Translated by
2019/02/08 09:20:37

Information security (trends)

Article is included into the overview of TAdviser "Security of information systems 2019"



Trends of the Russian information security market

Process automation in cybersecurity

Process automation is intended to save the organizations from staff shortage and routine tasks of the cybersecurity departments facing employees.

According to Alexander Borisov, the expert in the area kiberbezopasnostigk ICL, interest in BAS systems increases. BAS systems can automate some tasks from area of testing for penetration into infrastructure. It facilitates process of the analysis of security to the companies using such means.

Need of providing Information Security at implementation of new technologies

Need of providing Information Security at implementation of new technologies, such as clouds, big data, mobile technologies, robotization, etc. is another trend.

As Andrey Timoshenko notes, the manager on information bezopasnostiaccenture Russia, in some companies implementation of such technologies is braked because of requirements for cybersecurity, in others, on the contrary, is an additional incentive for development of competences in cybersecurity and implementation of modern instruments of protection. Anyway, business, understanding advantages which new technologies give, begins to motivate the employees to resolve issues cybersecurity proactively.

Services of SOC

Integrators sensitively and quickly react to the changes happening in the market. For example, with exit No. 187-FZ "About security of critical information infrastructure of the Russian Federation" customers had a need for command centers information security, Security Operations Center (SOC).

This wave was picked up by integrators which offer services of own SOC in outsourcing model, - Nikolay Zabusov, the director of the department of information and network security of Step Logic notes.

Digital economy as accelerator of market development of cybersecurity

Transition to digital economy means implementation not only business solutions, but also the information security facility. General digitalization, transition to Internet of Things, to wireless information transmission systems ― all this requires creation of end-to-end systems of data protection too, Dmitry Livshits, the CEO notes Digital Design.

Vladimir Balanin, the Head of Department of information security of I-Teco Group, adds that within the national program "Digital Economy" changes in the existing legislation, adoption of new regulatory legal acts and national technical standards in the field of cybersecurity prepare. Changes will concern functioning of the Russian network segment the Internet, personal data processings on social networks, Internet of Things, exchange of data on computer incidents, security risks of information and many other.

It is unconditional that these changes will become accelerators of further market development, information systems and services will be created taking into account aspects of information security at once, - he says.

New requirements of regulators

The market of cybersecurity traditionally remains one of the most attractive in the field of technologies. According to Yakov Grodzensky, the head of information security of System Software company, the necessity of investments into data protection is caused not only by a variety and the increasing complexity of threats, but also new requirements from regulators: questions of protection of critical information infrastructure, new requirements of the Central Bank of the Russian Federation to data protection of banking organizations. Besides, requirements of regulators and to information security tools become tougher.

Practical security

Regulators, undoubtedly, act as drivers of the market of cybersecurity: the companies try to conform to requirements of the law. But the picture gradually changes: it is good to correspond to a letter of the law and it is necessary, but real problems are shown even more often.

If the company has, say, certificates according to the international standards ISO 2701 and PCI DSS and all other certificates, but it caught a virus encoder, – all assets become instantly struck and simple existence of certificates will not help. There will be two options: or to recover everything from backup copies (if they were), or to pay money to malefactors, - Vasily Stepanenko, the director of the center of cyber defense DataLine tells.

Thus, according to him, the trend is displaced towards practical security.

It is not enough to purchase a firewall, it should be configured, and then to administer, and it is permanent process. At FSTEC of requirements to setup is not present, the CEO has companies for certain too. In this case malefactors – the driving force of that the company carried out these settings. Responsibility for this work can lie on Chief Information Security Officer (CISO) already now. This is the person responsible for information security. Here it is possible to draw an analogy to the doctor. If the doctor in an office has all wall in certificates, but his patients die, then there is no trust to such specialist. CISO can have a set of diplomas and merits on paper, but it is important that happens to his company in practice, - the expert of DataLine concludes.

Import substitution

For many years on information security market the import substitution trend does not weaken.

