Gazprom Media Holding (GPMH) (Security Vision Cyber Risk System (CRS))

2020: Monitoring system, analysis and correlation of events of security. Expansion of functionality regarding management of cyber-risks

Within development of the Security Vision project in JSC Gazprom-Media Holding the functionality of a system was expanded regarding process automation of risk management of cyber security.

Risk management of information cyber security represents the cyclic process consisting of identification of risks, hazard assessment and pro-active minimization of weight of risks of effects, possible in case of implementation. This process allows to select weak spots in the system of protection and also to estimate costs for their elimination. The purpose of this activity is the miscalculation of adequate protection of assets of the organization. For this purpose it is necessary not only to construct model of threats and the violator's model, but also to carry out the detailed analysis of sales opportunities of risks with development of measures for their decrease.

The module of risk management of cyber security is intended for automation of process of the analysis and information security risk management. This component gives an opportunity to maintain the risk register which includes not only the detailed description of vulnerabilities, but also threat implementation probability and also the assets which are endangered.

Risk management allowed:

• Define the card of risks of the company;
• Create the list of relevant threats of information security. A system includes the database of threats of FSTEC and also there is a possibility of addition of the list with users of a system;
• Create the list of vulnerabilities through which implementation of threats is possible. A system includes standard vulnerabilities and also there is a possibility of addition of the list with users of a system;
• Create the list of measures of protection. A system includes standard measures of protection and also there is a possibility of addition of the list with users of a system;
• Define area of assessment and collect the complete information about the current business processes;
• Create model of threats and the violator for each company asset;
• Carry out complex automated scoring of risks of information security with involvement of experts from different structural divisions;
• Develop the detailed plan of processing of risks, trace stages of its accomplishment and results of use of protective measures;
• Carry out express assessment by the staff of the company of own business processes without employee involvement of division of information security.