Review Partner:
The information security (IS) market in Russia has undergone significant changes after the departure of foreign vendors. Domestic companies began to actively develop, increase their market shares, and the main driver of industry growth was large corporations and government agencies that were interested in Russian solutions in the wake of import substitution of Western products.
What trends influenced the market in 2023 and 2024, what problems vendors face and what cyber threats customers have to reflect, whether AI will change the field of information security and how - in a new TAdviser review, which we prepared together with market participants.
1 Information security market in Russia in 2023-2024: estimates and prospects
The emergence of new solutions, the active study of regulatory legislation, the expansion of interaction in the professional community - all these are the basic milestones of 2023.
In 2023, the Russian information security market continued to grow steadily and remains one of the most dynamically developing segments of the IT sector in Russia. According to TAdviser, the volume of the Russian information security market increased by 25% and reached 265 billion rubles.
The growth of the market was stimulated by an increase in the number of cyber attacks and tightening responsibility for sensitive information leaks, import substitution after the departure of foreign vendors, support for the IT industry and the information security segment as a whole. Business relied on security and increased budgets for information security.
In 2024, the process of market transformation continues. Among the trends, it is possible to distinguish the formation by vendors of full-fledged ecosystems to provide information security, which are "turnkey" introduced into the customer's circuit in order to "cover" his requirements as much as possible. Ecosystems allow you to increase the effectiveness of protection and work in the same window with the vendor, and the demand for this option to ensure the protection of the organization began to grow.
Domestic business has become more demanding to obtain a practical result in the field of its cyber security and is increasingly focused on the use of technologies that provide it. Market participants record a steady increase in demand for products and technologies that allow them to effectively identify the actions of hackers in the infrastructure and counter their attacks. And also on autopilot products in the field of cybersecurity: over the past year, this interest has moved to the practical plane - the first experiments using such technologies demonstrated their success in identifying professional ART groups in automatic mode.
According to preliminary estimates by TAdviser, the dynamics of the Russian information security market in 2024 will be comparable to the results of 2023. Analysts expect growth of 20-25%. As a result, the market volume may reach 318-331 billion rubles.
>! Interviews with experts
Why do we need 20 SIEM or 20 NGFW? We lack ecosystem
Ruslan Lozhkin,
CISO Absolut Bank
If we immediately carry out import substitution, business processes will stand up
Alexander Yegorkin,
First Vice President of
Gazprombank
The peculiarity of protecting state secrets is that information is protected and how they are protected
Roman Parshin,
Barrier Battery
There is a request for an understandable and tangible result of the implementation of individual solutions
Alexander Pukha,
AMT GROUP
The demand for PAM systems is growing even among companies without an information security department
Konstantin Rodin,
iT Bastion
The integrator's task is to find a compromise between the customer's requests, the vendor's solutions and the regulator's rules
Kirill Timofeev,
OBIT
Data security is no longer about documents, but about the result
Rustam Farrakhov,
InfoWatch Group of Companies
₽ TAdviser Security 100: The largest information security companies in Russia
TAdviser has prepared a new rating of the 100 largest Russian companies operating in the field of information security. He included vendors and integrators of information security solutions, as well as distributors of such products. The rating is built on the basis of questionnaires and official reporting of companies.
Kaspersky Lab again became the leader in the rating. At the end of 2023, the revenue of the Russian legal entity of the company reached 47.7 billion rubles, an increase of 31%. The second place was taken by Gazinformservice, the third - Softline.
The total revenue of all participants in the rating exceeded 376 billion rubles. The total dynamics compared to 2022 was 45.9%.
! Current solutions
.png){kind=logo}
2 Information Security Customer Priorities
Over the past two years, companies have increased their information security budgets, according to some estimates, by 15-20%. This is due to the rise in price of vendors' products, and the need for customers to purchase innovative technologies.
