Module of the automated control system of uniform customer support department (ESPP ACS) of the Russian Railway

The Digital Design company completed at the beginning of 2014 the project on development and deployment of the functional module of the automated control system of uniform customer support department (ESPP ACS) of JSC "Russian Railways" regarding response to incidents of information security. Now more than 600 IT specialists of the customer work with the software, processing up to 3000 incidents of information security a month.

JSC Russian Railways is included into the three of the largest world railway companies and provides 43.2% of cumulative goods turnover and about 39% of a passenger turnover of Russia. IT support of such large structure is performed by the uniform enterprise – the Major Computer Center (MCC) – the Russian Railway branch of JSC having 17 territorial structural divisions in regions of Russia. 11 thousand IT specialists working in GVTs provide functioning more than 1000 main and auxiliary IT systems.

JSC "Russian Railways" constantly monitors the level of technical development of IT services in the company and aims at business process optimization in scales of all organization. The company made the decision to continue automation of work with incidents of the information security (IS) regarding the malware.

"The scheme of work with incidents of cybersecurity existing earlier in JSC "Russian Railways" led to unsystematic, local solution of the arising questions. On these tasks a lot of time, especially if to consider scales of IT infrastructure of all organization left. We systematically moved in the direction of automation of work in this area therefore the solution to automate processes regarding fight against the malware was quite logical continuation of our rate. Further we will continue work in this direction, having expanded it on other types of incidents of information security" — Alexander Glukhov, the deputy chief of department of security of JSC "Russian Railways" told.

Develop an incident management process of information security, automate it and it was entrusted to implement Digital Design – the companies, large projects which executed earlier for JSC "Russian Railways" a row. According to the results of work the customer received a universal incident management process of information security. The viruses detected on client computers and servers by agents of an antivirus of Kaspersky and classified by the set algorithms are fixed in the automated control system of uniform customer support department (ESPP ACS) in the form of cybersecurity incidents. Thanks to what each of them understands and eliminated now.

"What was eliminated manually earlier, or at all remained unaddressed, today is carefully processed. All accumulated information not only gathers, but also is analyzed. As a result a system not only appoints the contractor for the solution of each specific incident, but also the ready option automatically proposes its solutions, relying on the saved-up data. Such scheme of work allows to reduce significantly time expenditure by the solution of standard incidents of cybersecurity", - Svetlana Podkhlebnaya, the project manager on implementation of the module of information security, Digital Design reported.

The developed functional module allows to solve several problems at once: raise as the speed of reaction and efficiency of identification of the reasons of incidents of cybersecurity, and reliability of the received results on identification of the reasons of such incidents. Moreover, the module defines necessary actions for elimination of effects of incidents and application of counter-measures. Also the solution provides automation of an incident management process of information security regarding the malware, operational informing on such cases and process of their elimination. Use of the module allows to prepare the necessary authentic reporting on incidents.