Building a Concept for Cyber Security of an Educational Organization in Bulgaria

Abstract

Background: The topic of cyber security of organizations is becoming more relevant for modern societies. In that area, both scientific research and practical applications of various platforms, technologies, and tools for guaranteeing security levels have undergone serious development in recent years. The research objective is based on a study of leading literature sources and the accumulated experience in the subject area to propose and approve an adequate model for ensuring cyber security of an educational institution. Methods: Different organizations adopt different approaches and apply different methods to create systemic conditions for ensuring cyber security. The methods used in the research are based on the specifics of the business processes that take place in the organizations. Based on them, the specifics of educational organizations are highlighted, which determine the creation of a relevant concept of cyber security with appropriate technological measures. Results: The concept proposed in the present study is based both on the current legal framework of the European Union and the Republic of Bulgaria, as well as on good practices and approaches in the subject area. The concept has been implemented and the presented results prove its usefulness for the educational organization. The period to which the empirical part of the study refers is 2022-2023. Conclusions: The main results of the study are in the direction of achieved monitoring of the external perimeter of the organization, implemented monitoring of user behaviour, risk management of information assets, and increased cyber security of the organization.