The State Enterprise Regitra provides public services of:
- Registration of vehicles;
- Examination of drivers;
- Issuance of driving licenses.
The organization provides data from registers about the motor vehicle fleet and driving licenses in observance of legal acts regulating the activities of registers. Furthermore, Regitra also renders compulsory motor third party liability insurance mediation services. Hence, it stores, classifies and processes a lot of data.
The organization is expected to comply with information and cybersecurity requirements imposed by the laws and regulations of the Republic of Lithuania. Ir order to assess how effective are the currently used organizational and technical security measures, the organization decided to assess it's IT security.
What was assessed?
The scope of the technical controls that have been evaluated:
- ICT systems that can be accessed externally;
- Security and resilience of externally accessible ICT systems;
- Security of technologies used for data access and transfer;
- Internal information systems and infrastructure solutions;
- Server security;
- Database management systems;
- Data transfer network appliance security;
- Email system security effectiveness;
- WiFi security.
- Security of copy and restoration systems and capability audit;
- Employee resilience to social engineering.
Upon completion of the project, an assessment report for the effectiveness of currently used information security controls has been produced. Also, NRD Cyber Security team has prepared a plan for implementing technical means to ensure the minimalization of security risks as well as compliance to relevant legislation.