Information Technology Center of the Republic of Buryatia protects the public sector with the help of Positive Technologies products

2024: Using Positive Technologies Solutions

The Information Technology Center of the Republic of Buryatia protects the public sector with the help of the products of Positive Technologies, which announced this on June 26, 2024.

The Information Technology Center of the Republic of Buryatia is building effective cybersecurity. The first step towards this was the introduction of MaxPatrol SIEM, PT Network Attack Discovery (PT NAD), and MaxPatrol VM. The project is supported by a partner - SIMPLE.

The systems have already proven their effectiveness by allowing the Center to ensure the cyber stability of state IT assets during the presidential elections in Russia in 2024.

The main goal of the project is to build an effective protection system that will allow, in conditions of personnel hunger and a shortage of competencies among specialists to repel advanced attacks, to identify and eliminate cyber threats before organizations suffer unacceptable damage. The first stage of the project provided for the automation of vulnerability scanning processes, as well as monitoring suspicious activity in the infrastructure and behavioral analysis of network traffic. To implement these tasks, the Information Technology Center conducted a thorough selection of vendors and solutions and as a result made a choice in favor of Positive Technologies products: MaxPatrol SIEM, PT NAD and MaxPatrol VM. The organization plans to develop a project that will cover the protection of all IT assets of the regional public sector by creating a single e-government security center.

We are implementing the first large-scale cybersecurity project in the region, and several key steps towards building an effective protection system have already been taken on the basis of Positive Technologies products that meet the criteria that are important for us, "said Bertunova Beligma Bazarovna, head of the State Budgetary Institution of the Republic of Buryatia" Information Technology Center. " - First of all, we need technologies to help reduce the personnel shortage for information security specialists, the level of expertise that we receive together with products for a timely and successful response to cyber threats is important for us.

As part of the project, domain infrastructure assets, network equipment, web applications, databases and security tools were connected to MaxPatrol SIEM. Among the latter are PT NAD: an NTA system for behavioral traffic analysis, which not only successfully detects threats and attacks in the corporate network, but also helps to keep IT asset data up to date. PT NAD transmits to MaxPatrol SIEM data on network configuration and asset connections, triggering of reputation lists [1], rules for detecting anomalies and complex threats, as well as information about files detected in sessions. During the implementation of MaxPatrol VM, an inventory and prioritization of IT assets was carried out, a schedule was created for scanning for vulnerabilities according to a consistent SLA for elimination. According to trend vulnerabilities, the data on which is received by the product within 12 hours, the formation and sending of the report occurs automatically.

We have already made sure that the products are capable of solving the problems that face them. In particular, thanks to Positive Technologies technologies, the client's specialists, together with our engineers, managed to ensure the effective protection of state information systems during the election period and during preparation for them, - said Konstantin Sizov, director of SIMPLE.

From March 11 to March 19, 2024, engineers of the Information Technology Center, with the support of SIMPLE experts, defended government services around the clock.

As a result, during the elections, not a single cyber attack was allowed in the region, all systems functioned smoothly. Head of the Republic