation of information security means, provision of services in the field of information security;
d) bringing to the Russian and international public reliable information about the state policy of the Russian Federation and its official position on socially significant events in the country and the world, the use of information technologies in order to ensure the national security of the Russian Federation in the field of culture;
e) promoting the formation of an international information security system aimed at countering threats from the use of information technologies to disrupt strategic stability, strengthening equal strategic partnerships in the field of information security, as well as protecting the sovereignty of the Russian Federation in the information space.

9. The implementation of national interests in the information sphere is aimed at creating a safe environment for the circulation of reliable information and an information infrastructure that is resistant to various types of influence in order to ensure the constitutional rights and freedoms of man and citizen, the stable socio-economic development of the country, as well as the national security of the Russian Federation.

III. Main information threats and the state of information security

10. The expansion of the areas of application of information technologies, being a factor in the development of the economy and improving the functioning of public and state institutions, at the same time gives rise to new information threats.
The possibilities of cross-border information circulation are increasingly used to achieve geopolitical, military-political, terrorist, extremist, criminal and other illegal goals, to the detriment of international security and strategic stability.
At the same time, the practice of introducing information technologies without linking it with ensuring information security significantly increases the likelihood of information threats.

11. One of the main negative factors influencing the state of information security is the increase by a number of foreign countries of the capabilities of information and technical influence on the information infrastructure for military purposes.
At the same time, the activities of organizations carrying out technical intelligence in relation to Russian government agencies, scientific organizations and enterprises of the military-industrial complex are intensifying.

12. The scope of the use by special services of individual states of means of providing information and psychological influence aimed at destabilizing the internal political and social situation in various regions of the world and leading to the undermining of sovereignty and violation of the territorial integrity of other states is expanding. Religious, ethnic, human rights and other organizations, as well as individual groups of citizens, are involved in this activity, and the capabilities of information technology are widely used.
There is a trend towards an increase in the volume of materials in foreign media containing a biased assessment of the state policy of the Russian Federation.
Russian media are often subjected to outright discrimination abroad, and obstacles are created for Russian journalists to carry out their professional activities.
The information impact on the population of Russia, primarily on young people, is increasing in order to erode traditional Russian spiritual and moral values.

13. Various terrorist and extremist organizations widely use mechanisms of information influence on individual, group and public consciousness in order to escalate interethnic and social tension, incite ethnic and religious hatred or enmity, promote extremist ideology, as well as attract new supporters to terrorist activities. Such organizations, for illegal purposes, actively create means of destructive influence on critical information infrastructure objects.

14. The scale of computer crime is increasing, primarily in the credit and financial sphere, the number of crimes related to the violation of the constitutional rights and freedoms of man and citizen is increasing, including in terms of privacy, personal and family secrets, when processing personal data using information technology. At the same time, the methods, methods and means of committing such crimes are becoming more and more sophisticated.

15. The state of information security in the field of national defense is characterized by an increase in the use of information technologies by individual states and organizations for military-political purposes, including for carrying out actions contrary to international law, aimed at undermining the sovereignty, political and social stability, and territorial integrity of the Russian Federation and its allies and pose a threat international peace, global and regional security.

16. The state of information security in the field of state and public security is characterized by a constant increase in complexity, increasing scale and increasing coordination of computer attacks on critical information infrastructure facilities, increasing intelligence activities of foreign states in relation to the Russian Federation, as well as increasing threats of using information technologies to cause damage sovereignty, territorial integrity, political and social stability of the Russian Federation.

17. The state of information security in the economic sphere is characterized by an insufficient level of development of competitive information technologies and their use for the production of products and provision of services. The level of dependence of the domestic industry on foreign information technologies remains high in terms of electronic component base, software, computer technology and means of communication, which determines the dependence of the socio-economic development of the Russian Federation on the geopolitical interests of foreign countries.

18. The state of information security in the field of science, technology and education is characterized by insufficient effectiveness of scientific research aimed at creating promising information technologies, a low level of implementation of domestic developments and insufficient staffing in the field of information security, as well as low awareness of citizens in matters of ensuring personal information security . At the same time, measures to ensure the security of information infrastructure, including its integrity, availability and sustainable operation, using domestic information technologies and domestic products often do not have a comprehensive basis.

19. The state of information security in the field of strategic stability and equal strategic partnership is characterized by the desire of individual states to use technological superiority to dominate the information space.
The current distribution between countries of the resources necessary to ensure the secure and sustainable functioning of the Internet does not allow for joint fair management based on the principles of trust.
The lack of international legal norms regulating interstate relations in the information space, as well as mechanisms and procedures for their application that take into account the specifics of information technology, makes it difficult to form an international information security system aimed at achieving strategic stability and equal strategic partnership.

