Menu
Menu
The city of Rzeszow, known as the “Capital of Innovation,” is a dynamically developing unit of local government in Poland.
In 2016, Rzeszow was awarded the title of “Smart City” at the conference “Smart City Forum.” Its strategic location near the border with Ukraine gives it a new geopolitical role – as a logistics and transportation base, as well as a center for humanitarian aid and NATO support.
The city has more than 1,200 employees, uses 1,200 computers and has 300 server stations. Rzeszow offers its residents numerous digital services, such as e-Office, e-Health and e-Education, confirming its position as an innovation leader in Poland.
The city of Rzeszow faced growing cyber-security threats, exacerbated by the rapid growth of digital services such as e-Government and e-Health, and by the city’s new geopolitical role as a logistical and humanitarian base in the wake of the war in Ukraine. The city’s extensive IT infrastructure, including more than 300 servers and key city units, exposed the city to a growing risk of advanced cyber attacks. A key challenge was to integrate existing security systems into a coherent monitoring and response system that would not only protect residents’ data and city infrastructure, but also meet the requirements of the NIS2 directive. The city needed a system that could effectively monitor threats in real time, respond quickly to incidents and automate operational processes, and train staff to effectively counter modern digital threats.
Comprehensive implementation of Security Operations Center – SOC for the City of Rzeszow.
The City of Rzeszow, given the strategic importance of the project to increase cyber security, decided to entrust its implementation to ComCERT, an Asseco Group company. This choice was not accidental. Asseco has been working with the City for years on other digitization projects, which has allowed it to develop mutual trust and a thorough understanding of the specifics of the City’s IT infrastructure.
As part of the project, ComCERT conducted a comprehensive implementation of a centralized Security Operations Center (SOC), tailored to the specific needs of Rzeszow.
The first step was a detailed analysis of the existing IT infrastructure and threat modeling using the SIM3 methodology. This made it possible to assess the maturity of cyber security structures in the areas of processes, technology, organization and employee competence. This analysis was complemented by threat profile modeling based on the MITRE ATT&CK framework, which allowed precise identification of gaps and development of recommendations for effective protective solutions.
Then, based on the collected data, a concept of SOC operation was developed for the City of Rzeszow. The implementation included advanced systems such as SIEM, responsible for analyzing security logs, SOAR for automating incident response, and PAM, enabling privileged access control.
These solutions were enhanced with NDR and XDR technologies, which increased the ability to detect and respond to advanced cyber threats. These measures have provided Rzeszow with a comprehensive system for monitoring and protecting IT infrastructure that operates in real time.
Training for Security Operations Center employees was also an integral part of the implementation. They were prepared to operate modern tools and respond to incidents according to the best industry standards. Artificial intelligence and machine learning algorithms played a key role in the implementation process, supporting analysts in their daily work, streamlining both routine operations and advanced threat analysis.
The whole project was based on a multi-vendor model, combining commercial and open-source systems, which optimized the cost of the project. In addition, thanks to funding from the Eastern Poland Operational Program 2014-2020, Rzeszow was able to implement the project without a significant burden on the budget. The result was a central system – SOC for the local government, which not only effectively protects data and infrastructure, but also meets the requirements of the NIS2 directive, providing the city with security at the highest level.
Effects of implementing an advanced cyber security system for the city
The implementation of a centralized SOC for the local government has brought a number of significant benefits to the City of Rzeszow
Public services have become safer, as the city’s data and IT infrastructure are effectively protected from cyber threats.
The system is designed to be scalable, allowing it to expand as the city’s digital services grow.
The automation of security processes has enabled faster threat detection and incident response through the use of tools such as SIEM and SOAR.
Residents have gained a greater sense of security with 24/7 monitoring of the systems.
covered computers and workstations.
monitored by a centralized
SOC for the city.
integrated into a single system, including institutions such as the Metropolitan Transportation Authority and Nursing Homes
“The implementation of a centralized SOC in UMRZ is, above all, a significant enhancement of the cybersecurity of our entire city, our metropolitan area, and the urban community.
Equally important, it gives each of our residents the reassurance that our systems are continuously monitored — and with that comes a real sense of safety.
Knowing that yet another element of our city’s cybersecurity ecosystem is operating professionally, 24/7, is of tremendous importance to all of us.”
— Konrad Fijołek, Mayor of Rzeszów
“I rate our cooperation with ComCERT very highly, as the company provided an outstanding team of experts dedicated to working with the Rzeszów City Hall.
We are very satisfied with both the collaboration and the results of their work.”
— Sławomir Świder, Deputy Director of the IT Services Office, Rzeszów City Hall
