Monitoring of information security events of informatization objects of state bodies
In accordance with subparagraph 7-2) Paragraph 1 of Article 7-4 of the Law of the Republic of Kazakhstan “On Informatization” dated November 24, 2015 No. 418-V 3KZ..
National Coordination Center for Information Security (NCCIS) of JSC “State Technical Service” (JSC STS) carries out “Monitoring of information security events of objects of informatization of state bodies” (MISE IO SB).
The procedure for conducting the MISE is defined in the Rules for Monitoring Information Security Events of Informatization Objects of State Bodies approved by By Order of the Minister of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan dated August 16, 2019 No. 199..
The main purpose of the MISE is the constant monitoring of the object of informatization in order to identify and identify information security events (IS).
The objects of the MISE are the objects of informatization located in the information and communication infrastructure (ICI) owned by the state body (SB).
MISE is carried out on the basis of contractual relations between the National Security Committee of the Republic of Kazakhstan and JSC STS, which implements the tasks and functions of the NCCIS.
Within the framework of the MISE JSC STS carries out the following types of work:
1) installation of information security event sources in the ICI;
2) technical support of the sources of information security events in the ICI SB;
3) tracking of IS events of MISE objects, in order to detect IS incidents and subsequent response to them
For all identified IS events, employees of the 1st line of the SOC of JSC STS are notified to the employees of the GO responsible for ensuring the IS of the SB.
Information on identified information security events is also transmitted to The KZ-CERT Computer Emergency Response Team of JSC STS for further development together with SB.