This article substantiates the imperatives of transforming the information security (IS) human risk management model at a digital industry enterprise using the theories of strategic management, psychological ownership (involvement), and cultural parameters of human activity. The types of strategies and strategic models of information security culture (ISC) have been substantiated. With the use of sociological research, the dominance in organizations of the ISC defensive strategy was revealed, the pattern of the transition from the defensive to the developing strategic ISC model was revealed, and then the transition to the integrative ISC management strategy, thus combining both strategic models. The concept of the draft Information security culture national standard, which can be the basis for the design and implementation of a standard of the same name for any enterprise, is presented.

本文利用战略管理理论、心理所有权（参与）和人类活动的文化参数，证实了在数字工业企业中转变信息安全 (IS) 人类风险管理模型的必要性。信息安全文化（ISC）的战略类型和战略模型已得到证实。通过社会学研究，揭示了ISC防御战略在组织中的主导地位，揭示了从防御性向发展战略ISC模式转变的模式，进而向综合ISC管理战略的转变，从而将两者结合起来。战略模型。信息安全文化国家标准草案的概念，