National Coordination Center for Information Security (NCCIS)

In accordance with subparagraph 7-1) of paragraph 1 of Article 7-4 of the Law of the Republic of Kazakhstan “On Informatization” dated November 24, 2015 No. 418-V of the National Coordination Center for Information Security (hereinafter referred to as NCCIS) of JSC “State Technical Service” (“STS” JSC) carries out “Monitoring of ensuring information security of informatization objects of the “e- government” through the information security monitoring system of the National Coordination Center for Information Security” (MEIS IO EG).

The procedure for conducting the MEIS is defined in the Rules for Monitoring the Information Security of e-government Informatization Objects and Critical Information and Communication Infrastructure Objects, approved by Order of the Minister of Defense and Aerospace Industry of the Republic of Kazakhstan dated March 28, 2018 No. 52/NK.

The main purpose of the MEIS is to monitor the completeness and quality of the implementation by the owners and (or) holders of the informatization objects of the “e-government” (IO EG) of technical and organizational measures to ensure the information security of the IO EG by identifying threats and incidents of information security.

MEIS is carried out on the basis of contractual relations between the National Security Committee of the Republic of Kazakhstan and JSC STS, which implements the tasks and functions of the NCCIS.

The objects of the MEIS are IO EG, put into commercial operation, including those classified as critically important objects of information and communication infrastructure.

MEIS includes:

−monitoring of the response to information security incidents;

−monitoring of protection provision;

−monitoring of ensuring safe operation.

In accordance with subparagraph 7-2) Paragraph 1 of Article 7-4 of the Law of the Republic of Kazakhstan “On Informatization” dated November 24, 2015 No. 418-V 3KZ..

National Coordination Center for Information Security (NCCIS) of JSC “State Technical Service” (JSC STS) carries out “Monitoring of information security events of objects of informatization of state bodies” (MISE IO SB).

The procedure for conducting the MISE is defined in the Rules for Monitoring Information Security Events of Informatization Objects of State Bodies approved by By Order of the Minister of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan dated August 16, 2019 No. 199..

The main purpose of the MISE is the constant monitoring of the object of informatization in order to identify and identify information security events (IS).

The objects of the MISE are the objects of informatization located in the information and communication infrastructure (ICI) owned by the state body (SB).

MISE is carried out on the basis of contractual relations between the National Security Committee of the Republic of Kazakhstan and JSC STS, which implements the tasks and functions of the NCCIS.

Within the framework of the MISE JSC STS carries out the following types of work:

1) installation of information security event sources in the ICI;

2) technical support of the sources of information security events in the ICI SB;

3) tracking of IS events of MISE objects, in order to detect IS incidents and subsequent response to them

For all identified IS events, employees of the 1st line of the SOC of JSC STS are notified to the employees of the GO responsible for ensuring the IS of the SB.

Information on identified information security events is also transmitted to The KZ-CERT Computer Emergency Response Team of JSC STS for further development together with SB.

In order to carry out activities aimed at increasing the level of information security, employees of the National Center for Information Security (NCIS) - "information security coordinators" - have been identified and sent to a number of civil defense organizations of the Republic of Kazakhstan.

Functions of information security coordinators:

·study of the information and communication infrastructure and technical documentation on information security in civil defense;

·assistance in responding to identified information security incidents;

·assistance in updating the necessary information for the implementation of information security in civil defense;

·increasing awareness of civil defense employees in the field of information security.

In order to improve the efficiency of the CSO in terms of ensuring information security, protection and safe operation of the informatization objects of the "electronic government" (I "EP"), the Kazakhstan segment of the Internet, as well as responding to information security incidents, on June 4, 2019, the Advisory Coordination Council of the National Coordination Center for Information Security (NCISS) was created on the basis of JSC "State Technical Service" (JSC "GTS").

Meetings of the QCS NCISS are held on an annual basis with the participation of central government agencies, the operator of the information and communication infrastructure (ICI "EP") - JSC "National Information Technologies", the authorized body in the field of information security - KIB MCRIAP RK and NCISS JSC "GTS". The Council discusses issues of ensuring information security in the Civil Defense and responding to current threats / incidents of information security.

To date, a total of 15 meetings have been held.

The NCIS collects, analyzes and summarizes information from the industry information security center (IISC) and operational information security centers (OISC) on information security incidents (IS) at the information and communication infrastructure facilities of the "electronic government" and other critically important information and communication infrastructure facilities (CIIF) (clause 1, clause 1, article 7-4 of the Law of the Republic of Kazakhstan "On Informatization").

IISC:

The Agency of the Republic of Kazakhstan for Regulation and Development of the Financial Market exercises the functions of the IISC of the financial market and financial organizations, branches of non-resident banks of the Republic of Kazakhstan, branches of non-resident insurance (reinsurance) organizations of the Republic of Kazakhstan, branches of non-resident insurance brokers of the Republic of Kazakhstan (clause 107, clause 14 of the Decree of the President of the Republic of Kazakhstan dated November 11, 2019 No. 203 "On Further Improvement of the Public Administration System of the Republic of Kazakhstan").

