Translated by
2020/07/28 16:08:49

Overview of TAdviser: Security of information systems 2020

According to TAdviser, the volume of the Russian market of means of information security at the end of 2019 increased by 14% and reached a point of 90.6 billion rubles. Positive dynamics is noticed also by respondents of TAdviser representatives of the market.

Revenue of the Russian companies on information security market in 2018-2019

|1||align="left"|Softline||17 460||15 800||10,5|7||align="left"|Positive Technologies||3 737||2 810||33
' №' Company Revenue from the cybersecurity projects for 2019, million rubles, with the VAT Revenue from the cybersecurity projects for 2018, million rubles, with the VAT Dynamics, %
2Code of Security *6,5074,04560.9
3Informzashita **6,5005,60516
4Jet Infosystems6,0304,40037
6Aysiel Group4,1094,193-2
9Lanit ***2,5822,4814.1
-1 XLIFFService: Sequence contains no elements Complete rating
Interview with experts
Andrey Amirakh, the manager with key clients of Intellektualnaya bezopasnost Group (Security Vision brand), in an interview of TAdviser told about opportunities of process automation of management CYBERSECURITY and response to incidents and also use of technologies AI and Big Data in the field of data protection.

Active promotion of our world on the way of informatization opens before mankind, on the one hand, new tremendous opportunities, and on the other hand, generates risks new, unknown earlier. And some human defects connected, in particular, with violation of a personal or trade secret purchase new forms using IT, so, require new methods of protection. TAdviser discussed these issues with Sergey Voynov, the CEO of EveryTag company.

As business and the state organizations perform process of digital transformation, extends the range of threats of cybersecurity, and together with them – requirements to competences of corporate Information Security Service. Ensuring data protection becomes a permanent member of everyday life of any company. The head cybersecurity of Softline company Vladimir Lavrov told TAdviser that forces the management of the Russian organizations to think of transition to a service consumption pattern of cybersecurity and by what methods it can be implemented.

the Director of Information Security Center of Jet Infosystems company Andrey Yankin in an interview of TAdviser told about complication of projects in the field of information security, solutions for "udalenka" and growth of demand of cybersecurity services.

Mass and urgent transition of the companies to remote operation modes significantly aggravated problems of information security. Most the companies for the first time faced a similar task therefore transition to "udalenka" caused in them many difficulties.

Relevant solutions

Vladimir Dmitriyev, the head of services of cyber defense of CyberART (InnoSTage Group) told about change of the relation of the companies to SIEM, identification of four-year "tabs" in network of the customer and practice of work with MaxPatrol SIEM in large SOC in Tatarstan.


In article which was prepared by the development director Avanpost Oleg Gubka, it is told about basic approaches of technologies of uniform single authentication Single Sign-On (SSO) and a new product of this class – Avanpost FAM.


In article which was prepared by the development director Avanpost Oleg Gubka, it is told about basic approaches of technologies of uniform single authentication Single Sign-On (SSO) and a new product of this class – Avanpost FAM.

link=компания:Ростелеком-Солар%2C Rostelecom-Solar %28ранее Solar Security%2C Солар Секьюрити%29

Service approach – a key trend of digitalization of the enterprises. Even more often the companies prefer to give questions of complex providing information security on outsourcing. Services of commercial centers of monitoring and reaction on cyber attacks (Security Operations Center, SOC/SIEM) become more popular with large business every year. But similar service was unavailable to the small companies and the organizations because of high price though they regularly get recently under blows of the mass attacks. Responding to the requests of this segment of the market, cybersecurity providers try to reformat the services in more economic format.

link=Статья:Приоритеты бизнес-заказчиков в сфере информационной безопасности

In the summer of 2020 TAdviser conducted survey of experts of the companies specializing in the field of information security and found out how cybersecurity priorities of business – from the small organizations to large enterprises changed.

link=Статья:Информационная безопасность в банках

Creation protected "udalenki", development and protection of the RBS systems, a compliance with regulatory requirements in the field of cybersecurity - key priorities of banks in the field of cybersecurity about which experts in 2020 speak.

link=Статья:Информационная безопасность (мировой рынок)

The amount of the world market of solutions for information security support (cybersecurity) and management of cyberrisks in 2019 reached $120.93 billion, data of Gartner analytical company demonstrate.

More than a half of the market is the share of cybersecurity services, global expenses on which in 2019 made $61.98 billion. The second in value category are technologies for protection of infrastructure: their annual sales were equal $16.52 billion.

