As Moscow protects information. Interview with the deputy administrator of DIT Alexander Gorbatko

TAdviser: What external threats are the most relevant for the Government of Moscow?

Alexander Gorbatko: Information security administrators of the Moscow Department of Information Technology reveal the different attacks. Generally all of them are connected with attempts of unauthorized access, overcoming means of protecting and receiving exclusive access to information resources of the city. The distributed attacks like "failure from service" (DDoS) are the most relevant.

TAdviser: Whether you carry out incident analysis? How does it help you with improvement of information system protection?

Alexander Gorbatko: The system of protection of information resources of the city includes components of registration of events. Using these tools, specialists carry out the analysis and correlation, reveal and set incidents of information security.

Having analyzed methods of the attack and its real and possible effects, the plan of rapid response is developed to minimize or reduce possible damage to "zero". In particular, data retrieveds during the analysis of DDoS attack allowed us to select the echelon solution which combines methods of "rough" and "thin" cleaning of traffic.

TAdviser: What project implemented by your department last year became the most large-scale?

Alexander Gorbatko: The largest project in 2014 upgraded the system of protection in the state information system in the End-to-end information system "Public Services in the field of Education in Electronic Form".

At the first stage the model of threats of information security was updated and approved with FSTEC of Russia, project solutions of creation of a system of protection are developed. To approve solutions and to estimate extent of their influence on work of end users, we created "a pilot zone". It became clear that it was succeeded to achieve the desirable objectives, but it led to deterioration in technological effectiveness of work of internal clients, decrease in indicators of ergonomics on the devices using the certified means of protecting.

TAdviser: What amount from the budget on information security directly is the share of data protection?

Alexander Gorbatko: In new projects questions of data protection will be an obligatory component of each creation or upgrade of an information system. Investments into data protection are planned at the level of 10-15% of the total amount of the expenses specified in the budget information security.

TAdviser: How you consider what trends will prevail in data protection in a domestic public sector?

Alexander Gorbatko: Change of approaches to data protection in the Russian public sector will be connected with the solution of the arisen contradictions between need of achievement of a required class of security and creation of the most comfortable working conditions of end users and also, considering scales of distribution of information technologies and a scope of different spheres of life activity of the city, expense reduction.