KEY CONCLUSIONS
Ensuring cyber security is one of the priorities of the programme for digital economy development in Russia
“The primary Ministry objectives in terms of ensuring information security are included in one of the six passports of the national Digital Economy programme. The passport was prepared jointly with the Sberbank Competence Centre and a working group led by Natalya Kasperskaya. The measures it holds correspond to the goals and objectives of the May Executive Orders of the President of the Russian Federation, namely, they aim at creating a sustainable, secure information and telecommunication infrastructure, preferential use of domestic software products and equipment at all levels of information systems, increasing internal digitalization costs, increasing digital economy penetration three-fold comparing to 2017,” Aleksey Sokolov, Deputy Minister of Digital Development, Communications and Mass Media of the Russian Federation.
Cyber threats intensify with the development of technology
“The digitalisation of the economy and the way it changes our lives present tremendous opportunities, but at the same time they carry great threats, and they are constantly changing. This trend will remain as the complexity of technological processes increases, new technological processes immerge, and threats are to grow proportionally. This dynamic is the reason why this problem is so complex,” Vitaliy Sokolov, Partner, Risk Analysis and Control Department, Head of Information Security Services Practice, PwC.
“The critical information infrastructure administration, life support systems that manage our cities <…> are unprotected. <…> Critical infrastructure facilities such as energy, life support, are to ward off 10–15 times more attacks (than credit and financial organisations). It reveals the intruders’ interest in life support facilities, and now in cyber It security there is such a thing as politically motivated attacks,” Igor Lyapunov, Vice President for Information Security, Rostelecom.
PROBLEMS
Security systems fall behind rapid technological development
“Talking about threats, we always <…> fail to keep pace with cyber criminals. <…> Is this where we are bound to be <…> or do we have a chance to experiment here and to build defence systems against the challenges we anticipate,” Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank.
“Today, when we launch major digitalisation projects, cyber security is beyond the scope of this process,” Igor Lyapunov, Vice President for Information Security, Rostelecom.
“Artificial intelligence generates the next level threats for which we were not quite ready,” Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank.
A single company cannot solve cyber security problems, which require a new level of cooperation
“One company is not capable of defying all the risks that may be present in the system with its customised security procedures,” Igor Vedekhin, Deputy General Director, Director of IT Infrastructure Division, IBS.
“Social engineering is a trend within the country, and it is a serious challenge. We should exchange information and fight it in the banking sector. A new round of social engineering is automation,” Stanislav Pavlunin, Vice President, Director of Security, Post Bank.
Shortage of cyber security specialists
“It is difficult to build a team of specialists, who would ensure information security,” Dmitry Gadar, Vice President, Director of the Information Security Department, Tinkoff.
“Universities do not train cyber security specialists. <…> The Association of Russian Banks give us that concern under the Digital Economy programme,” Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank.
“The number of organised hacker groups is on the rise. Law enforcement agencies are facing a new challenge, and they are not quite ready to investigate a huge number of cyber frauds,” Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank.
SOLUTIONS
Close cooperation between government and business on all cyber security issues
“The Central Bank with the support of the Government and under the Digital Economy 2024 programme organises working groups in various areas of information security,” Dmitry Gadar, Vice President, Director of the Information Security Department, Tinkoff.
‘Together with the Department of Internal Affairs of Moscow we agreed to create a special working group and have begun pounding through several complicated cases <…> One such case was solved on 05 February <…> through a intricate, lengthy operation to detain a large group of fraudsters and a call centre in Moscow. They stole about 16 million roubles; now the investigation begins <…> But these are unique cases, not an extensive practice,” Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank.
“For the first time <...> representatives of the Ministry of Education of the Russian Federation said <...> you are right, this [training for cyber security, - Ed.] is really a problem, and we are ready to review new programs together with you,” Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank.
Setting up a technology platform for the cybercrime information exchange
“The Association of Russian Banks <...> decided to create a technological platform, where everyone has the opportunity to exchange information online,” Stanislav Kuznetsov, Deputy Chairman of the Executive Board, Sberbank.
Continuous monitoring and identification of potential threats
“Now Rostelecom as <...> a natural monopolist, holder of a wide telecommunications infrastructure in Russia, initiates the process of analysing and identifying potential threats, potential attacks based on our infrastructure <...> in the early warning mode <...> about attacks on its subscribers,” Igor Lyapunov, Vice President for Information Security, Rostelecom.