Share
In connection with media publications citing a letter from the Bulgarian Judges Association to the Supreme Judicial Council (SJC), which claims that the implementation of the Trellix Endpoint Security Power Edition antivirus agent "creates serious risks to the independence of the judiciary, the protection of personal data, and information security" and gives "unjustified concentration of administrative rights in Information Services," we would like to clarify the following:
Following a public procurement procedure, Information Services was selected as the contractor under Contract No. SJC-14008/ 02.10.2025 with the subject "Monitoring and management of information and communication infrastructure (ICI) and implementation of activities related to the cybersecurity of the SJC and the courts, excluding the administrative courts and the Supreme Administrative Court." It is important to note that the cybersecurity software mentioned in the letter was purchased under a previous contract with another contractor for the supply of hardware and software equipment, and the correct name of the software is Trellix Endpoint Security HX. Information Services has no involvement in its purchase. According to the contract with the contracting authority, the Supreme Judicial Council, Information Services must perform cybersecurity services with the hardware and software equipment already available.
The Trellix console is installed entirely in the the Supreme Judicial Council’s data centers. Access to the Trellix Endpoint Security HX cybersecurity software management console is granted to SJC administrators and employees of the Information Services Cybersecurity Operations Center, and a list of authorized persons and all necessary confidentiality documentation has been sent to the contracting authority. Company employees access the system solely in connection with the performance of all contractual obligations related to the management of the information and communication infrastructure and cybersecurity of the courts. It is important to note that the system records every user action and the contracting authority can check who has accessed it at any time.
The claim that "system administrators lack training" is not true. At the start of the activities under the contract, training was provided to the authorized persons designated by each court, which was documented with a video recording.
Although the Plenary Session of the Supreme Judicial Council voted to invite the Executive Director of Information Services, Ivaylo Filipov, to explain the current state of information security in the courts to its members, he was not allowed to attend the meeting and had to explain to the magistrates during the break the measures taken to prevent cyber threats. Given the importance of the topic, Information Services is ready to give a public meeting with detailed explanations about the state of the cyber environment in the courts, the vulnerabilities and risks found, and ways to deal with them.
We would like to remind you that Information Services has been selected as the National Operational Center for Cybersecurity and coordinates actions for prevention, response, management, and ensuring an effective mechanism against cyber and hybrid attacks on the entire public administration in the Republic of Bulgaria.
The cybersecurity team has highly qualified experts who hold a number of internationally recognized certificates in various applicable modern cybersecurity technologies with experience in managing complex infrastructures and responding to complex cyberattacks.