Monitoring of information security of “electronic government” informatization facilities
In accordance with subparagraph 7-1) of paragraph 1 of Article 7-4 of the Law of the Republic of Kazakhstan “Informatization”, the National Coordination Center for Information Security (referred to as NCCIS) of the JSC “State Technical Service” (referred to as JSC “STS”) monitors the information security of the “electronic government” informatization facilities through the NCCIS information security monitoring system (hereinafter referred to as the MIS).
The implementation of the MIS is aimed at monitoring the completeness and quality of the implementation by owners and (or) owners of informatization facilities of technical and organizational measures to ensure information security (referred to as IS) of “electronic government” informatization facilities (referred to as EG IF) by identifying IS events and IS incidents.
As part of the work on the MIS of JSC “STS”, a security survey of the EG IF is conducted on an ongoing basis.
Based on the results of the survey, recommendations are sent to eliminate the identified vulnerabilities, as a result of which the level of vulnerability elimination in relation to the objects of informatization of “electronic government” has increased by 12% over the period from 2020 to 2021, which indicates an increase in the level of information security of GO/ organizations.
For the period from 2020 to 2021, according to the results of the monitoring of the response to IS incidents conducted within the framework of the MIS, there has been a decrease in the number of recorded IS incidents by 68%, which indicates an increase in the level of security of the EG IF.