Proceedings of the International scientific and practical conference ―Science, Technology and Culture: Interaction, Evolution and Progress‖ (December 21-23, 2025) / Publisher website: www.naukainfo.com. – Copenhagen, Denmark, 2026. – 161 p.

73 disruptions in the operation of information systems can lead to data leaks, breaches of data integrity, or loss of access to information resources [1]. Modern information systems operate in an environment of constant cyber threats that are dynamically changing and becoming more complex. The most common threats are unauthorized access to information, malware, phishing attacks, and targeted attacks on information infrastructure. Complex cyber incidents, which combine technical and social methods of influence and are aimed at obtaining confidential information or disrupting the stable operation of the system, pose a particular danger. In this regard, ensuring information security should be viewed as a continuous risk management process. Effective protection of information in information systems is achieved through the use of a combination of technical and software tools. These include cryptographic protection methods that ensure the confidentiality and integrity of data during its transmission and storage, as well as user authentication and authorization systems. The implementation of security incident monitoring and detection tools is important, as it allows for timely response to threats and minimizes the possible consequences of attacks [2]. However, technical solutions cannot provide an adequate level of protection without appropriate organizational support. Organizational information security measures include the development and implementation of security policies, the definition of access levels to information resources, and raising staff awareness of the rules for working with information. A significant portion of information security incidents are related to the human factor, which necessitates systematic user training and monitoring of compliance with established requirements. In this context, the standardization of information security management processes plays a special role [3]. International standards in the field of information security form a unified approach to building information protection systems and contribute to increasing the level of trust in information systems. They define the basic principles of risk assessment, planning of protection measures, and control of the effectiveness of implemented solutions. In addition, legal regulation in