Andrey Timoshenko, the manager on information security of Accenture Russia, considers that import substitution on the one hand pushes the Russian producers to creation and development of own solutions on cybersecurity, with another - gives additional opportunities for decision makers on information security from such countries as China or Israel.

According to Oleg Shaburov, the Head of Department of information security of Softline company, every year the maturity of the Russian solutions grows and in some product directions the Russian origin is only a pleasant bonus: the choice of customers is made on the basis of functionality.

Alexander Bondarenko, the CEO of R-Vision, adds that large business substitutes the available cybersecurity technologies on domestic analogs more and more actively, and when implementing new projects the increasing attention is given to the choice of the producer in the context of possible sanctions and political risks.

Dmitry Elfimov, the head DITIZI Kaluga Astral companies, reminds that at the end of 2018 there was the next directive "About Primary Use of the Domestic Software" according to which, now and state corporations are obliged to replace gradually system and applied software with analogs of domestic manufacturers. At the same time, the share of domestic software in the total amount of purchases is measured percentage of specific sums of money (from 50% and above). Is included in the total cost not only the cost of "iron", but also and service: selection of solutions, their implementation, technical support.

Thus, domestic solutions begin to occupy more dense niche and sums of money considered at calculation of a share within import substitution, significantly increase. After final transition of a public sector (2021) it is possible to predict interest in import substitution and other categories of customers (for example, the commercial organizations which are directly working with a public sector), - he notes.

Nikolay Zabusov, the director of the department of information and network security of Step Logic, considers that leaving from the Russian market of the American company Splunk issuing solutions for the analysis of Big Data, including for problems of cyber security became one of the brightest events in 2019. It, according to him, shows as far as the infrastructure which is completely constructed based on foreign products can be vulnerable.

With respect thereto system investments into production qualitative Russian are necessary for the information security facility. It would be desirable to hope that in 2019 a number of the domestic means of protecting created not only under closing of formal statutory requirements "will ripen", but also having competitive functionality, - the expert of Step Logic notes.

Growth of a role of the state in the market of cybersecurity

A number of experts pay attention to growth of a role of the state in the market of cybersecurity.

If earlier we told about government institutions and the companies with state participation as about the segment creating a significant share of demand and urging on market development, then there are more and more now insourcing structures which in my opinion, limit this development, - Sergey Sherstobitov, the CEO of Angara Technologies Group notes.

Growth of the competition in the market

The market is in the active movement - it is shown also that there is an intensive competitive struggle in already settled segments both for the current clients, and for clients of those companies (generally foreign) which gradually lose positions in the Russian market. Also more and more actively the competition between segments in the market develops.

New technologies, products and services actively apply for financing which was selected for more traditional solutions on security earlier, creating the additional pressure upon the settled players. However, to speak about some global changes in structure of the market of cybersecurity so far early, - Alexander Bondarenko, the CEO of R-Vision believes.

Change of list of active consumers of cybersecurity technologies

If earlier unambiguously financial sector was a champion in questions of financing of cybersecurity, then the steady growth of interest is observed in recent years and that the most important, financings of projects on information security in other industries. Alexander Bondarenko, ranks the industry, a public sector, power, an oil and gas industry as such industries. The financial sector, according to him, on the contrary, a little "reduced turnovers".

Other trends

Every year in the Russian market of cybersecurity these or those trend solutions prevail. Some solutions are "classics" for a long time and do not need representation (antiviruses, protection against DDoS attacks, protection against NSD). But some solutions are beaten out in a top or attract new interest.

Dmitry Elfimov carries to such solutions, in particular, IDM systems:

This system helps not only to differentiate access rights of different users, but also to construct a complete end-to-end system with clear for all users of business processes, the purposes, tasks, etc.

Also among trends it selects SIEM solutions.

With growth of the companies also the information volume which is stored, processed and transferred both in the company, and in the outside world grows. SIEM solutions allow to create a single system of event management of security in the company, Elfimov notes.

One more trend, according to him, is connected with cyber security of an APCS.

Today a number of domestic manufacturers offer the whole complexes of the technologies and services directed to protection and support of lifecycle of infrastructure of industrial enterprises, - the expert says.

