Customers: SDM-Bank Moscow; Financial services, investments and audit Product: Security VisionProject date: 2019/01 - 2019/06
|
On July 16, 2019 the Intellectual Security company (Security Vision brand) announced project completion of process automation of incident management of cyber security in SDM-bank (public joint stock company).
Within the project the following tasks were implemented:
- Processing of incidents of information security taking into account specifics of business processes of Bank is created and automated, namely:
- the base of assets of Bank with role separation of an information access about assets is implemented;
- the asset management process of Bank is implemented;
- operational and analytical reporting materials are implemented.
- Borders of a monitoring system of Bank based on a SIEM system are expanded:
- monitoring infrastructure nodes are set and configured;
- key sources of events of information security are connected;
- rules of identification of incidents of information security are implemented.
Questions of information security support of Bank, reliable protection of its data assets against all types of external and internal threats are among our priority tasks which qualitative and timely solution is the key to steady functioning of Bank. SDM-Bank strictly observes requirements and recommendations Bank of Russia, payment systems WORLD, Visa and MasterCard, is a participant of information exchange from Fintsert Bank Russia. Qualitatively organized monitoring is one of pillars of the correct work of all information security management system. And to provide rapid response to cyber security incidents, we built an asset management process as a starting point in questions data protection, noted Oleg Vladimirovich Ilyukhin, the Vice chairman of the board - Director Departamenta IT of SDM-bank
|
Automation in questions of cyber security comes to the forefront as robotic instruments of reaction allow to provide the due level of data protection in mode 24х7. Building of the process covering the basic principles of incident management of cyber security for the purpose of further reduction of risk of a human factor and errors of the employees involved in response to cyber security incidents and also for the purpose of release of time of skilled staff from routine transactions for accomplishment of more expert tasks became one of important steps in the direction of automation |
Thanks to team work with Bank was succeeded to construct workflow of incident management of cyber security and asset management. These are fundamental factors of operability of the center of monitoring and the beginning of its successful development in questions of ensuring compliance to standards of cyber security and to the best practices in this area, |