RusHydro completed the next stage of implementation of an end-to-end system of security

The A-sekyyuriti company completed project development of a system of security for RusHydro and carried out deployment, the press service of integrator reported on June 3, 2013.

Background

The necessity in system development for RusHydro company is caused by two factors, one of which - counteraction to the growing threats of terrorist and criminal character, the second — need of reduction of security systems of RusHydro in compliance to requirements of regulatory legal acts in the field of security of objects of power.

Job

Within competence and assigned tasks, specialists of the contractor developed the project of a security system based on the principles of anticipatory counteraction to acts of illegal intervention by methods of consolidation of the data streams reflecting a situation in power objects. Based on project works the initial stage of implementation of components of a system on a number of objects of the customer is completed.

For conceptual study of main units of a system the specialists of Global CST company having experience of implementation of the similar systems for large power holdings in Canada and the USA took part in the project. The commonly accepted foreign method of calculation of risks on main types of threats, including terrorist, criminogenic, technogenic, threats of information security, natural and others as a result of interaction and cooperation are adapted to regional specifics of Russia.

As a technology platform developments of Anteo Worldwide company are used.

Objectives

It is supposed, in the long term, each power object of the customer will be equipped with the operating system.

"Centralization of control functions by security taking into account specifics of infrastructure of RusHydro and regulatory requirements will reduce fragmentation of security systems and also will allow to optimize forces and means spent for security of objects of the company" — Alexander Filatov, the head of the department of economic safety and the mode of RusHydro noted.

Project Development

On July 2, 2015 the A-security company announced end of the next stage of the project of development and deployment of the end-to-end system of information security management (ETESISM) in RusHydro company.

Within this stage of work are carried out on the Volga hydroelectric power station, the Votkinsk hydroelectric power station, the Zhigulyovsk hydroelectric power station, the Zagorsk pumped storage power plant, the Kama hydroelectric power station and the Nizhny Novgorod hydroelectric power station.

Object of RusHydro, 2013

In ensuring compliance to requirements of RusHydro to information protection, the A-security company proposed the solution – KSUIB. The solution is intended for risk reduction, connected with damage to company assets, efficiency evaluations of actions for information security support and also for justification of costs for security.

Possibilities of KSUIB:

• a system allows to perform monitoring of events in mode 24х7 for timely detection and response to cybersecurity incidents,
• manage the key cybersecurity systems of branches,
• provide confidentiality of other information categories (in addition to the data which are personal data and a trade secret) according to requirements of the legislation of the Russian Federation and industry requirements.

In composition the flexible infrastructure with high fault tolerance corresponding to regulating documents of processing and protection of PDN, KT.

Within KSUIB are unrolled and subsystems function:

• subsystem of protection of KT and confidential information (functional modules of firewalling, detection and intrusion prevention and access isolation);
• subsystem of protection of virtual infrastructure;
• subsystem of protection and control of confidential documents;
• access control subsystem to communication ports automated workplaces and control of printing of users;
• subsystem of monitoring of network traffic;
• subsystem of control of changes;
• backup subsystem;
• subsystem of defense of perimeter;
• subsystem of control of integrity;
• subsystem of monitoring and information security management;
• subsystem of the analysis and risk management;
• subsystem of control of actions of administrators.

"Due to the current experience of implementation of KSUIB we managed to create the replicated solution allowing to exercise continuously control regarding information security which in the future we are going to implement on all objects of RusHydro. The solution corresponds to all required levels of protection, – Anatoly Ivanov, the associate director of department on special work types and data protection of JSC RusHydro told. – We constantly control functioning of a system, we reveal weak points, we update protection mechanisms depending on the nature of external and internal threats and we prove data protection methods. It would be desirable to note that one of security conditions at our enterprise – high professionalism of the command dealing with issues of information security, respect for balance of interests of the personality and the enterprise, training of users and observance of statutory rules of preserving of confidentiality".

Alexander Filatov, the director of the department of economic safety, the mode, special work types and data protection of JSC RusHydro reported: "In view of complexity of the project we separated its implementation into several stages, using Plan-Do-Check-Act methodology. Such approach allowed us to define the purposes of implementation of KSUIB to a project startup, to check project deliverables on the termination of each stage and if necessary quickly to make corrections. As a result we managed to minimize expenses on implementation of such large-scale solution as KSUIB".

Mihail Aronson, the board member of A-security noted: "When implementing several stages of the KSUIB project we developed the solution suitable for information security support on industrial enterprises according to regulating documents, and in the nearest future we are going to start replication of our experience in other projects".