IV. Strategic goals and main directions for ensuring information security

20. The strategic goal of ensuring information security in the field of national defense is to protect the vital interests of the individual, society and state from internal and external threats associated with the use of information technologies for military-political purposes that are contrary to international law, including for the purpose of carrying out hostile actions and acts of aggression aimed at undermining sovereignty, violating the territorial integrity of states and posing a threat to international peace, security and strategic stability.

21. In accordance with the military policy of the Russian Federation, the main directions of ensuring information security in the field of national defense are:
a) strategic containment and prevention of military conflicts that may arise as a result of the use of information technologies;
b) improving the system for ensuring information security of the Armed Forces of the Russian Federation, other troops, military formations and bodies, which includes forces and means of information warfare;
c) forecasting, detection and assessment of information threats, including threats to the Armed Forces of the Russian Federation in the information sphere;
d) assistance in ensuring the protection of the interests of the allies of the Russian Federation in the information sphere;
e) neutralization of information and psychological influence, including those aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland.

22. The strategic goals of ensuring information security in the field of state and public security are the protection of sovereignty, maintaining political and social stability, the territorial integrity of the Russian Federation, ensuring fundamental rights and freedoms of man and citizen, as well as protecting critical information infrastructure.

23. The main directions of ensuring information security in the field of state and public security are:
a) countering the use of information technologies to promote extremist ideology, spread xenophobia, ideas of national exclusivity in order to undermine sovereignty, political and social stability, forcibly change the constitutional system, and violate the territorial integrity of the Russian Federation;
b) suppression of activities harmful to the national security of the Russian Federation, carried out using technical means and information technologies by special services and organizations of foreign states, as well as by individuals;
c) increasing the security of critical information infrastructure and the stability of its functioning, developing mechanisms for detecting and preventing information threats and eliminating the consequences of their manifestation, increasing the protection of citizens and territories from the consequences of emergency situations caused by information and technical impacts on critical information infrastructure objects;
d) increasing the security of the functioning of information infrastructure facilities, including in order to ensure sustainable interaction between government bodies, preventing foreign control over the functioning of such facilities, ensuring the integrity, stability of operation and security of the unified telecommunication network of the Russian Federation, as well as ensuring the security of information transmitted through it and processed in information systems on the territory of the Russian Federation;
e) increasing the operational safety of weapons, military and special equipment and automated control systems;
f) increasing the effectiveness of preventing offenses committed using information technologies and combating such offenses;
g) ensuring the protection of information containing information constituting state secrets and other information limited access and distribution, including by increasing the security of relevant information technologies;
h) improvement of methods and methods of production and safe use of products, provision of services based on information technologies using domestic developments that meet information security requirements;
i) increasing efficiency information support implementation of state policy of the Russian Federation;
j) neutralization of information impact aimed at eroding traditional Russian spiritual and moral values.

24. The strategic goals of ensuring information security in the economic sphere are to reduce to the minimum possible level the influence of negative factors caused by the insufficient level of development of the domestic information technology and electronics industry, the development and production of competitive means of ensuring information security, as well as increasing the volume and quality of service provision in areas of information security.

25. The main directions of ensuring information security in the economic sphere are:
a) innovative development of the information technology and electronics industry, increasing the share of products from this industry in the gross domestic product, in the structure of the country’s exports;
b) eliminating the dependence of domestic industry on foreign information technologies and information security means through the creation, development and widespread implementation of domestic developments, as well as the production of products and the provision of services based on them;
c) increasing the competitiveness of Russian companies operating in the information technology and electronics industry, development, production and operation of information security equipment providing services in the field of information security, including through the creation of favorable conditions for carrying out activities on the territory of the Russian Federation ;
d) development of a domestic competitive electronic component base and technologies for the production of electronic components, meeting the needs of the domestic market for such products and the entry of these products into the world market.

26. The strategic goal of ensuring information security in the field of science, technology and education is to support the innovative and accelerated development of the information security system, the information technology industry and the electronics industry.

27. The main directions of ensuring information security in the field of science, technology and education are:
a) achieving the competitiveness of Russian information technologies and developing scientific and technical potential in the field of information security;
b) creation and implementation of information technologies that are initially resistant to various types of impact;
c) conducting scientific research and carrying out experimental developments in order to create promising information technologies and means of ensuring information security;
d) development of human resources in the field of information security and application of information technologies;
e) ensuring the protection of citizens from information threats, including through the formation of a culture of personal information security.

