Information security (IS) is an essential element of the state information policy of Kazakhstan, ensuring the protection of the national information space, personal data of citizens, digital infrastructure and state management systems. In the context of digitalization, cyber threats and global information wars, Kazakhstan seeks to build a stable information security system by regulating cyberspace and implementing modern security technologies.

Information security is the state of security of the information environment in society. Information protection is an activity aimed at preventing leakage of protected information, unauthorized and unintentional impacts on protected information, that is, a process aimed at achieving this state.

Information security of the state – the state of preservation of information resources of the state and security, the legal rights of individuals and society in the information sphere.

In modern society, the information sphere has two components:

- information technology (artificially created world of technology, technologies);

- informational and psychological (the natural world of living nature, including the person himself).

Information security of the state can be represented by two components: information and technical security and information and psychological (psychophysical) security.

Information security of the Republic of Kazakhstan is understood as the state of protection of its national interests in the information sphere, which are determined by the totality of balanced interests of the individual, society and the state.

The interests of the individual in the information sphere consist in the implementation of the constitutional rights of a person and citizen to access information, to use information in the interests of carrying out activities not prohibited by law, physical, spiritual and intellectual development, as well as in protecting information that ensures personal security.

The interests of society in the information sphere consist in ensuring the interests of the individual in this sphere, strengthening democracy, creating a legal social state, achieving and maintaining social harmony, and spiritual renewal of Kazakhstan.

The interests of the state in the information sphere are:

- to create conditions for the harmonious development of Kazakhstan's information infrastructure;

- to implement the constitutional rights and freedoms of a person and citizen in the field of obtaining information and using it in order to ensure the inviolability of the constitutional order;

- Sovereignty and territorial integrity of Kazakhstan, political, economic and social stability;

- in the unconditional provision of law and order, the development of equal and mutually beneficial international cooperation.

Based on the national interests of the Republic of Kazakhstan in the information sphere, strategic and current tasks of the state's internal and foreign policy to ensure information security are formed.

Why is information security one of the most pressing problems of any state today? This is due to the following factors.

Information in the modern world has become one of the key factors on which the effectiveness of the state's activities and prospects depend to a decisive extent.

Today it is becoming clear that the possession of timely, accurate, reliable data is becoming an extremely important factor in the effectiveness of making decisive management decisions, including not only at the state level. In other words, information becomes a strategic value of the state.

Information, having become a strategic resource of the country, both land, energy, raw materials and natural resources, and all resources, requires careful attention. Loss of control and influence over the national information sphere and communications can lead to negative consequences.

What can lead to the loss of sovereignty?

First, the state of information security has a significant impact on the state of socio-political, economic, defense and other elements of state security.

Information technologies are not only rapidly being introduced into politics, business, and public administration, but are also transforming the nature of interpersonal relationships in society, changing the principles of doing business, managing the state, and companies.

The information sphere and information flows have a great influence on the formation of public opinion, both in individual countries and on a global scale. Advertising, propaganda, political technologies, public relations and various information campaigns (PR) have become a characteristic feature of modern social processes.

Secondly, ensuring information security is closely linked to the issues of ensuring technological security.

This is due to the fact that the state of information security is greatly influenced by the processes associated with the development and dissemination of the latest information technologies.

Analysis of the economies of developed countries shows that they achieve significant success largely due to the introduction of modern information technologies. Therefore, today in the countries of Europe, America, and Southeast Asia, from 10% to 15% of GDP is invested in information infrastructure.

Information technologies have become not only a necessary element of the modern state, but also the most effective branch of the national economy. Information technologies play a crucial role in the development of the so-called «new economy». Therefore, the priorities of many States are shifting from traditional factors of production to knowledge and information.

Third, the information sphere performs one of the most important social functions of the state-increasing the spiritual, moral and creative potential of society, and also plays a key role in the processes of obtaining and accumulating new knowledge.

Free access to necessary and reliable information is an essential attribute of modern democratic societies and contributes to the observance of the legitimate rights of individuals, society and the State.

Information serves as a link between peoples, different generations of people, and different historical periods of human existence.

The right to access information resources implies solving a whole range of issues: legal, economic and technological. Despite all the complexity, their solution is one of the key tasks of a modern state.

Fourth, the use of opportunities provided by the development of new information technologies is considered by the leadership of most countries of the world as a means of solving acute internal and external problems. Also, in solving global problems of humanity – as a huge potential for ensuring stable and sustainable economic growth, increasing competitiveness, creating new jobs and improving the quality of life of people, solving global problems of humanity.