Top-10 trends in the field of cyber security of Internet of Things — Counterpoint Technology

At the beginning of February, 2019 the Counterpoint Technology Market Research analytical company submitted ten forecasts to information security fields for 2019.

1. Close cooperation between hackers

Hackers are subdivided into different groups: traditional and ideological, sponsored by the state and hackers freelancers. Analysts believe that these groups shortly will begin to cooperate to use advantages of others products and services.

Experts of Counterpoint Research expect significant increase in a capital expenditure at security of IoT-devices, platforms, the cloud systems and services in 2019
Experts of Counterpoint Research expect significant increase in a capital expenditure at security of IoT-devices, platforms, the cloud systems and services in 2019

2. Cyber attacks as service

Counterpoint Technology Market Research considers that in 2019 hackers will use even more often remote desktop protocols as a starting point for distribution of the malware. Besides, cybercriminals can create and sell software packages for start of malware that will allow them to select finished goods and to carry out the attacks regardless of own experience in this sphere.

3. Machine learning as weapon of new generation

Malware already learned to bypass elements of machine learning in the unrolled systems of a kibezashchita. Use of the advanced instruments of machine learning for automation of the choice of the purpose of hackers will become the next step as experts consider. Such tools will be able to study software for search of the least secure systems and their weak points.

4. Theft of data – a new milk cow of hackers

Transition to digital technologies and Internet of Things led to increase in volume of corporate and personal data which are stored in the cloud systems. In 2019 significant growth in date leaks, especially from cloud servers is expected.

5. Devices of the smart home and peripheral devices will become vulnerable for the attacks

Devices of the smart home which collect and store personal data - the easy purposes for cyber attack as, as a rule, are almost not protected. And peripheral devices are equipped with extremely simple software for confidential data protection and work mainly on elementary operating systems.

It is expected that by the end of 2019 hackers will use the advanced instruments of machine learning for automation of the choice of the purposes, finding less secure systems with their help.
It is expected that by the end of 2019 hackers will use the advanced instruments of machine learning for automation of the choice of the purposes, finding less secure systems with their help.

6. Cooperation and expansion of partner communications between developers of solutions in cyber security

Cooperation of software developers in the field of cyber security integrates achievements and power of the companies. Together they can present more effective solutions capable not only resist to malware, but also study and develop.

7. Multifactor authentication and intellectual identification of the device

Identification is a fundamental component of cyber security, including for Internet of Things. The identification model by 2019 stopped being focused on the user — now it is focused on a machine component. Analysts assume that multifactor authentication and intellectual identification will become a basis of cyber security of IoT in 2019.

8. Protection on the basis of machine learning

Machine learning is already used for monitoring of activity for the purpose of detection of the malware. Besides, this technology not only processes and analyzes data much quicker, than traditional tools, but also provides forecasting of threats and cyber attacks.

9. The solutions of cyber security which are built in the equipment

Implementation of security at the level of the hardware was one of the most interesting solutions of 2018, the study says. Such protection will help to solve problems of cloning and counterfeit of software and also will provide safe authentication along with unique identification.

10. The growing demand for employees of security services in the public and private sector

The new laws obliging to protect the companies confidential information of users generated huge demand for skilled staff of a security service both in state, and in the private sector.[1]


Legislative trends

Trends on the Russian information security market form under the influence of the legislation and development of threats. Market participants remind of toughening of penalties for violation of an order of processing and personal data protection, adoption of law on critical information infrastructure, entry into force of state standard specification in which information measures of protection in financial institutions are described.

All these changes are motivators for investments into cybersecurity from the companies, - Yakov Grodzensky, the head of information security of System Software company considers

Dmitry Biryukov, the head of department of information security of the Asteros group, adds that the state conducts serious and full-time legislative employment: regulators continue to introduce additional requirements to information system protection under which large projects and new implementations are expected. It is, first of all, about segments of critical information infrastructure, an APCS, bank and telecommunication sectors, he notes.

According to Lev Matveev, the chairman of the board of directors of SearchInform, the federal law on security of critical information infrastructure in fact is legal recognition of the problems and risks connected with cyberthreats.

