“Business information security is just the bottom”

“Business information security is just the bottom” Photo: Maksim Platonov

How developed the culture of cybersecurity in Russian business is? How to ask the management a million to provide information security to the enterprise? What new technologies do specialists warding off attacks on companies succour to? Answers to these questions were given during an expert dialogue Enterprise’s Information Security, which was on 1 October during IoT & AI World Summit Russia. More is in Realnoe Vremya’s report.

“To look for anomalies”

An expert dialogue dedicated to enterprises’ information security started with defining key tendencies in this sphere. So according to Atom Security’s representative Dmitry Kandybovich, on the one hand, the number of targeted attacks is now increasing, on the other hand, the DarkNet is developing actively, where more and more youngsters are going. In other words, attacks are developing everywhere.

“I am talking about both targeted attacks and a rise in the number of attacks made by clones. Yes, the latter are harmless, but they anyway happen somewhere because our protection culture is very weak. If we are talking about banks, everything is fine there, and if we are talking about business in general, it is just the bottom,” Dmitry Kandybovich said.

During the session, Project Director of Concern Sozvezdie JSC Grigory Bochechka gave a tip of one of the most topical ways of fighting cyberincidents in enterprises.

“New, better tools are appearing in the market. And if earlier companies were mainly aimed to demarcate perimeters, block harmful software, get rid of malefactors from their networks as much as possible, such technology as deception has shown very active dynamics in the market in the last years,” the expert began. “Many confuse it with honeypots, however, there is a big difference in interactivity. Plus honeypot is primarily aimed to collect malware and some simple attacks. The systems deceiving malefactors persuade a hacker of using real vulnerability disguised as traps, entice him into an isolated environment and start to collect all the information about what he wants to get: every action of him is logged, some solutions have separate subsystems that generate special documents, when one opens them it is possible to understand where the malefactor comes from. The key tendency is that the market is moving towards new, modern-day technologies.”

Director General of APROTECH (a joint venture of Kaspersky Laboratory JSC and ITELMA R&D) Andrey Suvorov added in turn that nowadays when attacks are becoming very complex and unpredictable, the capability to detect anomalies is a very effective method.

“In other words, one shouldn’t act by following the same patterns somebody already invented but look for anomalies that aren’t characteristic of, for example, types of information exchange between existing objects in the corporate network or external counteragents,” the speaker said.

“You will never be given a million rubles, if you don't start speaking the language of numbers and losses”

Another important trend: cybersecurity issues in big companies stopped being tasks of the information security officer of IT director — they are raised at the level of board of directors. As Andrey Suvorov notes, information security and cyberattacks are a new type of risks. At the same time, noticeable changes are taking place in the insurance market.

“Insurance brokers used to say that risks of equipment failure when equipment failed on the computer or computer programme, which was proved, weren’t covered. But the insurance market has already changed today: a number of companies include it to property losses and compensate if the enterprise’s financiers do understand all risks,” the director general of Aprotech said.

Another expert, Dmitry Kandybovich, decided to focus on the fact that at the moment cyberthreats were really becoming one of the important risks that compulsorily must be raised at a general meeting. “Another important remark: this topic shouldn’t be hidden, it should be translated into numbers, losses,” the speaker noted.

“Indeed, you will never be given a million rubles, even if you are using your usual terms like cyberattacks, threats, vulnerability and so on. The director will be telling you: “Get off me, you came over here again to ask for money for the things I don’t need”. Change the vocabulary of terms,” Director General of Aprotech Andrey Suvorov offered.

The expert says that a good way to improve information security is to find related, topical cases to demonstrate other enterprises’ losses because of the management’s lack of care for information security issues.

By Lina Sarimova