Customers today pay special attention to security. In particular, for the introduction of a secure development pipeline into the life cycle of products, the presence of the product in the register of domestic software and the availability of certificates from FSTEC and the FSB of Russia. The level of internal competence of customers has also grown. Increasingly, vendors are receiving requests for specific products and works that cover certain needs of the company. In addition, customers are ready to outsource more and more tasks, as far as legislation allows, which seriously increases the requirements for contractors in terms of information security.
Companies began to pay more attention to the availability of guarantees that the manufacturer will not disappear from the market, will continue to systematically develop the product and support the proposed solutions. Vendors that can provide such guarantees have an advantage in the market. It is also important for customers to integrate with other large Russian solutions, the presence of secure cloud storage located in Russia, an integrated system for protecting physical and virtual desktops, a powerful system for protecting against DDos attacks, as well as trainings for training information security specialists. These factors can become key when choosing a solution. In a more advantageous position are manufacturers who can offer the widest set of functions - it is more likely that the customer will find what he needs.
>! Expert opinion
3 Current threats, risks and trends in information security: what experts are talking about
According to the InfoWatch Group of Companies expert analytical center, hacker attacks remain the main cause of information leaks - their share in the total volume of leaks in Russia in 2023 amounted to 82.7%. The main threat to industrial infrastructure (APCS) is malware, namely ransomware Trojans and spy Trojans, which account for 80% of all known hacker attacks. Moreover, more and more often these attacks are ordered by a third party.
The SearchInform company conducted a study of the information security level in companies and found out that the most urgent threat for many is information leaks due to the fault of an internal violator. 66% of companies from various fields face such incidents: IT, industry, transport, retail, healthcare, as well as the oil and gas and public sector. Companies are forced to consider such a threat as one of the priorities.
Positive Technologies notes that ransomware (57%) and spyware (23%) stand out among malware, the share of which has increased compared to 2022. Social engineering was used in 2023 in 45% of successful attacks on organizations, while there is an increase in its use as an attack method - in the first quarter of 2024, the figure was 52%.
Among the current threats, experts name unprecedented DDOS attacks that break or slow down business processes, theft of databases and significant commercial documents, deepfakes of various levels. In the future, the threats of using quantum computing to hack systems are visible.
>! Current project
Case
How VTB automated the vulnerability management process using R-Vision VM and
unloaded employees
# Map of the Russian information security market
Analytical center TAdviser has prepared a new Map of the Russian information security market (IS). It marks over 250 domestic companies-developers of products and services in the field of information security, as well as suppliers of such services. During the preparation of the map, the company's solutions were segmented into 43 categories in 4 main groups: "Infrastructure Protection," "Monitoring, Research and Analysis," "Data Protection" and "Services and Services."
>.jpg)
* TAdviser guides for information security
+ TAdviser statistics for some categories of information security solutions
- See also
- Information security in the company
- TAdviser Review: Information Systems Security 2023
- Information security outsourcing. TAdviser 2023 review
- Map of the Russian information security market 2023
- Map of the Russian information security market 2021
- Russia's policy in the field of international cybersecurity
- Russian National Security Strategy
- Cyber war of Russia and the United States
- Cyber war of Russia and Great Britain
- Security of critical information infrastructure of the Russian Federation
- Cybercrime and cyber conflicts: Russia
- The number of cybercrimes in Russia
- Information security of the digital economy of Russia
- The Impact of Remote Work on Company Security
- Security Service Model - Information Security Outsourcing
- Import substitution of information protection tools
- Information Security Software
- Targeted attacks: What losses do companies suffer?
| Antivirus Software Solutions |
Antivirus is a software package specially designed to protect, intercept and remove computer viruses and other malicious programs. Modern antivirus programs are able to effectively detect malicious objects inside program files and documents. In some cases, the antivirus can remove the body of a malicious object from the infected file by restoring the file itself. In most cases, the antivirus is able to remove a malicious software object not only from the program file, but also from the office document file without violating its integrity. The use of antivirus programs does not require high qualifications and is available to almost any computer user.
{{# Informer diagramm years: Information Security - Antiviruses||3}}
| Antispam Software Solutions |
Antispam is a method that partially or entirely prevents unwanted information (SPAM) from entering the horizons of a user or group of PC users. The method is carried out by configuring software both on the client side and on the server side, which can serve as an intermediary when accessing the Internet (antispam technology).