The law will seriously affect the industry, it is about new state strategy. Today methodical recommendations are up to the end not defined and are in process of study. But all market participants watch closely process", - he explains.

Rustem Tursunbayev, the head of department of information security of Compulink Group, adds that in connection with new requirements of the state some big customers create the budget proceeding from the updated legislation already now.

Shift of accents towards riskoriyentirovanny safety and protection against external threats

One of the most noticeable and interesting trends is the shift of accents from regulatory security towards riskoriyentirovanny safety and protection against external threats. The occurred incidents of cybersecurity showed as the enterprises are vulnerable to the attacks from out of and as strongly these the attacks can influence indicators of business continuity and organization activity and also the general availability of information systems and services.

It means that we will gradually leave from the traditional model "confidentiality, integrity, availability" with a big traditional emphasis on confidentiality towards availability or cyberstability, i.e. capabilities of the organization to resist to threats of cybersecurity and to be recovered quickly in case of their implementation. Such approach actively develops long ago in the West, and in Russia one of active drivers of this term is the Central Bank of the Russian Federation, - Sergey Terekhov, the director of competence center of information security of Technoserv company notes.

Reconsideration of a role of cybersecurity for business

At the corporate level there is a reconsideration of cybersecurity as parts of the general corporate business strategy. Customers independently make the proposal on carrying out thorough audit of cybersecurity and drawing up the program of organization development.

Moreover, at the level of management of the companies understanding that providing Information Security — not the single project, but continuous business process forms. With respect thereto growth of interest in solutions of the class GRC (Governance, Risk, Compliance) and to use of different BI tools looks quite logical, - Alexey Grishin, the director of Information Security Center of Jet Infosystems company notes.

Sergey Terekhov adds that the cybersecurity becomes more available and clear for business and Chief information officers, and it means that all of them realize need of investments more and want to see from them return.

Involvement of the top management in questions cybersecurity

One more trend about which market participants speak it is involvement of the top management of the enterprises in questions cybersecurity.

And, according to Nikolay Domukhovsky, the director of the department of system integration of UTsSB, first of all this involvement is implemented at the expense of a whip, but not gingerbread: the changes of the Criminal Code of the Russian Federation caused by adoption of law on security of KII imposed criminal liability for non-compliance with requirements for cybersecurity if it entailed heavy effects.

Drafts of bylaws of the law on security CUES of the Russian Federation contain specific objectives and functions of the management of an object of KII which those should execute on a permanent basis. I.e. the notorious "involvement of the management" appearing in a series of ISO standards 27000 regarding objects of KII has every chance to turn into a set of mandatory requirements, but not general recommendations as it is in the mentioned series of standards now, - it notices.

Staff shortage

Digitalization of economy defines key trends of market development of information security. As Sergey Sherstobitov, the CEO of Angara Technologies Group as the cybersecurity industry grows in Russia in high gear notes, one of top trends is a staff shortage.

We observe a gap between the need for high quality professionals cybersecurity and the number of the specialists who are let out by Higher education institutions and level of their preparation, - he notes.

Shift of focus of cybersecurity developer on the person

In the market the trend on creation of the technologies warning incidents at the expense of the analysis of behavior of the user, identification of anomalies in its actions is noticeable. Channels on which corporate information is transferred become more, and it is more difficult to control them all. However the person remains the most unpredictable source of threats in cybersecurity. On it focus of interest of developers is also displaced, Lev Matveev, the chairman of the board of directors of SearchInform says.

We not an exception – this year headed for integration of technologies of a profayling into DLP. It is necessary to tell that this experience unique not only for Russia, but for the world therefore there are no blazed roads here and to us it is necessary to create both theoretical, and practical base for this purpose. In the fall on our Road Show we submitted the first version of Profile Center and collected the first feedback from potential customers. It is sure, this functionality will become a trend in the market of cybersecurity, - he adds.

Maria Voronova, the head of department of consulting of InfoWatch Group, also calls a trend the analysis of a behavioral model of users which will allow to detect potential threats of cybersecurity preventively.

