Cyber security solution
Cyber security solution from the company TESCO SW a.s. responds to the introduction of cyber law No. 181/2014 and the relevant implementing Decree No. 316/2014.
On 1.1.2015, Law No. 181/2014 Coll. on Cyber Security (LoCS) came into effect. At the same time, Decree No. 316/2014 on Cyber Security (DoCS) became effective. Their aim is to ensure on country level especially: orderliness and organization in the field of cyber security, unifying level of security measures on critical and important IS, monitoring and evaluation of security incidents, definition of procedures, how to act in emergency situations.
Authorities and persons, onto whom there are imposed obligations in the area of cyber security, are set out in section 3 of LoCS. Those are usually, but not exclusively, providers of information and communication system of critical infrastructure and administrators of important information system.
According to section 30 and section 31 of LoCS, they are required, within 1 year from the date of determining critical or important IS, to establish and implement security measures and keep up security documentation.
Group of major IS is formed by such systems, which are explicitly stated by Decree No. 317/2014 Dig. on important IS or which correspond to defining criteria stated in this Decree. Similarly, it will be in the case of critical IS. The relevant decree has not yet been published.
Introduction of obligations according to LoCS and DoCS also implies the introduction or strengthening of service management processes (ITSM), such as management of events, incidents, problems, changes, release & deployment, SLA, suppliers, etc.
Identification of necessary security measures according to section 5 of LoCS.
Implementation of necessary security measures = fulfilling administrator’s obligations according to section 4 of LoCS.
Introduction or update of processes related to information security management system (ISMS) according to section 3 of DoCS.
Provision of security monitoring services.
Introduction or update of processes related to IT service management (ITSM) within the meaning of DoCS, title I and II.
Provision of support services.
Modules / Solution areas
1. Differential analysis
It maps the effects of LoCS and DoCS on customer’s IS in question. Analysis is based on the detailed study of LoCS and DoCS. It contains:
Identification of administrator’s obligations
Migration schedule or delivery timetable
2. Implementation of security measures
After approval of differential analysis, there follows a phase of executing organisational and technical security measures:
Monitoring and security SW
3. Provision of support services
This part includes the following services:
4. Security monitoring
It includes the following services:
- The Office for Personal Data Protection
- Ministry for Regional Development
- HW: Thales e-Security nShield Connect
- SW: CryptoID, FaMa+ ITSM, Microsoft System Center Operations Manager