The analysis of digital footprints (DF) related to the cybersecurity (cyber risk) user behavior of university information and education systems (UIES) involves the study and evaluation of various aspects of activity in the systems. In particular, such analysis includes the study of typical patterns (patterns) of access to UIES, password usage, network activity, compliance with security policies, identification of anomalous behavior, and more. It is shown that user behavior in UIES is represented by sequences of actions and can be analyzed using the sequential analysis method. Such analysis will allow information security (IS) systems of UIES to efficiently process categorical data associated with sequential patterns of user actions. It is shown that analyzing sequential patterns of cyberthreatening user behavior will allow UIES IS systems to identify more complex threats that may be hidden in chains of actions, not just individual events. This will allow for more effective identification of potential threats and prevention of security incidents in the UIES.

It has been demonstrated that technologies and methods of intelligent data analysis (IDA) in the educational domain, particularly based on the analysis of digital traces (DT) of students, offer substantial opportunities for analyzing student activities. Notably, the DT of students are generated both during remote learning sessions and during blended learning modes. By applying IDA methods to DT, one can obtain information that is beneficial for both the educator in a specific discipline and for the educational institution's management. Such information might pertain to various aspects of the functioning of the digital educational environment (DEE) of the institution, such as: the student's learning style; individual preferences; the amount of time dedicated to a specific task, among others. An algorithm has been proposed for constructing a process model in the DEE based on log analysis within the DEE. This algorithm facilitates the description of a specific process in the DEE as a hierarchy of foundational process elements. Additionally, a model based on cluster analysis methods has been proposed, which may prove beneficial for analyzing the registration logs of systemic processes within the university's DEE. Such an analysis can potentially aid in detecting anomalous behavior of students and other individuals within the university's DEE. The algorithms proposed in this study enable research during log file analysis aimed at identifying breaches of information security within the university's DEE.