Rostelecom Cyberindex

Main article: Data mining Data mining

2025: Creation of "Cyberindex"

Rostelecom has created a convenient tool for assessing the security of data of its subsidiaries - Cyberindex. At the same time, the instrument is universal and applicable to other large holdings like Rostelecom, where each enterprise has its own specifics. With the help of Cyberindex, you can not only create an idea of ​ ​ the level of maturity of the holding companies, but also build systematic work to constantly improve information protection, taking into account the peculiarities of each business. The company announced this on April 2, 2025.

𝓲

Фото: Rostelecom

Cyberindex provides an opportunity not only to assess the level of maturity cyber security in the companies included in the group, but also to organize systematic work for continuous improvement. information protection It helps you assemble the necessary, data verify compliance, and analyze the effectiveness of existing security systems and related processes. When evaluating, Cyberindex takes into account all aspects of the application of protection technologies, for example, the sufficiency of existing licenses, infrastructure coverage, actual use, as well as the availability of procedures for responding to detected incidents.

{{quote 'author=said Mikhail Savelyev, director of Rostelecom's information security methodology department. | The Rostelecom group includes companies of different profiles operating in all market segments, and the level of protection against cyber threats varies in them. To effectively help each company, we have created a flexible system of requirements that takes into account the specifics and real threats for each business. Cyberindex has become a real compass for us in the world of cybersecurity - we have strengthened control in all key processes and set up resource allocation, further increasing the accuracy of the response. I am confident that our experience will be useful for large companies interested in a powerful and effective tool for managing the security of their structures,}}

Customers can use Cyberindex in two ways: independently evaluate their security systems or involve Rostelecom experts to conduct an independent assessment. Based on the results of the analysis, they will receive a comprehensive assessment based on more than 40 security domains, including security management, access control, asset inventory and compliance (compliance). Regular assessments allow you to track the dynamics of changes in the level of maturity of information security within subsidiaries, compare current indicators with targets and identify priority areas for improvement.

When developing Cyberindex, the Rostelecom team took into account the best world practices, such as ISO 27001/27002, NIST Cybersecurity Framework and COBIT 6. The methodology adapts flexibly to the requirements of different companies, which allows you to customize assessment criteria depending on the level of maturity: for example, more complex checks, such as risk management and data protection, can only be applied to organizations with a high level of maturity, while basic requirements, such as antivirus protection and multifactorial authentication, are included in the minimum required set.