We are proud to announce that Kitsoft has successfully passed an extensive audit by the German expert organization TÜV. Receiving the ISO/IEC 27001 certification is official global recognition that our internal Information Security Management System meets the highest international requirements.
Among the company’s key projects are the Diia portal – the national web platform that provides citizens with access to government services online, and over 200 other digital services used by 24+ million citizens.
At the same time, global cyber threats continue to rise, and Ukraine is on the front lines. According to the Microsoft Digital Defense Report 2025, Ukraine is among the top 5 most attacked countries in the world and ranks first in Europe, with 25% of all hostile operations originating from Russian cyber structures. According to the National Security and Defense Council of Ukraine, the number of attacks in 2025 increased by 37% compared to the previous year, highlighting the unprecedented pressure on Ukrainian cyberspace.
In response to these unprecedented challenges, we integrate rigorous security standards into our solutions at every stage. The ISO/IEC 27001 certification validates the core processes of our daily operations:
Comprehensive Audits: Regular testing of offices, cloud services, staging environments, and operating systems.
Systemic Discipline: More than 30 implemented security procedures and policies.
Human Capital: Continuous team training and strict monitoring of compliance standards.
By systematizing these practices, we have turned daily discipline into proven reliability.
"Today, for our partners, this means deeper trust, faster compliance, and transparent, predictable processes. For us, it is the formalization of the excellence we strive for every day." – Oleksandr Iefremov, CEO of Kitsoft
Achieving ISO/IEC 27001 is a key milestone in our broader security roadmap:
Our proprietary low-code platform Liquio, for building digital government services, has been officially certified for its cybersecurity compliance. This enables the development of services that handle the most sensitive data with the highest level of protection.
We are currently preparing for the SOC 2 (Security Operations Center 2) audit to further validate our operational controls.
We are deploying our own SOC for 24/7 monitoring and immediate threat response.
This comprehensive approach ensures the resilience of our products and the continued trust of our partners. Together, we are building a secure digital future.