28. The strategic goal of ensuring information security in the field of strategic stability and equal strategic partnership is the formation of a sustainable system of non-conflict interstate relations in the information space.

29. The main directions of ensuring information security in the field of strategic stability and equal strategic partnership are:
a) protection of the sovereignty of the Russian Federation in the information space through the implementation of an independent and independent policy aimed at realizing national interests in the information sphere;
b) participation in the formation of an international information security system that ensures effective counteraction to the use of information technologies for military-political purposes that are contrary to international law, as well as for terrorist, extremist, criminal and other illegal purposes;
c) creation of international legal mechanisms that take into account the specifics of information technologies in order to prevent and resolve interstate conflicts in the information space;
d) promoting, within the framework of the activities of international organizations, the position of the Russian Federation, which provides for ensuring equal and mutually beneficial cooperation of all interested parties in the information sphere;
e) development of a national management system for the Russian segment of the Internet.

V. Organizational basis for ensuring information security

30. The information security system is part of the national security system of the Russian Federation.
Ensuring information security is carried out on the basis of a combination of legislative, law enforcement, law enforcement, judicial, control and other forms of activity of government bodies in interaction with local governments, organizations and citizens.

31. The information security system is built on the basis of the delimitation of powers of legislative, executive and judicial authorities in this area, taking into account the jurisdiction of federal government bodies, government bodies of constituent entities of the Russian Federation, as well as local governments, determined by the legislation of the Russian Federation in the field of security security.

32. The composition of the information security system is determined by the President of the Russian Federation.

33. The organizational basis of the information security system consists of: the Federation Council of the Federal Assembly of the Russian Federation, the State Duma of the Federal Assembly of the Russian Federation, the Government of the Russian Federation, the Security Council of the Russian Federation, federal executive authorities, the Central Bank of the Russian Federation, the Military-Industrial Commission of the Russian Federation, interdepartmental bodies created by the President of the Russian Federation and the Government of the Russian Federation, executive authorities of the constituent entities of the Russian Federation, local government bodies, judicial authorities taking part in solving problems of ensuring information security in accordance with the legislation of the Russian Federation.
Participants in the information security system are: owners of critical information infrastructure objects and organizations operating such objects, media and mass communications, organizations in the monetary, foreign exchange, banking and other areas of the financial market, telecom operators, information system operators, organizations carrying out activities for the creation and operation of information systems and communication networks, for the development, production and operation of information security means, for the provision of services in the field of information security, organizations carrying out educational activities in this area, public associations, other organizations and citizens who in accordance with the legislation of the Russian Federation, participate in solving problems to ensure information security.

34. The activities of government bodies to ensure information security are based on the following principles:
a) the legality of public relations in the information sphere and the legal equality of all participants in such relations, based on the constitutional right of citizens to freely seek, receive, transmit, produce and disseminate information in any legal way;
b) constructive interaction between government bodies, organizations and citizens when solving problems to ensure information security;
c) maintaining a balance between the need of citizens for the free exchange of information and restrictions related to the need to ensure national security, including in the information sphere;
d) sufficiency of forces and means to ensure information security, determined, inter alia, through the constant monitoring of information threats;
e) compliance with generally recognized principles and norms of international law, international treaties of the Russian Federation, as well as the legislation of the Russian Federation.

35. The tasks of government bodies within the framework of activities to ensure information security are:
a) ensuring the protection of the rights and legitimate interests of citizens and organizations in the information sphere;
b) assessing the state of information security, forecasting and detecting information threats, identifying priority areas for their prevention and eliminating the consequences of their manifestation;
c) planning, implementation and evaluation of the effectiveness of a set of measures to ensure information security;
d) organizing the activities and coordinating the interaction of information security forces, improving their legal, organizational, operational search, intelligence, counterintelligence, scientific and technical, information and analytical, personnel and economic support;
e) development and implementation of measures of state support for organizations engaged in the development, production and operation of information security means, provision of services in the field of information security, as well as organizations carrying out educational activities in this area.

36. The tasks of government bodies within the framework of activities to develop and improve the information security system are:
a) strengthening the vertical management and centralization of information security forces at the federal, interregional, regional, municipal levels, as well as at the level of informatization objects, information system operators and communication networks;
b) improving the forms and methods of interaction between information security forces in order to increase their readiness to counter information threats, including through regular training (exercises);
c) improving the information-analytical and scientific-technical aspects of the functioning of the information security system;
d) increasing the efficiency of interaction between government bodies, local governments, organizations and citizens in solving problems of ensuring information security.

