DialogNauka

The founders of the company were JV Dialog and the Computing Center of the Russian Academy of Sciences. Until this 2 years, the team was known as the Scientific Center of the Joint Venture "Dialogue" at the Computing Center of the Russian Academy of Sciences. The first and most famous domestic products supplied by the company were Aidstest antivirus since 1990, ADinf auditor since 1991 and Doctor Web antivirus since 1994.

DialogueNauka offers a range of services in the development, implementation and maintenance of comprehensive information protection systems, including:

• conducting a security audit in order to analyze the current state of security of the information system;
• development of information security concepts and other regulatory documents regulating information protection issues;
• design, development and implementation of integrated information security systems;
• software and hardware supply in the field of information protection;
• technical support of supplied solutions and products.

DialogueNauka carries out its activities on the basis of licenses from the Federal Service for Technical and Export Control (FSTEC), the Federal Security Service (FSB ) and the Ministry of Defense of the Russian Federation.

The DialogueScience partner network covers over 100 cities of Russia and has more than 400 partner companies.

DialogueNauka is a member of the Association for the Protection of Information (ADI), the Association for Documentary Telecommunications (ADE) and a candidate member of the ABISS Community. The company is a certified partner of BSI Management Systems.

The quality management system of DialogueNauka is certified for compliance with the requirements of ISO 9001:2000.

The DialogueNauka system integrator has a Qualified Security Assessor (QSA) accreditation, which allows you to conduct a certification audit for compliance with the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS standard is designed to ensure the security of processing, storage and transmission of data about payment card holders in the information systems of companies working with international payment systems Visa, MasterCard and others.

Performance indicators

2016

In 2016, DialogueNauka's revenue amounted to 1.367 billion rubles, which is 20.2% higher than in 2015. [1] According to the results of 2016, DialogueNauka took 58th place in the ranking "TAdviser100: The Largest IT Companies in Russia."

2010

The company was able to increase its annual turnover by 53% compared to 2009. The company was able to expand the range of information security services and solutions offered, as well as increase the number of our customers. Over the past year, a large number of large projects have been implemented to protect personal data, implement the standard of the Bank of Russia STO BR IBBS, create situational centers for information security management, conduct security audits, etc.

History

2018

Inclusion in the Subcommittee No. 1 "Security of Financial (Banking) Operations" TK 122

On December 4, 2018, DialogueNauka announced that it was included in the Subcommittee No. 1 "Security of Financial (Banking) Operations" of the Technical Committee No. 122 "Standards of Financial Operations," which operates with the support of the Federal Agency for Technical Regulation and Metrology (Rosstandart).

The main tasks of the Technical Committee for Standardization "Financial Transaction Standards" (TK 122) are to organize and coordinate the development of national financial transaction standards, adapt existing international standards in order to improve the efficiency of the Russian financial services sector and integrate with international financial markets. The structure of the Technical Committee includes three specialized sub-committees. First Deputy Governor of the Bank of Russia Olga Skorobogatova is the Chairman of TC 122.

The Chairman of Subcommittee No. 1 is Artem Mikhailovich Sychev, First Deputy Director of the Information Security Department of the Bank of Russia.

The activities of the Subcommittee No. 1 "Security of Financial (Banking) Operations," of which DialogueNauka became a member, are to ensure the security of banking activities, financial operations and include the following areas:

• development of national standards for ensuring the security of financial (banking) operations on the basis of documents in the field of standardization of the Bank of Russia STO/RS BR IBBS "Ensuring information security of BS organizations of the Russian Federation" (both current and new);
• harmonization of international standards issued under the jurisdiction of ISO/TC 68/SC 2 "Security management and general banking operations," as well as promotion of domestic experience;
• harmonizing professional standards for ensuring information security of the banking and payment industries (PCI Council/PCI DSS standards, EPC/European Payment Council recommendations, etc.).

The plenipotentiary representative in the subcommittee from DialogueScience approved the Director of Consulting Anton Svintsitsky.

The inclusion of our company in Subcommittee No. 1 of TK 122 will allow us to actively participate in the discussion and development of proposals on regulatory legal acts that are being developed by the Bank of Russia, - commented on the inclusion of DialogueScience in Subcommittee No. 1 "Security of Financial (Banking) Operations" TK 122, CEO Viktor Serdyuk.

BSI ACP Member

In September 2018, it announced the renewal of a partnership agreement with BSI Management Systems CIS, a company specializing in the provision of training services, certification and standardization of management systems. The presence of DialogScience in the register of BSI ACP Program participants allows the company to provide consulting services for the development of information security management systems for enterprises for compliance with the ISO 27001 standard and their preparation for certification in BSI.

Renewal of FSTEC licenses for the protection of state secrets

DialogueNauka, a system integrator in the field of information security, on July 4, 2018 announced the extension until February 5, 2023 of licenses of the Federal Service for Technical and Export Control for work related to ensuring the protection of information constituting a state secret.

Licenses allow DialogScience to develop, produce, implement, install, as well as install, adjust, test, repair and service technical means of information protection, protected technical means of information processing, technical means of monitoring the effectiveness of information protection measures, software (software and hardware) means of information protection, protected software (software and hardware) means of information processing and software (software and hardware) means of monitoring information security.

Obtaining licenses from FSTEC confirms the capabilities of DialogueScience to protect not only confidential information, but also information constituting a state secret, the company emphasized.