The systems of the class UEBA/UBA (User (and Entity) Behavioral Analytics) solve as the internal problems of information security support of the organization connected with behavior of employees and external, for example, promote prevention of the hacker attack through a compromise of an account of the legitimate user. Very many DLP-and SIEM vendors are engaged in creation of UEBA solutions based on the technologies now, - she notes.

Creation of coordinating bodies

The main source of threats is the industry of harmful services which constantly increases pace and purchases more and more lines of the developed market with the worked business models.

As Alexey Grishin notes, the director of Information Security Center of Jet Infosystems company, the state and a number of the industries react to threats of creation of coordinating bodies which set standards of providing Information Security and serve as platforms of exchange of experience, for example, to State system of detection, prevention and elimination of consequences of computer attacks and FinCERT of the Bank of Russia.

But it only the beginning of history, and in the next several years us is waited by new coordination structures in the different industries, - he says.

Import substitution

Import substitution – one of key trends of the Russian IT market. However its influence on the market of cybersecurity is estimated by domestic experts differently. Someone notices significant increase in demand for the Russian solutions, others note that the Russian producers initially prevailed, and the tendency to import substitution promoted only insignificant increase in their share.

Dmitry Gvozdev, the CEO of Information Technologies of the Future company, calls support of import substitution by the state – the key and dominating trend.

While the Russian Federation saves dependence on the western element base, the protective software - a crucial element of preserving of security of digital infrastructure so the state promises and gives an active legislative and financial support to a cybersecurity segment, - he says.

In more detail how the trend of import substitution affected the market of cybersecurity and what perspectives this process has read in the separate article.

Market segmentation in terms of approaches to security

Within this year also a number of trends which played the defining role in business in the field of cybersecurity was created. Market segmentation in terms of approaches to security became explicit: the pool of the companies realizing direct dependence between viability of the business and information security was accurately created.

As Maxim Filippov, the director of business development of Positive Technologies in Russia notes, these are the companies which build the work with emphasis on digital. They invest in the newest technologies of protection and in many respects push other players of the market towards security.

About 10% of the market fall to the share of such companies so far, but gradually their number grows, - he adds.


Today existence of a preventive system of protection which would be able to provide 100% protection, unfortunately, in most cases impracticablly. Therefore the problem of detection and competent response to the attacks moves to the forefront.

According to Andrey Zaikin, the head of information security Croc with respect thereto in the market initiatives of SOC (Security Operation Center) actively develop. They include three components:

  • Technologies of protection, which today set
  • Employees who are responsible for information security
  • Regulations and rules which allow to build accurate processes on prevention of the attacks and also response to cybersecurity incidents in case of their emergence

In "the STC Volcano also consider that now in the Russian market of cybersecurity the trends connected with creation of Security Operations Center (SOC) prevail. According to representatives of the company, it is caused by sharp relevance of a question of operational identification and response to cybersecurity incidents.

In 2017 creation of data of the centers was started by many large companies. In view of project implementation duration, they will proceed during 2018, and, perhaps, 2019, - Alexander Kuznetsov, the head of information security in STC Volcano noted.

Protection against paper leaks

Malefactors – especially unfair staff of the companies – began to understand that digital information infrastructure in many organizations is already almost guaranteed protected from incidents by the systems of the class DLP. However security of paper documents and their electronic copies at the same time "sinks".

With respect thereto also the number of leaks of documents of such format grows. At the moment the cybersecurity market so far only begins to develop the products protecting from paper leaks. These solutions of a reaktivna: thanks to the fact that each employee in the company working with the document in EDMS receives its individual copy in case of "draining" of information a system allows to investigate the happened incident and to find responsible, - Anton Samoylov, the CEO of EveryTag company tells.

But application of such solutions is not limited only to identification of a source of leak. According to Samoylov, security service specialists can announce employees implementing solution which will keep account of all issued copies. Then at personnel of the company desire "leak" confidential information will just disappear.

Growth of interest in cybersecurity services

A number of experts note growth of interest not just in solutions, namely to services of information security.