{{# Informer diagramm years: IS - Antispam||2}}
Firewall | Firewalls |
Firewall or firewall - a complex of hardware or software that monitors and filters network packets passing through it at various levels of the OSI model in accordance with the specified rules. The main task of the firewall is to protect computer networks or individual nodes from unauthorized access. Also, network screens are often called filters, since their main task is not to skip (filter) packets that do not fit the criteria defined in the configuration. Some network screens also allow the translation of addresses - the dynamic replacement of intranet (gray) addresses or ports with external ones used outside the LAN.
{{# Informer diagramm years: IS - Firewalls||2}}
IAM IDM | Identity and Access Management Identity and Access Management Authentication Systems |
Improper access of employees to information systems is fraught with distortion and loss of important data for the company, which can develop into financial and reputational losses. Understanding this, more and more Russian companies are introducing identity management solutions. IDM systems allow you to manage the identity and access rights of users in the information systems of the organization. They appeared on the world market a long time ago, and have since evolved significantly. In Russia, such decisions have been presented for more than 10 years.
{{# Informer diagramm years: Information Security - Authentication||2}}
| Biometric identification |
Biometric authentication is the process of proving and authenticating by a user presenting their biometric image and by converting that image according to a predetermined authentication protocol. Biometric authentication systems are authentication systems that use their biometric data to identify people.
{{# Informer diagramm years: IS - Biometric identification||2}}
| Encryption Tools Cryptography |
Cryptography (from Greek. κρυπτός - hidden and γράφω - to write) is the oldest science about ways to protect confidential data from unwanted third-party reading. Cryptanalysis is a science that studies methods of violating information privacy. Cryptanalysis and cryptography together make up the science of cryptology, which studies methods of encryption and decryption.
Prospective developments
Quantum cryptography is rightfully considered a new round in the evolution of information protection. It is she who allows you to create almost absolute protection of encrypted data from hacking.
- [1]History
- Implementation of the idea
- [2]Development Prospects
- Quantum cryptography for mobile devices
{{# Informer diagramm years: Information Security - Encryption Tools||2}}
DLP | Data Loss Prevention Technologies for Preventing Leaks of Confidential Information from the Information System Outside |
According to the results of a study of confidential information leaks from organizations in Russia in 2016, the InfoWatch Analytical Center recorded 213 cases of information leaks from Russian companies and government agencies, which is 80% more than in 2015. In nine out of ten cases, personal data (PD) and payment information were leaked in Russia, and the total amount of data compromised over the year increased more than 100 times to 128 million records, but did not exceed 4% of the global volume of information leaks.
{{# Informer diagramm years: Information Security - Information Leakage Prevention||1}}
Backup | Backup and Storage |
A backup system is a set of software and hardware that performs the task of creating a copy of data on a media designed to restore information to its original location in the event of damage or destruction. Backup systems ensure continuity of business processes and protection of information from natural and man-made disasters, actions of intruders. These technologies are actively used in the IT infrastructures of organizations of various industries and sizes.
{{# Informer diagramm years: IS - Backup and storage||2}}
SIEM | Security Information and Event Management |
SIEM (Security information and event management) - combining two terms denoting the scope of software: SIM (Security information management) - information security management and SEM (Security event management) - security event management. SIEM technology provides real-time analysis of security events (alarms) originating from network devices and applications.
{{# Informer diagramm years: Information Security Management (SIEM)||2}}
DDoS | Distributed Denial of Service Spurious Request Flow |
Distributed Denial of Service - DDoS attack - a stream of false requests that tries to block the selected resource either by attacking a communication channel that is "clogged" with a huge amount of useless data, or by attacking directly on the server serving this resource. Such actions are used for the purpose of competition, direct blackmail of companies, as well as to divert the attention of system administrators from other illegal actions.
- DDoS attacks in Russia
- Protection against DDoS attacks
- Types of DDoS attacks
- Events in the field of DDoS in different years
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |