Russian information security market 2025. TAdviser Overview

The new TAdviser review, based on the expert opinions of leading market participants, analyzes the current state of the industry, assesses the achieved results and identifies key challenges that determine the further trajectory of the development of the Russian information security market.

2024 was better than expected for the Russian information security market. According to TAdviser, its volume increased by 27% and reached 337 billion rubles.

Based on the results of the companies presented in the TAdviser Security 100 rating, it can be noted that 84 companies from the top hundred of the largest showed positive revenue dynamics. Of these, 75 have double-digit growth. In an additional list of 100 applicants for inclusion in this rating, the situation is similar - 80 companies showed revenue growth, 72 of them with double-digit dynamics.

Assessing the results of information security companies, we can also conclude that in 2024 integrators grew faster than vendors. On average, their revenues increased by 32% against 25% growth among developers of cybersecurity solutions.

Preliminary estimates of the results of 2025 are also encouraging. According to analysts at TAdviser, the Russian cybersecurity market will show growth in the range of 20-25%, and its volume will exceed 400 billion rubles.

Digital transformation and migration of companies to domestic platforms create a new environment for protection, where security becomes an integral part of business processes.

Tightening the requirements of regulators - FSTEC, FSB, Central Bank - remains a serious driver, especially in the segments of critical information infrastructure and the financial sector. The introduction of personal management responsibility for data security turns investment in information security from a recommendation into a prerequisite for doing business.

According to market participants, the upcoming changes in the VAT rate for Russian software are able to stimulate early purchases and license renewals in the fourth quarter, which will give the market an additional impetus.

TAdviser presented a new rating of the 100 largest Russian companies operating in the field of information security. In addition to it, a rating of 100 applicants has been prepared - companies that are not included in the group of leaders, but have every chance of getting into their number in the coming years.

The new rating includes vendors and integrators of cybersecurity solutions, as well as distributors of such products. It is built on the basis of questionnaires and official reporting of companies.

Kaspersky Lab again became the leader in the rating. At the end of 2024, the global revenue of this company reached 77.3 billion rubles, an increase of 15.7%. The second place was taken by Softline. Its revenue from information security projects increased by 47.2% and exceeded 50 billion rubles. Gazinformservice has the third place with revenue of 47.8 billion rubles. (+ 28.3%).

The total revenue of the 100 largest Russian information security companies exceeded 505.5 billion rubles. The total revenue, taking into account an additional list of 100 applicants, amounted to 522.5 billion rubles.

Financial constraints exacerbate technological and personnel complexities. A high key rate slows investment in information security, forcing companies to postpone or cut projects. Business balances between the need for protection and real-world capabilities, often sidelining cybersecurity.

Import substitution also creates new risks along with solving old problems. After the departure of international vendors, the market was filled with many point solutions that are difficult to integrate into a single ecosystem. The transition to domestic solutions in large companies requires scalability and performance of the level of world giants, which Russian players cannot yet compete with. In some infrastructure segments of the enterprise-level, there is a shortage of worthy alternatives.

Market fragmentation creates additional difficulties. More than 300 vendors work in Russia, 10-20 players are present in each class of solutions, but there is no single leader. Tens of thousands of products are registered in the Register of Russian Software, which makes it difficult to choose mature effective solutions. Customers are inclined to platform and ecosystem, where all problems are solved within the same system, but the speed of new products and system software makes it difficult to integrate each other.

Analytical center TAdviser has prepared a new Map of the Russian information security market (IS). The map shows more than 290 domestic companies that develop products and services in the field of cybersecurity, as well as suppliers of information security services. During the preparation of the map, the company's solutions were segmented into 46 categories in 4 main groups: "Infrastructure Protection," "Monitoring, Research and Analysis," "Data Protection" and "Services and Services."

The demand for information security solutions is determined by three main factors:

• Increased cyber threats and the rise of targeted attacks that are increasingly damaging to companies. This year's public incidents with airlines, retail and pharmacy chains confirm the scale of the problem.
• Strict requirements of legislation and regulators, including the protection of personal data, CII standards and import substitution obligations until the end of 2025.
• Changing the tactics of attackers who have switched to medium and small businesses as a more affordable target, using these companies to attack large customers through supply chains.

"The interesting trend of 2025 is the shift in the focus of hackers to medium and small businesses. This is also understandable. Large companies have invested a lot of money in information security, and hacking them, if possible, is extremely laborious. But medium-sized businesses cannot afford high-quality solutions and can easily become a convenient goal, "says Sergey Polunin, head of the group for protecting infrastructure IT solutions at Gazinformservice.

"Increased attention to the information resources of companies and state organizations of the Russian Federation, including from politically motivated attackers, dictates the need to pay special attention to information security. In the incomplete year 2025, a sufficient number of public information security incidents have already occurred, which in itself is a clear illustration of the need for investment in this area. Resistance to harmful influences and continuity of business processes are the main priorities now. Unfortunately, this is not always reflected in the budgets of information security, since the business is now in rather difficult conditions, "said Dmitry Vasiliev, director of the information security department of Softline Solutions (Softline Group of Companies).

According to the information security company, in the third quarter of 2025, the volume of vulnerabilities in the infrastructure of Russian companies increased by 28% compared to the same period in 2024. Software vulnerabilities account for 32% of the total number of security flaws detected.

The main threats to Russian companies in 2025 remain cyber attacks aimed at destroying IT infrastructure and data, stopping business, stealing funds and information, including personal data and trade secrets. Internal threats and insider attacks are growing, the role of social engineering is strengthening. This forces companies to increase investment in the formation of safe behavior processes through regular training, attack simulations and gamification.

The market is transforming under the influence of artificial intelligence, which has simultaneously become both a weapon of hackers and a defense tool. Attackers use AI to create convincing phishing emails, generate deepfakes, develop malicious code through AI assistants, and build a hacker infrastructure.

The threat of "shadow AI" is growing when uninformed employees pass sensitive information to chatbots whose rules allow data to be used to train models.

Information security specialists implement machine learning for behavioral analysis, anomaly detection, reduction of false positives, automation of incident response.

At the same time, the development of their own ML models generates specific risks - data poisoning, the introduction of malicious requests, the theft of models by distillation.