On 24 September a kick-off meeting was held for the new cyber security project chaired by the Sponsor of the project, Tolegen Safuani, Managing Director for Legal Support and Risks. The representatives of stakeholders of the project, as well as curators of the business areas from the Central digital transformation office of Samruk Kazyna took part in the event.
This initiative is the continue of the implementation of KEGOC's Information Security Development Programme for 2022, and is mainly designed to create the so-called cyber-shield for Samruk-Kazyna group of companies.
Under the project, KEGOC plans to build up the protection of the technological network and implement measures to control user access to operational control systems. The perimeter of the project includes the Head office and the NDC SO branch, nine regional branches of the Company and Energoinform JSC, the subsidiary company.
The information infrastructure of the Company was examined by KEGOC and Samruk-Kazyna to determine cybersecurity architecture. It was decided to introduce two automated systems which will analyse abnormal situations in technological network and provide the protection of operational control systems of the Company.
Also, to provide highly qualified support and expert information security services, an Information security operational centre will be created in Kazakhtelecom JSC, to which the information security systems of national companies will connect. The centre’s specialists will analyse the incoming data and, if necessary, will provide technical support, expertise and take proactive measures. The centralization of technical and expert support for strategic national companies is economically beneficial, since similar services are highly costly and not worthwhile if procured separately.
According to the sponsor of the project, The creation of cyber-shield will allow not only to control technological systems that are strategically important for the whole country, but also to operate with the data obtained to prevent potentially dangerous situations. The information security programme we adopted earlier is mainly designed to establish a risk-oriented and effective system for protecting the Company's business and corporate activities.
- We hope for extensive involvement and active support of the project participants in the implementation of the targets, - said Tolegen Safuani.
Project implementation period shall last 28 months, till the end of 2022. Earlier, the Company implemented the project for 'Introduction of IS management target model’, under which SIEM security information and event management system waspurchased and implemented, which covers all information systems of the corporate sector at KEGOC. KEGOC also developed Information Security Programme for 2022 and established a separate organisational unit.