As Andrey Zaikin, the head of information security notes Croc, modern threats become more difficult and more various, at the same time than specialists station wagons which know at the good level a set of different technologies and means of cybersecurity, very little. It is impossible to embrace the immensity and to be the guru in everything. Therefore for creation of an effective system of protection the companies need to keep the whole team of specialists in information security in the state. Not all are able to afford it to themselves. It is often more profitable to receive competences of professionals as the managed service on outsourcing.

For example, our company offers customers safe infrastructure from a cloud (IaaS) which conforms to all requirements of the legislation for personal data protection. The customer just transfers the systems with personal data to us to a cloud or DPC, and we undertake all care of personal data protection. And we close both technical, and organizational aspects of a question, - Andrey Zaikin tells.

Big Data of information security

One more possible trend is connected with effective processing of the separate and often not connected with each other data, with the subsequent their analysis and risks assessment. Maxim Filippov, the director of business development of Positive Technologies in Russia, calls such data of Big Datainformatsionnoy of security.

Those who will learn to accumulate these data, to store, to process and analyze flexibly (including it is retrospective), will be literally leaders in our market for the next several years, - he considers.

Consulting services and implementation of complete solutions cybersecurity

Victor Serdyuk, the CEO of DialogNauka company, as a trend calls steady growth rates of the directions connected with rendering consulting services and implementation of complete solutions in information security field. It, according to him, is promoted by several factors among which there is a gain of regulatory requirements to the organizations in the part concerning questions of data protection. Besides, in 2017 was a number of the incidents connected with successful attacks of malefactors to the Russian and foreign companies that also increased attention to need of implementation of measures for providing Information Security is recorded.

Among the most demanded consulting services it is possible to select: penetration test, development of development strategies cybersecurity, conformity assessment to requirements Russian and to the international requirements for data protection (PCI DSS, SWIFT CSCF, ISO 27001, service station of BR IBBS, 382-P, Federal Law 152, etc.), protection of an APCS and also outsourcing of functions on maintenance of the cybersecurity systems. In terms of complete solutions, for example, for our company one of drivers of growth are successfully implemented projects connected with implementation of means of protecting from the purposeful attacks and creation of the situational centers of monitoring of cybersecurity (SOC), - he told.


Change of approaches to information security

In the Russian companies understanding of result which information security systems can provide changed. Total number of the projects directed not to safety of business, and begins to be reduced by compliance to requirements or risk reduction. Several years ago such projects made an essential market share of cybersecurity. They are succeeded by projects which bring to business real financial benefit, Evgeny Akimov, the director of business development of Information Security Centerof Jet Infosystems company notes.

Andrey Stepanenko, the expert in technologies of data protection of Code of Security company agrees with it. He notes that change of "reference points" was influenced not only by economic factors, but also they can create with what speed the number of cyberthreats and what risks grows for business.

"In these conditions the customer first of all estimates real, but not "paper" opportunities of means of protecting in data security provision", - he says.

Requirements from: "The subsystem such is necessary" are displaced aside "A subsystem such should have the following functions" and practically any project begins with "pilot" testing of solutions recently, Dmitry Ogorodnikov, the director of competence center of information security of Technoserv company adds.

For the companies creation of a security system capable to provide protection against real threats of cybersecurity becomes priority number one. Now customers pay attention to controllability of means of protecting, technological effectiveness of application, their compatibility and support of modern information technologies have more and more than attention.

Most the companies passed recently from purely technical approach at which vulnerabilities are just identified and solutions for their neutralization, to risk-oriented approach are selected.

"It is more complex approach at which risks assessment and cost effectiveness analysis of use of these or those means of protecting is made. It is more mature approach, but the movement in its direction not really fast as it is connected with change of mentality of cybersecurity specialists", -Alexey Rayevsky, the CEO of Zecurion company told TAdviser.

According to him, customers focus attention on capabilities of means of protecting more and more to be integrated with other systems in their IT infrastructure. In particular, integration into the SIEM systems interests many today (a class of products for information management and events in a security system).