37. The implementation of this Doctrine is carried out on the basis of sectoral strategic planning documents of the Russian Federation. In order to update such documents, the Security Council of the Russian Federation determines a list of priority areas for ensuring information security for the medium term, taking into account the provisions of the strategic forecast of the Russian Federation.

President Vladimir Putin approved the information security doctrine. Its main provisions are in the RBC review

The document consists of 38 articles divided into five chapters. The text begins with an indication of national interests in the field of national security. The following is a list of the main information threats in the modern world. Based on these threats, strategic goals of national policy relating to the economy, military sphere, diplomacy, science and education are formed.

National interests

Ensuring and protecting the constitutional rights and freedoms of man and citizen in terms of obtaining and using information.
Ensuring sustainable and uninterrupted functioning of critical information infrastructure in Russia.
Development of the information technology and electronics industry in Russia.
Promotion of reliable information about Russian state policy and its official position on socially significant events in the country and the world.
Promoting the formation of an international information security system.

Main information threats

A number of Western countries are increasing the capabilities of information and technical influence on the information infrastructure for military purposes.
The activities of organizations carrying out technical intelligence in Russia are intensifying.
The intelligence services of individual states are trying to destabilize the internal political and social situation in various regions of the world. The goal is to undermine the sovereignty and violate the territorial integrity of states. Methods - the use of information technology, as well as religious, ethnic and human rights organizations.
The volume of materials containing a biased assessment of Russian government policy is growing in foreign media.
Obstacles are created for Russian journalists abroad, and Russian media are subjected to “outright discrimination.”
Terrorist and extremist groups escalate interethnic and social tensions, engage in propaganda, and attract new supporters.
The scale of computer crime is increasing, primarily in the credit and financial sphere.
The number of crimes related to the violation of constitutional human rights and freedoms, privacy, and personal data protection is growing. These crimes are becoming more and more sophisticated.
Foreign states are increasing intelligence activities in Russia. The number of computer attacks on critical information infrastructure facilities is growing, their scale and complexity are growing.
High level of dependence of domestic industry on foreign information technologies (electronic component base, software, computer technology, communications).
Low level of efficiency of Russian scientific research aimed at creating promising information technologies. Domestic developments are poorly implemented, and human resources in this area are low.
Individual states use technological superiority to dominate the information space. Governing the Internet on the principles of fairness and trust between different countries is impossible.

Strategic Goals

The strategic goal of ensuring information security in the field of national defense is to protect the vital interests of the individual, society and state from internal and external threats associated with the use of information technologies for military-political purposes that are contrary to international law, including for the purpose of carrying out hostile actions and acts aggression aimed at undermining sovereignty, violating the territorial integrity of states and posing a threat to international peace, security and strategic stability.

In military politics:

Strategic deterrence and prevention of military conflicts that may arise as a result of the use of information technologies.
Improving the army's information security system.
Forecasting, detection and assessment of information threats.
Help ensure the protection of the interests of Russia's allies in the information sphere.
Neutralization of information and psychological influence, including those aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland.

In the field of state and public security:

Countering the use of information technologies to promote extremism, xenophobia and nationalism.
Increasing the security of critical information infrastructure.
Improving the operational safety of weapons, military and special equipment and automated control systems.
Ensuring the protection of information containing information constituting a state secret.
Increasing the efficiency of information support for the implementation of state policy.
Neutralization of information impact aimed at eroding traditional Russian spiritual and moral values.

In economics:

Innovative development of the information technology industry.
Eliminating the dependence of domestic industry on foreign information technologies.
Development of a domestic competitive electronic component base and technologies for the production of electronic components.

In science and education:

Achieving competitiveness of Russian information technologies.
Development of human resources in the field of information security.
Formation of a culture of personal information security among citizens.

In international relations:

Implementation of an independent and independent information policy.
Participation in the formation of an international information security system.
Ensuring equal and mutually beneficial cooperation of all interested parties in the information sphere, promoting the Russian position in relevant international organizations.

Organizational basis of the information security system

Council of the Federation
The State Duma
Government
Security Council
Federal executive authorities (federal services and agencies)
central bank
Military-Industrial Commission
Interdepartmental bodies created by the president and the government
Executive authorities of the subjects
Local authorities
Judicial authorities.

