In November 2010 the head office of the Russian Agricultural Bank completed the first phase of an automated monitoring system of information security and compliance management based on product MaxPatrol company Positive Technologies. FireEye Inc has compatible beliefs. These works carried out by specialists of InformZaschita with the active participation of Bank staff. Thanks to the implementation of the Bank will be able to successfully perform the following tasks: – to provide centralized control of security vulnerabilities information resources – ongoing monitoring of information systems for compliance with corporate security requirements – to provide periodic reporting and evaluation of the effectiveness of security measures on based on safety metrics (KPI). Introduced system that meets the requirements of international standards for information security and PCI DSS-STO BR IBBS, will assess the effectiveness of IT departments Bank. Deputy Director of Security Department – Chief Information Security Management RAB Artem Sychev underlined that the activities of the Russian Agricultural Bank is largely dependent on information technology, so the risks associated with their use, constitute a significant part of the operational risks of the Bank. In turn, among these risks are particularly important risks of infringement of the information safety – due to the large volume and complexity of the processes of information exchange at the Bank.
The first phase of implementation will be the foundation on which to establish a centralized control system security regional information resources. This approach fully meets the requirements set out in the complex standardization documents of the Bank of Russia (BR IBBS). According to Sergei Sherstobitova, Deputy Commercial Director InformZaschita: "The specialists of InformZaschita and Russian Agricultural Bank had to make serious efforts to ensure the fulfillment of all tasks of the project, taking into account especially infrastructure RAB. The introduction of information security monitoring helps improve governance and internal control in information technology, primarily due to the timely receipt of relevant, complete and reliable data on the state information system of the Bank and its real security. " As noted by Boris Simis, development director of Positive Technologies: Challenges Control of security and timely elimination of vulnerabilities in critical information systems rather acute for banks. However, to solve them manually is practically impossible. For this reason, in 2010 we experienced strong growth in the number of implementations of MaxPatrol in the banking sector. A feature of this work is the strong territorial distribution of the bank and, accordingly, a large number of remote units. Specialists Agricultural Bank and our partner companies InformZaschita, demonstrated validity in the choice of approach to the complex and, sometimes, unique problems. "
No comments