Transfer of function of administration of information security tools from divisions of security in IT departments of one of the main trends is considered by Dmitry Ogorodnikov from Technoserv. It, according to him, is explained by deep integration of means of protecting and information technologies recently.

The convenience of the interface, completeness and visualization of the reporting and other parameters of solutions also begin to prevail when choosing products. Such trend demonstrates that specialists of information security develop products with a careful eye to the new interests of customers now.

As for technologies, the market of cybersecurity continues to go towards complete solutions. Products for protection of virtual environments and connected with protection and mobile device management even more often interest business,Sergey Zemkov, the managing director of Kaspersky Lab in Russia, the countries of Transcaucasia and Central Asia says.

Now the enterprises look towards solutions for protection of critical objects and infrastructure (such as objects of the energy sector, enterprises of transport, etc.). The target attacks which gain ground recently and can be not revealed for a long time, also force business to defend.

"We see the growing interest of customers in services of information security, such as services in investigation of computer incidents, protection against DDoS attacks, etc.", - Zemkov says.

Classical information security market stops existence

That classical information security market practically disappeared, Evgeny Akimov from Jet Infosystems says. He claims that cybersecurity technologies migrated towards the IT intended for business security.

"It is the newest sector of domestic economy which will grow. According to our forecasts, the gain can make up to 30% annually within the next three years", - the expert says.

According to him, key factors which will provide such dynamics will become:

  • active process automation of security of business, interface of the cybersecurity systems to the analytical systems and means allowing to carry out an operational and multistage inspection of partners, the deep analysis of actions of own employees, privileged users, etc.;

  • development of online-services and, as a result, comprehensive protection of web applications and services;

  • high activity of the organized criminal groups working in the field of IT;

  • engineering and reengineering of processes of security around already constructed technical systems;

  • growth of influence of questions of protection against cyberthreats in the field of national security.

What trends will prevail till 2018?

The state will remain the main player on information security market, experts consider. Change of approaches to informatization of a public sector – one of main customers, will begin to happen in line with foreign policy. It is possible that state regulation will become tougher.

Factors which will influence the commercial sector – new economic and political realities. Because of stagnation in economy of the company will optimize expenses. The state directly will begin to influence import substitution processes. It is worth expecting that there will be a gradual replacement of import software and information security tools by domestic analogs. In new conditions they will be more demanded by both the state, and commercial sector.

"There is a hope for import substitution, but it is necessary to understand that for few years it is impossible to repeat what was created decades. Perhaps, it will lead to the fact that the companies will become worse protected, or will be forced to limit development in use of IT in business because of impossibility them adequately to protect", -Alexey Rayevsky, the CEO of Zecurion company considers.

Because of import substitution of complexity expect also the enterprises which will try to organize large-lot production of information security tools in Russia. "In that case the element base and platforms of the Chinese origin can become base for the hardware and software of data protection", - Konstantin Ivanov, the deputy manager of department of development and maintenance of information security tools of STC of AF of ICL Group considers.

In crisis time demand of customers for the analytical systems, for example, of Big Data technologies in information security will increase. Already unrolled systems at the enterprises purchase new qualities, allow to predict a problem in many cases and to prevent it before it occurred, adds Rajevski.

With it also other experts are solidary. In the conditions of crisis it is more profitable to customers to increase not quantity of the IT and cybersecurity systems, and to upgrade functionality already existing, including – by means of input of analytical tools.

In the conditions of impossibility to finance information security in full, the commercial sector will be able to use new model: transfer a part of processes and problems of cybersecurity to outsourcing. "Such practice is widely applied in the world, but is not characteristic of Russia yet", - Andrey Prozorov, the head of the expert direction of Rostelecom-Solar company says (before Solar Security, Solar Security).

In general, in the nearest future at customers already outlined approach to cybersecurity which can be formulated as "real security" will prevail. Experts are sure that the role of "paper security" till 2018 considerably will decrease. So commercial and, most likely, public sector, priorities from the general and simple fulfillment of requirements of regulators (compliance) towards maximum efficiency of cybersecurity will displace.

Learn more in the Security of Information Systems 2017 overview