The article discusses the mechanism of creating an information security ecosystem and its organization model, as well as analyzes the requirements for information protection, functional areas of information protection, and rules for building information security ecosystems. Based on this analysis, the article formulates the main principles for building information security ecosystems, including the principles for developing the ecosystem architecture, the principles for organizing the protection of objects, the principles for applying technologies, and the principles for implementing management. The analysis of the main elements of the information security ecosystem has been carried out. Based on the traditional view of responding to a threat, the functionality of the elements of a typical information security ecosystem has been determined. An alternative approach to building an information security ecosystem has been proposed, based on defining the composition and functionality of its elements, taking into account the purpose, characteristics, and vulnerabilities of the protected objects themselves

Keywords: information security, ecosystem, building principles, standard, cybersecurity framework, information security tools

The article discusses current threats and vulnerabilities of telephone subscribers in the context of mass digitalization, the development of artificial intelligence and machine learning technologies, and their use in fraudulent scenarios. The study analyzes the main vulnerability factors and provides statistical data on telephone fraud incidents in Russia and abroad. Special attention is given to the phenomena of trust in authority, insufficient digital literacy, and the use of voice synthesis and deepfake technologies for social engineering attacks.

Keywords: social engineering, fraud, vishing, deepfake, artificial intelligence, digital literacy, information security

The article provides a reasonable definition of an intelligent digital twin of an information security protection object and identifies the main stages of its development. The article also develops set-theoretic models of the protection object and the intelligent digital twin, which allow for the identification of their identical components and distinctive features that determine the mechanism for countering threats. Based on the provisions of the conflict theory, the relationship between the protected object and the threat was identified in the absence of an intelligent digital twin, as well as in the presence of an intelligent digital twin in the system of protecting the object from information security threats. The obtained macro-dynamic models of the considered situations allow us to justify the feasibility of implementing a mechanism for protecting the object from information security threats based on the use of its intelligent digital twin and to assess the overall effect of its application.

Keywords: information security, object of protection, intelligent digital twin, threat, set-theoretic model, conflict theory, macrodynamic model

The article provides a brief analysis of information security measures, which allowed us to substantiate the leading role of technical measures for protecting elements of computer systems, digital systems, cellular communication systems, and users of these systems in modern conditions. The analysis of the growth of cybercrime indicators in Russia revealed the obsolescence of the existing comprehensive approach to protecting elements of computer systems, digital systems, cellular communication systems, and users of these systems, and determined the necessity, timeliness, and relevance of creating and using an information security ecosystem. An analysis of existing single solutions for creating and using information security ecosystems revealed the need to use intelligent digital twins of protected objects to neutralize information security threats. Based on this analysis, the features of implementing an information security ecosystem using intelligent digital twins of computer systems, digital systems, cellular communication systems, and users of these systems have been identified.

Keywords: information security ecosystem, intelligent digital twin, information security threat, vulnerability analysis, threat monitoring and detection, and attack protection and prevention