نشریه مطالعات راهبردی فضای سایبر
پیاپی 3 (تابستان 1401)

in the course of progress , with emphasis  on information technology , as a common choice , countries have provided new field for competition between countries and organizations .the low cost of entry , unknown  geographical domain threatening , impact of public transparency and  lack of public transparency in  cyberspace caused powerful and weak players  such as governments , organization and terrorist groups and  even people to this space  and threats   such as cyber - terrorism , cyber terrorism , cyber - terrorism ,  cyber crime and such threats .the present study aimed to provide a conceptual model for cyber - defense of the country by focusing on the dimensions and components of cyber - security of the country , while searching and identifying the effective factors in cyber - defense of the country  .  and by  analyzing qualitative data and  analyzing the content of  the dimensions  , indicators and indicators were identified and while evaluating their impact on each other and aggregation of findings , the conceptual model presented .

The National Information Network of the Islamic Republic of Iran is considered a rule of the country in cyber space, and not only is comparable to other dominations of the country in land, air, marine and spatial areas, due to the dependence of the vital infrastructure of the country to this space, irrelevant and diversity, plurality, and The complexity of technologies is of great importance and the use of a suitable strategic model for its security analysis will be necessary. The present research will address this important and analyzed and analyzed related documentation, significant factors (dimensions, components and indicators) the conceptual model and model has been drawn. In order to inform the conceptual model, a questionnaire was adjusted based on the Likert spectrum and provided 30 experts (paper and electronic) and ultimately 26 questionnaires were collected. In order to accurately infer the statistical results, structural equation modeling with partial least squares method (PLS) was used in SmartPLS software for analyzing research data. The results showed that security analysis should be observed in four steps (related to each other and feedback), observing and prevention, Discovery and direction, decision-making for response and ultimately action (reaction) and prediction (analysis), under centralized management "Center for Coordination, Control, Monitoring and Evaluation" (according to the integration of the Vincent Landers model and Gartner's compatible security architecture) and the kidney The results and feedback of the pattern should also be analyzed and continuous evaluation. To realize this, it is necessary that the two centers "of the security analysis of the National Information Network of Information (Analysis and Presidation of Requirements)" and "coordination, control, monitoring and evaluation (feedback, analysis, evaluation of results, reforming processes and communities Control commands) are considered (research innovations) to prepare for processing processes, promote security and control commands.

Today, cyber attacks and threats are more effective and complex than in the past. Accordingly, cyber defense solutions have become more diverse and in addition to the defensive approach, has gone to eliminate the threat. Since the creation of any effective cyber defense system requires the design of its conceptual model and the variety of defense methods and the difference in their implementation is significant; Researchers have tried to provide a conceptual model of cyber defense, review the existing solutions in the world with a macro view of cyberspace and interact with each other and provide a new and comprehensive classification in this regard.The present research is descriptive and of development-applied type. Using the library method, researchers have examined the theoretical foundations and by applying the rational method and conducting in-depth interviews with experts, have achieved a conceptual model of cyber defense. In the present study, defensive, preventive, preemptive, predictive, active, reactive defense methods, use of security systems and equipment and deception, installation of security patches, security alerts and alerts, information and communication security , Security policy, disconnection of suspicious communications, prevention of continuation and spread of attack, criminalization and elimination of vulnerabilities, in two parts of active and passive cyber defense and by indexing the attack, before, during and after the cyber attack Are divided.

today , infrastructure is an important part of life , growth and dynamism of societies .economic sustainability , community life quality and national security  stability are  significantly  dependent  on  availability , persistence  and  sustainability of  the  country 's vital infrastructure .due to the increasing reliance on cyber space and cyber threats , the defense approach  of  them should  also be  a smart  approach ; therefore , this  paper  aims  to  achieve a  model  for cyber smart  defense  of the vital  infrastructure of the islamic republic of iran .in the present study ,  theliterature and theoretical foundations , including  concepts , classification and types of critical infrastructures , infrastructure reliance  on cyber space , cyber space awareness  , smart defense , threats and  vulnerabilities of critical infrastructurs , cyber - defense  and  challenges of  emerging technologies  in  critical infrastructures were studied  .then by scrutiny and analysis  of upstream documents  and comparative study of models , patterns , frameworks , designs and methods of national and international cyber - defense , dimensions , components and indicators were identified and conceptual model of research  was drawn .to evaluate the conceptual model , a questionnaire based on five options  likert scale was set  and  the validity and  reliability of the questionnaire  was confirmed by questionnaire .then  , the  final questionnaire was provided to 80  experts and practitioners in the field and the expert  opinion was obtained 72 people .in order to  analyze  the research data and to confirm the factor of conceptual model of research , smart p .l .s ) using  partial least squares method .based on the calculations carried out by this tool , the overall fitting of model equivalent model  was obtained  indicating  strong fit  of  model .finally , according to the dimensions , components and indicators confirmed by the analysis tools , the conceptual model of research was modified and finalized .

The role of strategic plans in the development of countries is obvious. Study of strategic documents prepared specifically, codified cases in the field of cyber; A way to identify ways and thoughts is based on priorities and strategies that reflect the comprehensive thoughts and plans of other societies. The use of cyber experiences of other countries in the production of strategic documents, with an emphasis on countries that are known as owners of technology and power, plays an important role in the production of comprehensive strategic barriers. In this article, considering the importance of compiling the important axes of the cyber strategic document of the Islamic Republic of Iran, while reviewing the upstream cyber documents prepared in the country, the national cyber strategic document of the USA; White House Statement 2018, Strategic Document on Cyber Security of the China; Announcement by the Ministry of Foreign Affairs in 2017 and the EU National Cyber Security Strategy Document; The 2012 Communication, as the last EU document in this field, has been reviewed by comparative study method. In this regard, the axes of comparative study have been extracted and after expert approval, necessary measures have been taken to determine the important axes of the country's comprehensive national cyber strategic document. As a result, eight axes were determined as the minimum axes for the country's strategic document as the lessons learned in this field as the initial guidelines.

According to the nation-state method of government, states (with equal rights) must have sovereignty over their own lands and their own internal affairs, so that other states can not interfere in their affairs.With the advent of cyberspace, these rights need to be extended to this space.The patterns of cyber governance in the world follow the two dominant American and Chinese models. How the Islamic Republic of Iran deals with cyberspace in the world is not clear and it is not clear which model it should follow or whether it needs to develop a native model of the Islamic Republic of Iran.In this applied and developmental research, theoretical foundations were analyzed and the effective factors of statistics and conceptual model were drawn by the method of data theory of the foundation.The summary of the findings of this study indicates that no tangible result has been found so far regarding the formulation of treaties on how to govern in cyberspace. In this study, the model of participation of the Islamic Republic of Iran in the international cyber governance system was counted, and the implementation of this model with the focus on the Supreme Council of Cyberspace is one of the main executive proposals of this research.