How GosSOPKA functions
Posted: Sat Jan 18, 2025 6:14 am
GosSOPKA was created by the Federal Security Service (FSB) in 2013 on the instructions of President Vladimir Putin. In 2017, the Law "On Critical Infrastructure Implementation" was adopted, defining the list of entities that must connect to GosSOPKA. These are organizations from the fields of healthcare, science, transport, communications, energy, banking and the financial market, the fuel and energy complex, nuclear energy, defense, rocket and space, mining, metallurgy and chemical industries.
To interact with the entities of critical information infrastructure, the FSB created the NKCCCI. In 2022, President Vladimir Putin signed Decree No. 250, obliging the entities of critical information infrastructure to create structural divisions to interact with GosSOPKA or to involve special organizations - GosSOPKA centers - to perform these functions.
GosSOPKA centers initially operated on the basis of agreements with the FSB or the NKCCCI. The Presidential Decree also instructed the FSB to organize the procedure for accrediting GosSOPKA centers. Organizations dominican republic whatsapp number list that have agreements with the NKTsKTSI will also have to undergo accreditation. During the transition period, set until December 12, 2025, such centers can continue to operate on the basis of agreements with the NKTsKTSI. The FSB has now developed draft rules for accrediting GosSOPKA centers. Among other things, it is proposed to introduce a ban on the work of their employees from abroad.
The Departmental Center product from Positive Technologies
Positive Technologies positions the Departmental Center product as a means of automating incident handling and informing the NKCCCI and other CERTs (computer emergency response teams). The product is offered to companies that are starting to build a SOC (monitoring and information security center) or a GosSOPKA center, as well as to critical information infrastructure entities for interaction with the NKCCCI.
“Creating a GosSOPKA center is a long and labor-intensive process, so we propose to carry it out in stages,” says the Positive Technologies presentation. “This enables organizations to gradually develop internal information security expertise, build processes in the information security department and successfully repel both typical attacks and their new types.” Accordingly, without an agreement with the NKCCCI and until accreditation is received, Positive Technologies will no longer be able to provide GosSOPKA Center services to critical information infrastructure entities.
To interact with the entities of critical information infrastructure, the FSB created the NKCCCI. In 2022, President Vladimir Putin signed Decree No. 250, obliging the entities of critical information infrastructure to create structural divisions to interact with GosSOPKA or to involve special organizations - GosSOPKA centers - to perform these functions.
GosSOPKA centers initially operated on the basis of agreements with the FSB or the NKCCCI. The Presidential Decree also instructed the FSB to organize the procedure for accrediting GosSOPKA centers. Organizations dominican republic whatsapp number list that have agreements with the NKTsKTSI will also have to undergo accreditation. During the transition period, set until December 12, 2025, such centers can continue to operate on the basis of agreements with the NKTsKTSI. The FSB has now developed draft rules for accrediting GosSOPKA centers. Among other things, it is proposed to introduce a ban on the work of their employees from abroad.
The Departmental Center product from Positive Technologies
Positive Technologies positions the Departmental Center product as a means of automating incident handling and informing the NKCCCI and other CERTs (computer emergency response teams). The product is offered to companies that are starting to build a SOC (monitoring and information security center) or a GosSOPKA center, as well as to critical information infrastructure entities for interaction with the NKCCCI.
“Creating a GosSOPKA center is a long and labor-intensive process, so we propose to carry it out in stages,” says the Positive Technologies presentation. “This enables organizations to gradually develop internal information security expertise, build processes in the information security department and successfully repel both typical attacks and their new types.” Accordingly, without an agreement with the NKCCCI and until accreditation is received, Positive Technologies will no longer be able to provide GosSOPKA Center services to critical information infrastructure entities.