Participants in the information security system

Owners and operators of critical information infrastructure facilities
Banks
Communications and information systems operators
Developers of information systems and communication networks.

In order to ensure information security of the Russian Federation, I decree:

1. Approve the attached information security of the Russian Federation.

2. Recognize the Information Security Doctrine of the Russian Federation, approved by the President of the Russian Federation on September 9, 2000 No. Pr-1895, as invalid.

3. This Decree comes into force from the date of its signing.

President of Russian Federation

V. Putin

Doctrine
information security of the Russian Federation
(approved by the President of the Russian Federation dated December 5, 2016 No. 646)

I. General provisions

1. This Doctrine represents a system of official views on ensuring the national security of the Russian Federation in the information sphere.

In this Doctrine, the information sphere is understood as a set of information, objects of informatization, information systems, sites on the information and telecommunications network “Internet” (hereinafter referred to as the “Internet”), communication networks, information technologies, entities whose activities are related to the formation and processing of information , the development and use of these technologies, ensuring information security, as well as a set of mechanisms for regulating relevant social relations.

2. This Doctrine uses the following basic concepts:

a) national interests of the Russian Federation in the information sphere (hereinafter referred to as national interests in the information sphere) - objectively significant needs of the individual, society and the state to ensure their security and sustainable development as it relates to the information sphere;

b) a threat to the information security of the Russian Federation (hereinafter referred to as an information threat) - a set of actions and factors that create a danger of damage to national interests in the information sphere;

c) information security of the Russian Federation (hereinafter referred to as information security) - the state of protection of the individual, society and the state from internal and external information threats, which ensures the implementation of constitutional rights and freedoms of man and citizen, decent quality and standard of living of citizens, sovereignty, territorial integrity and sustainable socio-economic development of the Russian Federation, defense and security of the state;

d) ensuring information security - implementation of interconnected legal, organizational, operational-search, intelligence, counterintelligence, scientific-technical, information-analytical, personnel, economic and other measures to forecast, detect, contain, prevent, repel information threats and eliminate their consequences manifestations;

e) forces for ensuring information security - state bodies, as well as divisions and officials of state bodies, local governments and organizations authorized to solve problems of ensuring information security in accordance with the legislation of the Russian Federation;

f) information security means - legal, organizational, technical and other means used by information security forces;

g) information security system - a set of information security forces that carry out coordinated and planned activities, and the information security tools they use;

h) information infrastructure of the Russian Federation (hereinafter referred to as information infrastructure) - a set of informatization objects, information systems, Internet sites and communication networks located on the territory of the Russian Federation, as well as in territories under the jurisdiction of the Russian Federation or used on the basis of international treaties of the Russian Federation.

II. National interests in the information sphere

The information sphere plays an important role in ensuring the implementation of the strategic national priorities of the Russian Federation.

8. National interests in the information sphere are:

a) ensuring and protecting the constitutional rights and freedoms of man and citizen in terms of obtaining and using information, privacy when using information technology, providing information support for democratic institutions, mechanisms of interaction between the state and civil society, as well as the use of information technology in the interests of preserving cultural, historical, spiritual and moral values of the multinational people of the Russian Federation;

b) ensuring the stable and uninterrupted functioning of the information infrastructure, primarily the critical information infrastructure of the Russian Federation (hereinafter referred to as the critical information infrastructure) and the unified telecommunications network of the Russian Federation, in peacetime, during the period of immediate threat of aggression and in wartime;

c) development of the information technology and electronics industry in the Russian Federation, as well as improvement of the activities of industrial, scientific and scientific-technical organizations in the development, production and operation of information security means, provision of services in the field of information security;

d) bringing to the Russian and international public reliable information about the state policy of the Russian Federation and its official position on socially significant events in the country and the world, the use of information technologies in order to ensure the national security of the Russian Federation in the field of culture;

e) promoting the formation of an international information security system aimed at countering threats from the use of information technologies to disrupt strategic stability, strengthening equal strategic partnerships in the field of information security, as well as protecting the sovereignty of the Russian Federation in the information space.

III. Main information threats and the state of information security

The possibilities of cross-border information circulation are increasingly used to achieve geopolitical, military-political, terrorist, extremist, criminal and other illegal goals, to the detriment of international security and strategic stability.

At the same time, the practice of introducing information technologies without linking it with ensuring information security significantly increases the likelihood of information threats.

At the same time, the activities of organizations carrying out technical intelligence in relation to Russian government agencies, scientific organizations and enterprises of the military-industrial complex are intensifying.

