CYBER RISK MANAGEMENT IN THE EDUCATIONAL ENVIRONMENT
DOI:
https://doi.org/10.35433/ISSN2410-3748-2025-2(37)-19Keywords:
cybersecurity in education, information security, digital educational environment, security control, threat detection methodsAbstract
This article is devoted to a comprehensive study of methods and technologies for monitoring and analyzing cyber threats in the educational environment, which is particularly relevant in the context of rapid digitalization and the growing dependence of educational institutions on digital platforms, electronic document management, distance learning, and cloud services. The article reveals the nature of modern threats characteristic of educational infrastructure, in particular phishing attacks, unauthorized access, malicious software, data leaks of students and staff, as well as manipulative information influences.
To achieve the research objective, a comparative analysis of technological solutions used in international cyber security practices for educational institutions was applied. Combined with methods of synthesis, induction, generalization, and logical modeling, this made it possible to substantiate optimal approaches to building systems for detecting and preventing cyber threats. The application of event log analysis methods, SIEM systems, IDS/IPS technologies, signature and behavioral models of malicious activity analysis, as well as the possibilities of machine learning for predicting cyber risks were analyzed. A critical review of current scientific approaches made it possible to identify the basic requirements for an effective cyber protection system for the educational environment and to highlight its functional components.
The article presents an assessment of the readiness of Ukrainian educational institutions to implement modern cyber protection technologies, describes typical problems related to insufficient funding, low digital culture of staff, and the lack of standardized protocols for responding to cyber incidents. Practical recommendations are proposed to increase cyber resilience: strengthening infrastructure security, introducing centralized monitoring systems, regular training of teachers and students, applying European cyber hygiene protocols, and adapting the best practices of international organizations, in particular ENISA and ISO/IEC. The practical significance of the work lies in the fact that the conclusions and recommendations can be used by heads of educational institutions, IT specialists, and government agencies when developing information security policies, improving cyber resilience, and creating a secure digital educational environment.
References
Shvardak, M. V. (2025). Cybersecurity in the digital educational space [Kiberbezpeka u tsyfrovomu osvitnomu prostori]. Scientific Journal of the Khortytsia National Academy, 1(12), 26–33. https://doi.org/10.51706/27073076-2025-12-2 [in Ukrainian].
Kovalenko, V., & Osypchuk, T. (2024). The problem of developing teachers digital competence in cybersecurity in general secondary education institutions [Problema rozvytku tsyfrovoi kompetentnosti z kiberbezpeky vchyteliv zakladiv zahalnoi serednoi osvity]. Physical and Mathematical Education, 39(2), 35–41. https://doi.org/10.31110/fmo2024.v39i2-05 [in Ukrainian].
Savchenko, V., & Makliuk, O. (2024). Cybersecurity as a factor of the effectiveness of higher education institutions [Kiberbezpeka yak faktor efektyvnosti funktsionuvannia zakladiv vyshchoi osvity]. Economics and Society, 60. https://doi.org/10.32782/2524-0072/2024-60-24 [in Ukrainian].
Bakhmat, N., Popadych, O., Derkach, L., Shvardak, M., Lukashchuk, M., & Romanenko, V. (2022). Using information technologies to train today teachers in the educational environment. Revista Romaneasca Pentru Educatie Multidimensionala, 14(2), 479–499. https://doi.org/10.18662/rrem/14.2/591
Pavliuk, B. V., Rozputnia, B. M., & Kyslytsyn, V. V. (2024). Complex information security systems in educational institutions: Modern technological solutions and prospects [Kompleksni systemy zakhystu informatsii v osvitnikh zakladakh: Suchasni tekhnolohichni rishennia ta perspektyvy vprovadzhennia]. Pedagogical Academy: Scientific Notes, 7, 1–17. https://doi.org/10.57125/pedacademy.2024.06.29.10 [in Ukrainian].