The Information Security Policy provides an idea of the required behavior of state and public institutions in the implementation and use of innovative information systems and information security tools, as well as in the implementation of information exchange and information processing operations.

An important function of the information security policy is the delineation of responsibilities in information exchange procedures: all interested parties should be aware of the boundaries of both their own responsibility and the responsibility of other participants in the relevant information procedures and processes. One of the goals of the security policy is to protect not only information and information systems, but also to protect users themselves.

The overall lifecycle of an information security policy includes a number of basic steps:

- conducting a preliminary study of the state of information security;

- directly develop the security policy.

- approval of recently implemented security policies.

- monitoring compliance with the requirements of the implemented security policy and formulating requirements for its further improvement.

Thus, ensuring information security is generally one of the most important elements of the national security of the state.

The national interests of the Republic of Kazakhstan in the information sphere have four main components:

- respect for the constitutional rights and freedoms of man and citizen in the field of obtaining and using information, ensuring the spiritual renewal of Kazakhstan, preserving and strengthening the moral values of society, traditions of patriotism and humanism, cultural and scientific potential of the country;

- providing the Kazakh and international public with reliable information about the state policy of the Republic of Kazakhstan, its official position on socially significant events in Kazakhstan and international life, with ensuring citizens ' access to open state information resources;

- providing the needs of the domestic market with its products and their entry into the world market, ensuring the accumulation, preservation and effective use of domestic information resources;

- protection of information resources from unauthorized access, ensuring the security of information and telecommunications systems, both already deployed and created in the territory of Kazakhstan.

Types of threats and sources of information security in the Republic of Kazakhstan.

According to their focus, threats to the information security of the Republic of Kazakhstan are divided into the following types:

- threats to the constitutional rights and freedoms of man and citizen in the field of spiritual life and information activities, individual, group and public consciousness;

- threats to the information support of the state policy of the Republic of Kazakhstan;

- threats to the development of the domestic information industry, including the industry of informatization, telecommunications and communication facilities, ensuring the needs of the domestic market for its products and their entry into the world market, as well as ensuring the accumulation, preservation and effective use of domestic information resources;

- threats to the security of information and telecommunications facilities and systems, both already deployed and being created in Kazakhstan.

Threats to the information support of the state policy of the Republic of Kazakhstan may include:

- Monopolization of the information market of the Republic of Kazakhstan, its individual sectors by domestic and foreign information structures;

- blocking the activities of state-owned media to inform Kazakh and foreign audiences;

- low efficiency of information support of the state policy of the Republic of Kazakhstan due to the lack of qualified personnel, lack of a system for the formation and implementation of the state information policy.

Threats to the development of the domestic information industry and the effective use of domestic information resources may include:

- countering the access of the Republic of Kazakhstan to the latest information technologies;

- countering mutually beneficial and equal participation of Kazakhstani producers in the global division of labor in the industry of information services, information technology, telecommunications and communications, and information products;

- creating conditions for strengthening the technological dependence of the Republic of Kazakhstan in the field of modern information technologies;

- displacement of Kazakhstani manufacturers of information, telecommunications and communication equipment from the domestic market;

- an increase in the outflow of specialists and intellectual property rights holders abroad.

Sources of threats to the information security of the Republic of Kazakhstan are divided into external and internal.

External sources include:

- activities of foreign political, economic, military, intelligence and information structures directed against the interests of the Republic of Kazakhstan in the information sphere;

- increased international competition for the possession of information technologies and resources;

- activities of international terrorist organizations;

- increasing the technological gap of the world's leading powers and increasing their capabilities to counteract the creation of competitive Kazakh information technologies;

- activities of space, air, sea and land technical and other means (types) of intelligence of foreign states;

- development by a number of states of concepts of information wars, providing for the creation of means of dangerous influence on the information spheres of other countries of the world, disruption of the normal functioning of information and telecommunications systems, the safety of information resources, and obtaining unauthorized access to them.

Internal sources include:

- critical state of domestic industries;

- criminogenic situation, accompanied by tendencies of merging state and criminal structures in the information sphere, obtaining access to confidential information by criminal structures, increasing the influence of organized crime on the life of society, reducing the degree of protection of the legitimate interests of citizens, society and the state in the information sphere;

- insufficient coordination of the activities of state authorities and subjects of the Republic of Kazakhstan on the formation and implementation of a unified state policy in the field of information security of the Republic of Kazakhstan;

- insufficient development of the regulatory framework governing relations in the information sphere, as well as insufficient law enforcement practice;

- underdeveloped civil society institutions and insufficient state control over the development of the information market in Kazakhstan;

- insufficient funding of measures to ensure information security of the Republic of Kazakhstan;

- insufficient economic power of the state;

- reduced efficiency of the education and upbringing system, insufficient number of qualified personnel in the field of information security;

- insufficient activity of state authorities in informing the public about their activities, in explaining the decisions taken, in forming open state resources and developing the system of access to them for citizens;

- Kazakhstan lags behind the world's leading countries in terms of the level of informatization of state and local government bodies, credit and finance, industry, agriculture, education, healthcare, services and everyday life of citizens.