There is a trend towards an increase in the volume of materials in foreign media containing a biased assessment of the state policy of the Russian Federation. Russian media are often subjected to outright discrimination abroad, and obstacles are created for Russian journalists to carry out their professional activities.

The information impact on the population of Russia, primarily on young people, is increasing in order to erode traditional Russian spiritual and moral values.

17. The state of information security in the economic sphere is characterized by an insufficient level of development of competitive information technologies and their use for the production of products and provision of services. The level of dependence of the domestic industry on foreign information technologies remains high in terms of electronic components, software, computer technology and communications, which determines the dependence of the socio-economic development of the Russian Federation on the geopolitical interests of foreign countries.

The current distribution between countries of the resources necessary to ensure the secure and sustainable functioning of the Internet does not allow for joint fair management based on the principles of trust.

The lack of international legal norms regulating interstate relations in the information space, as well as mechanisms and procedures for their application that take into account the specifics of information technology, makes it difficult to form an international information security system aimed at achieving strategic stability and equal strategic partnership.

IV. Strategic goals and main directions for ensuring information security

21. In accordance with the military policy of the Russian Federation, the main directions of ensuring information security in the field of national defense are:

a) strategic containment and prevention of military conflicts that may arise as a result of the use of information technologies;

b) improving the system for ensuring information security of the Armed Forces of the Russian Federation, other troops, military formations and bodies, which includes forces and means of information warfare;

c) forecasting, detection and assessment of information threats, including threats to the Armed Forces of the Russian Federation in the information sphere;

d) assistance in ensuring the protection of the interests of the allies of the Russian Federation in the information sphere;

e) neutralization of information and psychological influence, including those aimed at undermining the historical foundations and patriotic traditions associated with the defense of the Fatherland.

23. The main directions of ensuring information security in the field of state and public security are:

a) countering the use of information technologies to promote extremist ideology, spread xenophobia, ideas of national exclusivity in order to undermine sovereignty, political and social stability, forcibly change the constitutional system, and violate the territorial integrity of the Russian Federation;

b) suppression of activities harmful to the national security of the Russian Federation, carried out using technical means and information technologies by special services and organizations of foreign states, as well as by individuals;

c) increasing the security of critical information infrastructure and the stability of its functioning, developing mechanisms for detecting and preventing information threats and eliminating the consequences of their manifestation, increasing the protection of citizens and territories from the consequences of emergency situations caused by information and technical impacts on critical information infrastructure objects;

d) increasing the security of the functioning of information infrastructure facilities, including in order to ensure sustainable interaction between government bodies, preventing foreign control over the functioning of such facilities, ensuring the integrity, stability of operation and security of the unified telecommunication network of the Russian Federation, as well as ensuring the security of information transmitted through it and processed in information systems on the territory of the Russian Federation;

e) increasing the operational safety of weapons, military and special equipment and automated control systems;

f) increasing the effectiveness of preventing offenses committed using information technologies and combating such offenses;

g) ensuring the protection of information containing information constituting state secrets, other information of limited access and distribution, including by increasing the security of relevant information technologies;

h) improvement of methods and methods of production and safe use of products, provision of services based on information technologies using domestic developments that meet information security requirements;

i) increasing the efficiency of information support for the implementation of state policy of the Russian Federation;

j) neutralization of information impact aimed at eroding traditional Russian spiritual and moral values.

25. The main directions of ensuring information security in the economic sphere are:

a) innovative development of the information technology and electronics industry, increasing the share of products from this industry in the gross domestic product and in the structure of the country’s exports;

b) eliminating the dependence of domestic industry on foreign information technologies and information security means through the creation, development and widespread implementation of domestic developments, as well as the production of products and the provision of services based on them;

c) increasing the competitiveness of Russian companies operating in the information technology and electronics industry, development, production and operation of information security equipment that provide services in the field of information security, including through the creation of favorable conditions for carrying out activities on the territory of the Russian Federation ;

d) development of a domestic competitive electronic component base and technologies for the production of electronic components, meeting the needs of the domestic market for such products and the entry of these products into the world market.

27. The main directions of ensuring information security in the field of science, technology and education are:

a) achieving the competitiveness of Russian information technologies and developing scientific and technical potential in the field of information security;

b) creation and implementation of information technologies that are initially resistant to various types of impact;

c) conducting scientific research and carrying out experimental developments in order to create promising information technologies and means of ensuring information security;

d) development of human resources in the field of information security and application of information technologies;

e) ensuring the protection of citizens from information threats, including through the formation of a culture of personal information security.