3DS Assessor Status within PCI DSS Direction

DialogueScience received 3DS Assessor status from the PCI Security Standards Council. 3DS Assessor companies are accredited by PCI SSC to perform PCI 3DS Core Security Standard compliance audits. To obtain this status, the company must have QSA accreditation, as well as meet additional requirements. In particular, consultants with 3DS Assessor qualifications must undergo special training and pass the corresponding PCI 3DS Core Security Standard exam.

3DS Assessor status gives DialogScience the right to conduct a certified audit of participants in the payment process using bank cards protected using 3-D Secure Technology (PCI 3DS), for compliance with the PCI 3DS Core Security Standard.

2017

Include in SWIFT Directory of Cyber ​ ​ Security Service Providers

DialogueNauka, a system integrator in the field of information security, was added cyber security to the Directory of Cyber ​ ​ Security Service Providers for SWIFT users in December 2017.

SWIFT is a global provider of secure financial messaging. More than a million transactions on money transfers, interbank payments, securities pass through SWIFT per day. In 2016, SWIFT developed the CSP (Customer Security Program), a user security program to assist customers in securing and protecting local infrastructure, and to create a safer financial ecosystem.

The SWIFT CSCF (Customer Security Controls Framework) describes the mandatory and recommended controls for SWIFT users.

Activities within the CSP include the implementation of control elements and the passage of an annual audit of the local infrastructure for compliance with those that are mandatory. In this regard, to help SWIFT participants, a Directory of Cyber ​ ​ Security Service Providers was created.

Having all the necessary competencies in the field of information security, DialogueNauka was included in the list of SWIFT Directory of Cyber ​ ​ Security Service Providers and is ready to provide high-quality audit and consulting services in accordance with the SWIFT CSCF standard.

The inclusion in our portfolio of consulting services in the field of SWIFT CSCF will allow our clients to receive from one supplier a full range of services to assess compliance with Russian and international standards in the field of security of credit and financial organizations, - said Viktor Serdyuk, General Director of DialogueNauka JSC.

Replenishing the product portfolio with ilusive networks solutions

DialogueNauka, a system integrator in the field of information security, and Tiger Optics, a distributor of illusive networks in Russia, entered into an agreement in September 2017. In accordance with the agreements reached, DialogueNauka will use ilusive networks solutions as part of complex projects for corporate customers.

Tiger Optics is the official distributor of illusive networks in Russia. Ilusive networks are designed to protect against the most complex and dangerous targeted attacks in which an attacker has already entered the customer's corporate network. The peculiarity of ilusive networks is the creation of special "decoys" for such an attacker. Administrative accounts, false network services and other objects can act as such "decoys." Triggering any of the decoys placed on the corporate network allows you to detect an attacker in a timely manner.

At the same time, illusive networks do not require the installation of agents on user workstations, and the "lures" themselves are not visible to the legal user of the customer's corporate network. This solution complements all existing classes of security that can already be used by the customer.

The concluded agreement with Tiger Optics gives DialogueScience the right to use illusive networks solutions as part of comprehensive information protection projects for corporate customers. The companies also plan to hold joint events on illusive networks technologies for potential users, organize training, consultations, participate in exhibitions and conferences, various marketing campaigns, promotions and programs.

2012

DialogueNauka received a certificate of accreditation in the field of personal data from the Federal Service for Supervision of Communications, Information Technologies and Mass Media (Roskomnadzor) in the fall of 2012. Now DialogueNauka, as an expert organization, can be involved by Roskomnadzor in inspections of operators processing personal data (PD).

In accordance with the current legislation, Roskomnadzor is an authorized body for the protection of the rights of personal data subjects and is entrusted with ensuring control and supervision over the compliance of PD processing with the requirements of the Federal Law "On Personal Data."

In carrying out control measures, Roskomnadzor engages individual organizations and specialists as, respectively, expert organizations and experts to assess the effectiveness of technical measures to ensure the safety of personal data when they are processed in non-state personal data information systems (ISDS).

The Roskomnadzor accreditation certificate is valid for five years and confirms that DialogueScience specialists have the necessary expert knowledge and skills to perform the following works:

• examination and determination of the level of protection of non-state ISDS used by the operator in the implementation of its direct activities;
• assessment of conformity of applied technical means of information protection;
• assessment of the sufficiency and effectiveness of the technical measures taken by the operator to ensure the safety of personal data during their processing in non-state personal data systems;
• conducting studies, examinations and investigations aimed at establishing a causal relationship between the revealed violation of the mandatory requirements of the legislation of the Russian Federation in the field of PD.

2011

Passed certification within the framework of a voluntary certification system, GAZPROMSERT thereby confirming its compliance with the requirements for suppliers of OJSC Gazprom"." DialogueNauka has received a Certificate of Conformity for the design, installation, commissioning and maintenance of systems and tools, information protection including information systems in a protected version. Issued the Certificate "Scientific and Testing Institute of Integrated Security Systems." To obtain this document, DialogueNauka passed several stages of the survey. Initially, financial statements for the last three years of operation were submitted to the certification body to confirm the financial stability of the company. At this stage, documents were also submitted confirming the availability of the required number of certified specialists. An additional advantage of DialogueScience was the presence of a certificate for the quality management system according to ISO 9001:2000. The next step is the examination of an already implemented project to create a comprehensive system information security for one of the enterprises of GAZPROM OJSC. The results of the examination confirmed that the specialists of the DialogueNauka company fulfilled this project with high quality. Based on the analysis of all the submitted reporting documents and the results of the examination, the certification body decided that DialogueNauka has highly qualified personnel, the necessary experience and competencies to carry out work in Gazprom and its structures. The relevant certificate is issued for a period of 2 years.