Post by rabiakhatun on Nov 3, 2024 5:15:38 GMT -5
The legal information portal published the FSB order of 11.05.2023 No. 213 "On approval of the procedure for monitoring the security of information resources belonging to federal executive bodies, the highest executive bodies of state power of the constituent entities of the Russian Federation, state funds, state corporations (companies), other organizations created on the basis of federal laws, strategic content writing service enterprises, strategic joint-stock companies and systemically important organizations of the Russian economy, legal entities that are subjects of the critical information infrastructure of the Russian Federation or used by them", developed in pursuance of subparagraph c) of paragraph 5 of Decree 250 .
Specifically, the 8th Center. Not the NKTsKI, not GosSOPKA. Talk about the 8th Center being able to attract some external company for these purposes is unfounded - the order does not allow for such a possibility. The order also mentions territorial security agencies, but do they have such competences?
Monitoring is carried out only in relation to the perimeter of organizations falling under the effect of Decree 250.
I don't think that all 500+ thousand organizations will be assessed. And it's unlikely that even 100 thousand will be assessed. Most likely, they will focus on the most critical ones, which own significant critical information infrastructure facilities.
All organizations affected by the order must send information to the FSB about their domains, external IPs, as well as about their changes (as they are changed and added).
On what basis should 500+ thousand organizations covered by Decree 250 send data to the FSB and how do they find out about it? I can’t say that this is some kind of complicated requirement for those covered by the Decree (although not everyone knows everything that is required about their perimeter), but procedurally it doesn’t look very clear yet. I would have tweaked some form for this to make the task easier to automate. But everyone will send this data to whatever they want, and then go and sort it out. And if everything is more or less clear with the subjects of the critical information infrastructure (although they interact not with the 8th Center, but with the National Coordination Center for Critical Information), then what should the rest do.
Specifically, the 8th Center. Not the NKTsKI, not GosSOPKA. Talk about the 8th Center being able to attract some external company for these purposes is unfounded - the order does not allow for such a possibility. The order also mentions territorial security agencies, but do they have such competences?
Monitoring is carried out only in relation to the perimeter of organizations falling under the effect of Decree 250.
I don't think that all 500+ thousand organizations will be assessed. And it's unlikely that even 100 thousand will be assessed. Most likely, they will focus on the most critical ones, which own significant critical information infrastructure facilities.
All organizations affected by the order must send information to the FSB about their domains, external IPs, as well as about their changes (as they are changed and added).
On what basis should 500+ thousand organizations covered by Decree 250 send data to the FSB and how do they find out about it? I can’t say that this is some kind of complicated requirement for those covered by the Decree (although not everyone knows everything that is required about their perimeter), but procedurally it doesn’t look very clear yet. I would have tweaked some form for this to make the task easier to automate. But everyone will send this data to whatever they want, and then go and sort it out. And if everything is more or less clear with the subjects of the critical information infrastructure (although they interact not with the 8th Center, but with the National Coordination Center for Critical Information), then what should the rest do.