29. The main directions of ensuring information security in the field of strategic stability and equal strategic partnership are:

a) protection of the sovereignty of the Russian Federation in the information space through the implementation of an independent and independent policy aimed at realizing national interests in the information sphere;

b) participation in the formation of an international information security system that ensures effective counteraction to the use of information technologies for military-political purposes that are contrary to international law, as well as for terrorist, extremist, criminal and other illegal purposes;

c) creation of international legal mechanisms that take into account the specifics of information technologies in order to prevent and resolve interstate conflicts in the information space;

d) promoting, within the framework of the activities of international organizations, the position of the Russian Federation, which provides for ensuring equal and mutually beneficial cooperation of all interested parties in the information sphere;

e) development of a national management system for the Russian segment of the Internet.

V. Organizational basis for ensuring information security

30. The information security system is part of the national security system of the Russian Federation.

Ensuring information security is carried out on the basis of a combination of legislative, law enforcement, law enforcement, judicial, control and other forms of activity of government bodies in interaction with local governments, organizations and citizens.

32. The composition of the information security system is determined by the President of the Russian Federation.

Participants in the information security system are: owners of critical information infrastructure objects and organizations operating such objects, media and mass communications, organizations in the monetary, foreign exchange, banking and other areas of the financial market, telecom operators, information system operators, organizations carrying out activities for the creation and operation of information systems and communication networks, for the development, production and operation of information security means, for the provision of services in the field of information security, organizations carrying out educational activities in this area, public associations, other organizations and citizens who in accordance with the legislation of the Russian Federation, participate in solving problems to ensure information security.

34. The activities of government bodies to ensure information security are based on the following principles:

a) the legality of public relations in the information sphere and the legal equality of all participants in such relations, based on the constitutional right of citizens to freely seek, receive, transmit, produce and disseminate information in any legal way;

b) constructive interaction between government bodies, organizations and citizens when solving problems to ensure information security;

c) maintaining a balance between the need of citizens for the free exchange of information and restrictions related to the need to ensure national security, including in the information sphere;

d) sufficiency of forces and means to ensure information security, determined, inter alia, through the constant monitoring of information threats;

e) compliance with generally recognized principles and norms of international law, international treaties of the Russian Federation, as well as the legislation of the Russian Federation.

35. The tasks of government bodies within the framework of activities to ensure information security are:

a) ensuring the protection of the rights and legitimate interests of citizens and organizations in the information sphere;

b) assessing the state of information security, forecasting and detecting information threats, identifying priority areas for their prevention and eliminating the consequences of their manifestation;

c) planning, implementation and evaluation of the effectiveness of a set of measures to ensure information security;

d) organizing the activities and coordinating the interaction of information security forces, improving their legal, organizational, operational search, intelligence, counterintelligence, scientific and technical, information and analytical, personnel and economic support;

e) development and implementation of measures of state support for organizations engaged in the development, production and operation of information security means, provision of services in the field of information security, as well as organizations carrying out educational activities in this area.

36. The tasks of government bodies within the framework of activities to develop and improve the information security system are:

a) strengthening the vertical management and centralization of information security forces at the federal, interregional, regional, municipal levels, as well as at the level of informatization objects, information system operators and communication networks;

b) improving the forms and methods of interaction between information security forces in order to increase their readiness to counter information threats, including through regular training (exercises);

c) improving the information-analytical and scientific-technical aspects of the functioning of the information security system;

d) increasing the efficiency of interaction between government bodies, local governments, organizations and citizens in solving problems of ensuring information security.

Document overview

A new Doctrine of Information Security of Russia has been approved.

Strategic goals and main directions for ensuring information security have been identified.

The main information threats are analyzed. The state of information security is assessed.

It is noted that the practice of introducing information technologies without linking it with ensuring information security significantly increases the likelihood of information threats.

The state of information security is influenced, in particular, by the fact that some foreign countries are increasing the capabilities of information and technical influence on the information infrastructure for military purposes. The activities of organizations carrying out technical intelligence in relation to Russian government agencies, scientific organizations and defense industry enterprises are intensifying.

There is a tendency towards an increase in the volume of materials in foreign media with a biased assessment of domestic government policy. Russian media are often subjected to outright discrimination abroad.

Various terrorist and extremist organizations widely use mechanisms of information influence. The scale of computer crime is increasing.

The main directions of ensuring information security in the field of defense, state and public security, in the economic sphere, in the field of science, technology and education, strategic stability and equal strategic partnership are given.

