Provision of cyber security is a zone of increased attention of the top management of the Company.
In the context of the transition to digital transactions and increased electronic communications traffic, the Company takes a responsible approach to controlling the risks of cyber intrusions into corporate information systems, which can damage the safety of assets, operating and financial activities, and the interests of shareholders and investors. The company takes measures to ensure a highly protected internal cybersecurity system and seeks to convey confidence in its quality to all the stakeholders.
The company takes into account global cyber security challenges that pose potential risks and provide new opportunities in the development of information technology.
The Company’s key cybersecurity initiatives are based on analyzing the synergy potential of digital solutions and reducing operational risks.
The Company follows regulatory requirements and considers cyber security in three main aspects:
- Integration of information protection processes and tools into ongoing digital transformation strategic initiatives
- Security using advanced technologies
- Improving the efficiency of cybersecurity functions The Company forms a transparent holistic multi-level cyber risk management system and integrates it into the overall risk management system.
Plans for 2020
- Updating the internal regulations on the Cyber security for TATNEFT Group
- Improving the Cyber risk control procedures
- Development of cyber security elements integration in the business processes
Corporate Cyber Security Operations Center
Personal Data Protection
The Company ensures the protection of personal data by implementing internal procedures in accordance with the law. The Company takes into account the European General Data Protection Directive (GDPR), which was entered into force in 2018.