Kyivstar has confirmed the reliability of the company’s information security management systems. The national telecom operator successfully passed the audit in July 2023 according to the international standard ISO/IEC 27001:2013. Kyivstar is currently the only Ukrainian telecom operator certified according to ISO/IEC 27001:2013 in all areas of work.
“In recent years, Kyivstar has invested heavily in the development of its cybersecurity function to meet the best international standards and practices. This is important both for the security of the company itself and to guarantee the reliability and security of information systems to customers and partners. Moreover, since the beginning of the full-scale military invasion, we have taken serious additional measures to ensure cybersecurity,” says Yuriy Prokopenko, Kyivstar’s Chief Cyber Security Officer.
Information security management certification (ISMS) is an official confirmation that an organization meets international standards in ensuring the protection and security of its information. ISMS covers management, operational and support business processes that ensure the functioning and protection of information systems and networks designed to provide subscribers with the following services:
- voice electronic communication,
- access to the Internet,
- interpersonal electronic communication,
- digital, interactive, mobile television and radio broadcasting,
- providing information, advertising, consulting, engineering, and call center services.
In 2021 and 2022, Kyivstar passed ISO/IEC 27001 certification and confirmed the security of the ISMS in the implementation of new business lines for business customers.
In particular:
- data processing center (DPC) services, including cloud-based services based on Azure Stack Hub technology;
- products and services based on the Internet of Things (IoT) technology;
- analytical products and services based on BigData;
- mobile financial products and services (MFS).
The certification of information security management also indicates the security of the IT infrastructure, which is confirmed by an independent audit. This is important for the company’s clients that are subject to industry-specific information security requirements: banks, public sector companies, critical infrastructure facilities, and others.