Pleskach, M., Pleskach, V., Semenchenko, A., Myalkovsky, D., & Stanislavsky, T. (2020). Standardization in the field of cybersecurity and cyber protection in Ukraine. Information & Security An International Journal, 45, 57–76. https://doi.org/10.11610/isij.4504
Pchelina, O. V., Skulysh, Y. D., Buglak, I., & Myroniuk, R. V. (2021). Experiencia internacional en garantizar la ciberseguridad en el país y posibilidad de aplicarla en Ucrania. DIXI, 23(2), 1–16. https://doi.org/10.16925/2357-5891.2021.02.01
Penchev, G., & Shalamanov, V. (2022). Governance consulting services and tools: Governance model design for collaborative networked organisations in the cyber domain. Information & Security An International Journal, 53, 147–160. https://doi.org/10.11610/isij.5310
Chowdhury, N., & Gkioulos, V. (2021). Cyber security training for critical infrastructure protection: A literature review. Computer Science Review, 40, 100361. https://doi.org/10.1016/j.cosrev.2021.100361
Maglaras, L., Janicke, H., & Ferrag, M. A. (2022). Cybersecurity of Critical Infrastructures: Challenges and Solutions. Sensors, 22(14), 5105. https://doi.org/10.3390/s22145105
Aaltola, K., & Ruoslahti, H. (2020). Societal impact assessment of a cyber security network project. Information & Security An International Journal, 46(1), 53–64. https://doi.org/10.11610/isij.4604
Van Goethem, E., & Easton, M. (2021). Public-private partnerships for information sharing in the security sector: What’s in it for me? Information & Security An International Journal, 48, 21–35. https://doi.org/10.11610/isij.4809
Penchev, G., & Shalamanova, A. (2020). A Governance Model for an EU Cyber Security Collaborative Network – ECSCON. Information & Security: An International Journal, 46(1), 99–113. https://doi.org/10.11610/isij.4607
Yuskovych-Zhukovska, V. I., Solovei, L. Ya., Lotiuk, Yu. H., & Blyzniuk, S. V. (2025). Formuvannia bezpekovoho tsyfrovoho osvitnoho seredovyshcha [Formation of a secure digital educational environment]. Visnyk Mizhnarodnoho ekonomiko-humanitarnoho universytetu imeni Akademika Stepana Demianchuka, 2, 208–213. https://doi.org/10.32782/3041-2021/2025-2-31 [In Ukrainian].
Trofymenko, O. H., Lohinova, N. I., Manakov, S. Yu., & Dubovoi, Ya. V. (2022). Kiberzahrozy v osvitnomu sektori [Cyber threats in the educational sector]. Kiberbezpeka: osvita, nauka, tekhnika, 4(16), 76–84. https://doi.org/10.28925/2663-4023.2022.16.7684 [In Ukrainian].
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Автори, які публікуються у цьому журналі, погоджуються з наступними умовами:
a) Автори залишають за собою право на авторство своєї роботи та передають журналу право першої публікації цієї роботи на умовах ліцензії Creative Commons Attribution License, котра дозволяє іншим особам вільно розповсюджувати опубліковану роботу з обов'язковим посиланням на авторів оригінальної роботи та першу публікацію роботи у цьому журналі.
b) Автори мають право укладати самостійні додаткові угоди щодо неексклюзивного розповсюдження роботи у тому вигляді, в якому вона була опублікована цим журналом (наприклад, розміщувати роботу в електронному сховищі установи або публікувати у складі монографії), за умови збереження посилання на першу публікацію роботи у цьому журналі.
c) Політика журналу дозволяє і заохочує розміщення авторами в мережі Інтернет (наприклад, у сховищах установ або на особистих веб-сайтах) рукопису роботи, як до подання цього рукопису до редакції, так і під час його редакційного опрацювання, оскільки це сприяє виникненню продуктивної наукової дискусії та позитивно позначається на оперативності та динаміці цитування опублікованої роботи (див. The Effect of Open Access).
