Abstract
<jats:p>The article examines the fundamental aspects of the administrative and legal regulation of public administration bodies within the mechanism of ensuring Ukraine's information security. A comprehensive analysis of the administrative and legal regulation of state management activities within the information security system of Ukraine is conducted. The study explores the evolution of the concept of "information security," spanning from Renaissance philosophical concepts to modern digital resilience standards. Particular attention is paid to the 2021 Information Security Strategy as the foundational regulatory document defining the protection of sovereignty and citizens' rights in the digital space. The work provides a detailed description of the system of information security actors, classifying them by competence and levels of management. It identifies the specific functions and powers of key authorities: the Security Service of Ukraine (counterintelligence protection), the State Service of Special Communications and Information Protection of Ukraine (the technological core and cyber defense), and the National Security and Defense Council of Ukraine (strategic coordination). Attention is also given to methods of administrative and legal regulation, highlighting imperative and dispositive methods, as well as methods of certification, registration, and collegial control. In the context of European integration, the study analyzes foreign experiences from Germany, France, and the USA, particularly regarding the implementation of standardized response plans ("Playbooks") and the oversight of critical infrastructure. Based on the conducted research, conclusions are formulated regarding the necessity for further harmonization of Ukrainian legislation with European standards (GDPR, NIS) and the improvement of interagency cooperation to strengthen national resilience in the face of hybrid aggression.</jats:p>