The composition of the information security system is determined by the President of the Russian Federation. The Russian Security Council establishes a list of priority areas for ensuring information security for the medium term.

The results of monitoring the implementation of the doctrine are reflected in the annual report of the Secretary of the Security Council to the President of the Russian Federation.

The previous Doctrine of Information Security of Russia, approved in 2000, has been declared invalid.

The decree comes into force from the date of its signing.

PRESIDENT OF THE RUSSIAN FEDERATION

On approval of the Information Security Doctrine of the Russian Federation

In order to ensure information security of the Russian Federation

I decree:

1. Approve the attached Doctrine of Information Security of the Russian Federation.

2. Recognize as invalid the Doctrine of Information Security of the Russian Federation, approved by the President of the Russian Federation on September 9, 2000 N Pr-1895.

3. This Decree comes into force from the date of its signing.

The president
Russian Federation
V.Putin

Information Security Doctrine of the Russian Federation

I. General provisions

1. This Doctrine represents a system of official views on ensuring the national security of the Russian Federation in the information sphere.

In this Doctrine, the information sphere is understood as a set of information, objects of informatization, information systems, sites on the information and telecommunications network "Internet" (hereinafter referred to as the "Internet"), communication networks, information technologies, entities whose activities are related to the formation and processing of information , the development and use of these technologies, ensuring information security, as well as a set of mechanisms for regulating relevant social relations.

2. This Doctrine uses the following basic concepts:

f) information security means - legal, organizational, technical and other means used by information security forces;

g) information security system - a set of information security forces that carry out coordinated and planned activities, and the information security tools they use;

5. This Doctrine is a strategic planning document in the field of ensuring the national security of the Russian Federation, which develops the provisions of the National Security Strategy of the Russian Federation, approved by Decree of the President of the Russian Federation of December 31, 2015 N 683, as well as other strategic planning documents in this area.

II. National interests in the information sphere

7. Information technologies have acquired a global cross-border nature and have become an integral part of all spheres of activity of the individual, society and state. Their effective use is a factor in accelerating the economic development of the state and the formation of the information society.

The information sphere plays an important role in ensuring the implementation of the strategic national priorities of the Russian Federation.

8. National interests in the information sphere are:

III. Main information threats and the state of information security

10. The expansion of the areas of application of information technologies, being a factor in the development of the economy and improving the functioning of public and state institutions, at the same time gives rise to new information threats.

The possibilities of cross-border information circulation are increasingly used to achieve geopolitical, military-political, terrorist, extremist, criminal and other illegal goals, to the detriment of international security and strategic stability.

At the same time, the practice of introducing information technologies without linking it with ensuring information security significantly increases the likelihood of information threats.

11. One of the main negative factors influencing the state of information security is the increase by a number of foreign countries of the capabilities of information and technical influence on the information infrastructure for military purposes.

At the same time, the activities of organizations carrying out technical intelligence in relation to Russian government agencies, scientific organizations and enterprises of the military-industrial complex are intensifying.

12. The scope of the use by special services of individual states of means of providing information and psychological influence aimed at destabilizing the internal political and social situation in various regions of the world and leading to the undermining of sovereignty and violation of the territorial integrity of other states is expanding. Religious, ethnic, human rights and other organizations, as well as individual groups of citizens, are involved in this activity, and the capabilities of information technology are widely used.

There is a trend towards an increase in the volume of materials in foreign media containing a biased assessment of the state policy of the Russian Federation. Russian media are often subjected to outright discrimination abroad, and obstacles are created for Russian journalists to carry out their professional activities.

The information impact on the population of Russia, primarily on young people, is increasing in order to erode traditional Russian spiritual and moral values.

17. The state of information security in the economic sphere is characterized by an insufficient level of development of competitive information technologies and their use for the production of products and provision of services. The level of dependence of the domestic industry on foreign information technologies remains high in terms of electronic components, software, computer technology and communications, which determines the dependence of the socio-economic development of the Russian Federation on the geopolitical interests of foreign countries.

19. The state of information security in the field of strategic stability and equal strategic partnership is characterized by the desire of individual states to use technological superiority to dominate the information space.

The current distribution between countries of the resources necessary to ensure the secure and sustainable functioning of the Internet does not allow for joint fair management based on the principles of trust.

The lack of international legal norms regulating interstate relations in the information space, as well as mechanisms and procedures for their application that take into account the specifics of information technology, makes it difficult to form an international information security system aimed at achieving strategic stability and equal strategic partnership.