Expert
and professional activity
Expert
and professional activity
A3. Methodological activity in the field of cyber and information security
The methodological activity of the KC KB UPJŠ in the field of cyber and information security is focused on the creation of practically usable methodologies and procedures for the needs of public administration reflecting current technological and security trends. Emphasis is placed mainly on formulating recommendations responding to emerging cyber security threats, including the impact of artificial intelligence and risks associated with supplier relationships. Part of the methodological activity is also supporting the implementation of new legislation in the field of cyber and information security with the aim of ensuring its effective application in practice. An important part of it are recommendations for solving standard cyber security incidents and procedures for strategic communication towards the public. The methodologies also take into account the specifics of selected sectors, especially healthcare, where the processing of sensitive data is critical. Special attention is also paid to the issue of hoaxes and disinformation and the proposal of measures to strengthen the resilience of public administration against these threats.
1. Methodologies and procedures for public administration entities
KC KB UPJŠ has prepared these following outputs:
Legal aspects of personal data protection
The methodology focuses on a systematic explanation of the legal framework for personal data protection in public administration conditions, especially in the context of the GDPR and national legislation. It provides an interpretation of basic concepts, principles of personal data processing and identifies key obligations of administrators and processors. An important part is the analysis of practical challenges arising from digitalization and the use of modern technologies, including artificial intelligence. The document also offers recommendations for the correct application of legal regulations in public administration practice.
Cybersecurity in healthcare facilities
The methodology addresses specific risks of cyber and information security in the healthcare sector, which is a critical infrastructure, but at the same time several entities can be classified as administrators of public administration information technologies. The methodology analyzes typical attack scenarios, such as ransomware, health data leakage or disruption of hospital systems. The document identifies the main vulnerabilities of health information systems and proposes specific measures to protect them. It also emphasizes the need for systematic security management and implementation of legislative requirements in this sensitive sector.
Critical thinking and resilience to disinformation
The methodology is aimed at developing critical thinking as a key competency of public administration employees in an environment of information overload. It explains the basic principles of evaluating information, identifying manipulative techniques and distinguishing between facts and disinformation. It also includes practical tools and procedures that can be used in everyday work, including verifying sources and analyzing arguments. The document contributes to strengthening the information resilience of public administration and reducing the impact of hoaxes and disinformation.
Manual for the safe use of social networks by public administration bodies
This manual provides a comprehensive set of recommendations for the safe and effective use of social networks in public administration communication. It focuses on a strategic approach to account management, access protection, responsibility for content and building trustworthy communication with the public. Recommendations for combating disinformation, moderating discussions, and managing reputational risks are also an important part of the document. The document reflects current trends in digital communication and emphasizes the need for continuous adaptation to the dynamic information environment.
- Methodology for public administration entities - Legal aspects of personal data protection
- Methodology for public administration entities - Cybersecurity in healthcare facilities
- Methodology for public administration entities - Critical thinking and resistance to disinformation
- Methodology for public administration entities - Manual for the safe use of social networks by public administration bodies
2. Analytical reports on current cyber threats
KC KB UPJŠ regularly processes analytical materials aimed at monitoring and evaluating current cyber security threats based on real data obtained from honeypots (traps for attackers). These reports provide a detailed view of the behavior of attackers, identify the most common target services and network ports, and analyze the intensity and dynamics of attacks over time. A significant benefit is also the geographical analysis of attack sources and the identification of trends within various campaigns.
The reports also contain pre-processed datasets suitable for further use in research, for example for training machine learning models or anomaly detection. The analysis points to ongoing cyber attacks, such as brute-force attacks on secure shell (SSH), attacks on database services, or the spread of malware through vulnerabilities in network protocols. The outputs thus represent a practical tool for increasing situational awareness and supporting decision-making in the field of cyber and information security.