Mass media as a subject of information security.

The inclusion of countries in the global virtual Internet inevitably entails a certain reaction from the authorities, since there is a previously non-existent danger of information intrusion into the communication space of a sovereign state. This manifestation of concern is dictated not only by fear for national borders, but also by the entire system of values – «protection from defamation, protection from fraudulent advertising, from violation of confidentiality, and ensuring the right to non-interference in private life, protecting the moral development of children». These values also include the preservation of national culture, psychology, and the native language.

What factors make it necessary to develop an information security doctrine? This is the understanding that:

- Mass media are a powerful lever for manipulating public consciousness;

- advertising in the media effectively stimulates the subject's desires, exerting psychological pressure;

- there is a monopolization and concentration of the media in the hands of the oligarchy;

- commercialization of mass media;

- active use of techniques and technologies of the Republic of Kazakhstan in the media;

- new technologies are a social factor, they are not neutral;

- the factor of multinational segments of the population.

The legislative level is important for ensuring information security.

√ In the Constitution of the Republic of Kazakhstan, the protection of the information space is defined by clause 3, Article 20: «Propaganda or agitation of violent changes in the constitutional order, violation of the integrity of the republic, undermining state security, war, social, racial, national, religious, class and clan superiority, as well as the cult of cruelty and violence is not allowed».

√ The Law on Mass Media (paragraph 3, Article 2) also states that «it is not allowed to use mass media for propaganda and agitation of violent changes in the constitutional order, violation of the integrity of the Republic of Kazakhstan, undermining state security, war, social, racial, national, religious, class and clan superiority, the cult of cruelty, violence and pornography, as well as the dissemination of information constituting state secrets and other secrets protected by law».

√ The Law «On National Security of the Republic of Kazakhstan» defines the following norm: it is prohibited for foreign individuals and legal entities, stateless persons, to directly and (or) indirectly own, use, dispose of and (or) manage more than 20 percent of the shares (shares, units) of a legal entity that owns mass media in the Republic of Kazakhstan or operates in the Republic of Kazakhstan. this area.

Regarding the activities of mass media, this Law refers to «preventing information dependence of Kazakhstan, preventing information isolation of the President of the Republic of Kazakhstan, the Parliament of the Mazhilis of the Republic of Kazakhstan, the Government and the national security forces of the Republic of Kazakhstan, the formation and uninterrupted functioning of the information space of the Republic of Kazakhstan, Kazakhstan's entry into the world communication and informatics system».

Information security can be considered on a broad scale-national, industry-wide, corporate, or personal. These are: manufacturing and management, defense and communications, transport and energy, banking and finance, science and education, and mass media.

«Information security, in its most general form, is the state of protection of vital interests of the individual, society and the state by information means or in the information environment».

In this case, we mean only media and transmitted mass and intellectual information. This form of information is also valuable for the state, such as land and mineral resources, and water resources.

Information security in mass media is an opportunity to receive reliable, prompt, objective information that allows the subjects of society and the state to make decisions that are appropriate to the situation and protect the vital interests of the individual and society.

Therefore, information security is an opportunity to express one's views and beliefs, receive and disseminate information, which is guaranteed by the Constitution of the Republic of Kazakhstan, the Law on Mass Media. If the public receives dissected information, it cannot consider itself to have ensured national security.

Information security balances between two important factors:

- requirements for compliance with the open society's rules;

- control over information by the state.

An open society assumes the possibility of obtaining reliable information and creates the basis for information security. Although there is official recognition on the part of the state that there is no censorship in the country, according to the well-known media expert A. K. Simonov, there are unofficial types of censorship: economic, administrative, editorial, by the owners and founders of mass media, criminal.

Information security recognizes the deliberate self-restraint of the media through public councils, organizations that control morality in the media, and organizations that are traditional for a democratic society. In Kazakhstan, there are similar councils in different versions and forms. They are represented by the most respected people in the country.

The postulates of media activity in the information security system are:

- the right to receive reliable information, if it is not related to issues of state secrets or the personal life of the President of the Republic of Kazakhstan;

- the responsibility of the media for preserving interethnic harmony and peace in the country;

- responsibility of mass media for publishing information that is a state secret and is not subject to public disclosure;

- the duty of electronic media not to manipulate individual consciousness;

- the ability to freely search, receive and disseminate information through the media.