About $13.39 billion were spent for the equipment intended for ensuring cyber defense of networks. Sales of consumer cybersecurity software in 2019 reached $6.25 billion, solutions on management of accounts and access (Identity and Access Management, IAM) — $9.84 billion.

  Anti-virus software solutions

Antivirus — the software package which is specially developed for protection, interception and removal of computer viruses and other malware. A modern anti-virus software is capable to detect effectively harmful objects in files of programs and documents. In certain cases the antivirus can delete a body of a harmful object from the infected file, having recovered the file. In most cases the antivirus is capable to delete a harmful software object not only from the program file, but also from the file of office document, without having broken its integrity. Use of an anti-virus software does not require high qualification and is available practically to any user of the computer.

{{#Informer diagramm years: Cybersecurity - Antiviruses||3}}

  Antispam software solutions

Antispam — a method, partially or entirely, (SPAM) preventing hit of undesirable information in an outlook of the user or a user group of the PC. Action of a method is performed by a software setup both on client side, and on server side which can serve as an intermediary at Internet access (a technology antispam).

{{#Informer diagramm years: The cybersecurity is the Antispam||2}}



The firewall or the network screen — the complex of equipment rooms or software tools exercising control and filtering of the network packets passing through it at the different levels of the OSI model according to the set rules. The main objective of the network screen is protection of computer networks or separate nodes against unauthorized access. Also network screens are often called filters as their main objective — to do not pass (to filter) the packets which are not suitable under the criteria defined in a configuration. Some network screens also allow to perform broadcast of the addresses — dynamic replacement of the intra network (gray) addresses or ports by external, used outside a LAN.

{{#Informer diagramm years: Firewall||2}}



| Identity and Access Management
Management of identification and access
Authentication systems

Illegal access for employees to information systems is fraught for the company with distortion and losses of important data which can develop into losses financial and reputation. Understanding it, more and more Russian companies implement solutions for management of identification data. IDM systems allow to manage identification granted and access rights of users in information systems of the organization. In the world market they appeared for a long time, and since then significantly evolved. In Russia such solutions are presented more than 10 years.

{{#Informer diagramm years: The cybersecurity is Authentication||2}}

  Biometric identification

Biometric authentication — process of the proof and authentication through presentation by the user of the biometric image and by conversion of this image according to the predeterminated authentication protocol. Biometric authentication systems are the authentication systems using their biometric data for the identity certificate of people.

{{#Informer diagramm years: Cybersecurity - Biometric identification||2}}

  Means of enciphering

Cryptography (from Greek  — hidden and  — to write) – the most ancient science about methods of confidential data protection from undesirable third-party reading. Cryptoanalysis – the science studying methods of violation of confidentiality of information. Cryptananalysis and cryptography together make science the cryptology studying methods of enciphering and decoding.

Advanced developments

The quantum cryptography by right is considered a new round in evolution of information protection. She allows to create almost absolute protection of the encoded data against cracking.

{{#Informer diagramm years: Means of enciphering||2}} are cybersecurity



Data Loss Prevention
Technologies of privileged information loss prevention from an information system outside

Based on a research of leaks of confidential information from the organizations in Russia in 2016 by the Analytical center InfoWatch recorded 213 cases of information leaks from the Russian companies and state bodies that is 80% more than in 2015. In nine of ten cases in Russia personal data (PDN) and payment information, and total amount of the data compromised in a year flowed away increased more than by 100 times to 128 million records, but did not exceed 4% of the world volume of information leaks.

{{#Informer diagramm years: Information loss preventions||1}} are cybersecurity


  Backup and data storage

Backup system — set program and the hardware, carrying out a task of creation of the copy of data on the carrier intended for recovery of information in the original place of their arrangement in case of their damage or destruction. Backup systems provide the continuity of business processes and data protection from natural and technogenic catastrophes, actions of malefactors. These technologies are actively used in IT infrastructures of the organizations of the most different industries and scales.

{{#Informer diagramm years: The cybersecurity is Backup and data storage||2}}



Security Information and Event Management
Information management and events in a security system

SIEM (Security information and event management) is consolidation of two terms designating a software scope: SIM (Security information management) — information security management and SEM (Security event management) — security event management. The SIEM technology provides the analysis in real time of events (alarms) of security proceeding from network devices and applications.



|Distributed Denial of Service
Flow of false requests

Distributed Denial of Service - DDoS attack - a flow of false requests which tries to block the selected resource or by an attack on a communication channel which "is chucked in" with the huge mass of useless data, or the attack directly the server servicing this resource. Such actions are used for the purpose of competitive struggle, direct blackmail of the companies and also for derivation of attention of system administrators from other illegal acts.