OCIS:

58 organizations have a license to operate within the OCIS:

1) “Center for analysis and investigation of cyber-attacks” ALE (TSARKA)

2) “National information technologies” JSC

3) “Transtelecom” JSC

4) “Cyber One” LLP

5) “KBI Security” LLP

6) “Kazteleport” JSC

7) “MSSP.GL” LLP (“Kazdream Teсhnologies”)

8) “QazCloud” LLP

9) “QazInfoTech Systems” LLP (“Sapa software”)

10) “Business & Technology Services” LLP

11) “ASTEL” JSC

12) “Engineering Center of Logistics Management” RSE on REM

13) “Tengri Lab” LLP

14) “ISV Central Asia” LLP

15) “Digital Qalqan” LLP

16) “TSARKA R&D” LLP (“Web Totem”)

17) “QazSoc” LLP

18) “Zerde Business Solutions” LLP

19) “Human Resources Development Center” JSC

20) “KaR-Tel” LLP

21) “JK Partners” LLP

22) “Kazakhtelecom” JSC

23) “KazOpticLink” LLP

24) “AITIA” LLP

25) “PS Internet Company” LLP

26) “ORDA SOC” LLP

27) “KazHackStan” LLP

28) “IT-TRY” LLP

29) “Seven Hills of Kazakhstan” LLP

30) “Engineering and technical center OP RK” RSE on REM

31) Private company DTM Kazakhstan Ltd.

32) “Republican Center for Space and Communication” JSC

33) “MIDDLE COMM” LLP

34) “Inova Tech” LLP

35) “Kcell” JSC

36) “Communications Kazakhstan” LLP

37) “JB Works” LLP

38) “RTeam” LLP

39) “IT Novator” LLP

40)  “ECC” of ASPaR of the RK RSE on REM

41) “SADAN” LLP

42) “ITSOC” LLP

43) “Digital Enterprise” LLP

44) “ADT Security” LLP

45) “E-finance center” JSC

46) “Republican Center for Electronic Healthcare” of MH RSE on REM

47) «BeSupply» LLP

48) «Tengizchevroil» LLP

49) «IntelX» LLP

50) «Alan Technology Group» LLP

51) «NexGen CyberDefence» LLP

52) «BTS Digital» LLP

53) «Cyberfox LLP» LLP

54) «QazDefense» LLP

55) «Сандерс» LLP

56) «NC «Kazakhstan temir zholy» JSC

57) «Oblachnye resheniya» LLP

58) «Sauyt.Lab» LLP

Interaction of the National Coordination Center for Information Security (NCIS) with the Operational Center for Information Security (OCIS) is carried out through the NCIS platform (MISP) for the purposes of:

· information exchange on threats/incidents of information security;

· operational interaction in 24/7 mode.

Various events are held to strengthen interaction with the NCIS OCIS:

· meetings of the NCIS and NCIS

Meetings held: 8

Participants: KIB MCRIAP RK, NCIS, all NCIS.

Main objective: discussion of problematic issues in the field of information security in the Republic of Kazakhstan.

· point meetings with each OCIS
· cyber exercises

2025

• RTEAM LLP

• CYBERFOX LLP

• Association of Legal Entities “TsARKA”

2024

Winners

·     Kcell JSC (Blue Team of the IT company and Red Team of the Ministry)

·     Digital Qalqan LLP (Blue Team of the Ministry)

·     RTeam LLP (Red Team of the IT company)

Excellent results

·     Digital Qalqan LLP (Red Team of the IT company)

·     RTeam LLP (Blue Team of the Ministry)

·     MSSP.GL LLP (Red Team of the Ministry)

·     MIDDLE COMM LLP (Blue Team of the IT company)

·     QazCloud LLP (Blue Team of the IT company)

2022

·     1st place – LLP «QazSOC», LLP «Tengri Lab», HC «BiZONE Kazakhstan»

·     2nd place – LLP «KaR-Tel»

·     3rd place – LLP «BTS»

Regulatory legal acts governing the interaction of the OCIS and the NCISS:

·                    Law of the Republic of Kazakhstan «On Informatization» (adilet.zan.kz/rus/docs/Z1500000418)

·                   Uniform requirements in the field of information and communication technologies and information security (adilet.zan.kz/rus/docs/P1600000832)

·                   Rules for the exchange of information necessary to ensure information security between the operational information security centers (OCIS) and the National Coordination Center for Information Security (NCIS) (Order of the Minister of Defense and Aerospace Industry of the Republic of Kazakhstan dated March 19, 2018) No. 48/НҚ) (adilet.zan.kz/rus/docs/V1800016886)

Interaction with foreign organizations and alliances allows us to establish communications with the global IT and information security communities, as well as increase the recognition of the Kazakhstani brand KZ-CERT on the world stage through the participation of employees in various international conferences on information security.

More details on CERT.GOV.KZ