Information security is considered on a broad scale-national, industry, corporate or personal. These are: manufacturing and management, defense and communications, transport and energy, banking and finance, science and education, and mass media.

Information security is the state of protection of vital interests of the individual, society and the state by information means or in the information environment^[155].

Let's note the actual aspects of information security for Kazakhstan. Information security affects all spheres of society and the state. The main reasons for its critical importance are:

- digitalization and digitalization – with the growth of digital technologies, cyber threats, attacks on critical infrastructure and the spread of disinformation are increasing.

- protection of state sovereignty – control over information flows and digital platforms is necessary to ensure the independence of Kazakhstan;

- fighting cybercrime – protecting the personal data of citizens, businesses and government agencies from cyber threats;

- counteracting fakes and information attacks – preventing manipulation of public opinion and destructive information campaigns.

Kazakhstan pays special attention to the development of the national information security strategy, adapting it to modern challenges.

The main directions of ensuring information security.

The state policy of Kazakhstan in the field of information security includes several key areas.

Development of the regulatory framework. The legislative regulation of information security includes a number of key documents:

The Law «On Personal Data Protection» – establishes the rules for processing, storing and transmitting citizens ' data.

The Cybersecurity Law regulates the protection of state information systems, critical infrastructure, and private IT companies.

Law «On Communications» – controls the work of Internet service providers and telecommunications operators.

Law «On Mass Media» – regulates liability for spreading fake information and slander.

The state program «Cyber shield of Kazakhstan» is a strategic document that defines the main measures of protection against cyber threats.

These laws provide the basis for effective control and protection of the national information space.

State structures and information security institutions.

To protect the information space in Kazakhstan, there are specialized state bodies:

- Ministry of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan-responsible for developing IT strategies and regulating the digital sphere;

- National Security Committee (NSC) – deals with cyber intelligence, counteraction to cyber-attacks and cyber espionage;

- State Technical Service (GTS) – responsible for cyber protection of state IT system sand e-government;

- cyber politization (Ministry of Internal Affairs of the Republic of Kazakhstan) – deals with the investigation of cybercrime, fraud and distribution of malicious content.

These political institutions coordinate efforts to protect the country's information sovereignty.

Cybersecurity and protection of state systems.

- the key task of the state is to provide protection against cyber-attacks, hacks and data leaks. Key measures:

- creation of secure state data centers for storing information within the country;

- monitoring the Internet space for cyberthreats and destructive content;

- in the depths of the DDoS protection system and infectious software;

- mandatory certification and audit of cybersecurity for government agencies and strategic enterprises.

Such measures allow minimizing the threats associated with digital attacks and cyber espionage.

Countering fakes and disinformation.

An important part of information security is to protect the public from false information and manipulation. Kazakhstan takes the following measures:

- state monitoring centers for mass media and social networks that track disinformation and fakes have been launched.

- fines and criminal liability are imposed for spreading false information (especially during emergencies and crisis situations);

- in collaboration with social networks (Facebook, TikTok, Instagram, Telegram) to quickly remove malicious content;

- media literacy programs to train citizens in critical thinking and information verification.

These measures are aimed at creating a stable information space that is protected from external manipulation.

International cooperation in the field of information security.

Kazakhstan actively participates in international cybersecurity initiatives:

- SCO (Shanghai Cooperation Organization) – exchange of experience and joint work on countering cyberterrorism;

- EEU (Eurasian Economic Union) – coordination of cyber defense activities among the participating countries;

- UN and OSCE – participation in global information security programs;

- Cooperation with technology corporations (Microsoft, Huawei, Kaspersky) in the field of data protection and threat monitoring.

Such initiatives allow Kazakhstan to integrate into the global cybersecurity system and adopt advanced information security technologies.

Thus, information security is an integral element of the state information policy of Kazakhstan. It includes protecting government data, fighting cybercrime, countering disinformation, and ensuring digital sovereignty.

In the future, Kazakhstan will continue to strengthen its national cyber defense, adapting to the new challenges of the digital age.

In modern conditions, the information security of our state is the protection of its interests, sovereignty and territorial integrity from destabilization and threats of an information-technical and information-psychological nature in the information space. The main illegal actions here are information wars, cyber-attacks, cyber espionage, cybercrime, cyberterrorism, and the dissemination of classified information.

---

^[155] Nurtazina R. A. National Security of the Republic of Kazakhstan. Textbook. – Almaty : Bastau Publishing House. – 2014. – pp. 110–121.