Sobolev Dmitry

• Dmitry Sobolev (1972) in 1995 with honors graduated from Military Academy of F.E Dzerzhinsky. Passed further service in central office of MO Russian Federation.
• From 2000 to 2010 there passed the way from the leading specialist to the director of Directorate of information security of Transtelecom Company Ltd. The majority of projects of Transtelecom Company Ltd in the field of cybersecurity were implemented with its direct participation. Among the most significant - creation of an information security system of trunk IP network of the company and its certification on requirements of FSTEC, creation and certification of a system of management of cybersecurity of information security and many other things.
• Since 2010 worked in JSC MTS where supervised management processes of information security.
• In 2011 - the Director of the department of information security of NVision Group. Shareholders and company management set for Dmitry the complex task of development of the cybersecurity direction, including development and deployment of the new services and technologies meeting the most modern requirements of protection of business against different types of information threats that will allow NVision Group to become one of the main leaders in the market of services of information security.
• In 2017 - the State Duma the National Innovation Center (NIC)

Quote

2011

The director of the department of information security of Nvision Group system integrator Dmitry Sobolev commented on the statement of the Ministry of Telecom and Mass Communications of the Russian Federation of Igor Shchegolev for need of the international regulation of protection of users against illegal use of their personal data.

"If to remember that the Internet was created as steady against extra PWM to influences (very hardy) data transmission medium, then becomes obvious why in this environment dominating the idea – associations independent and to nobody under control networks where there is maximum freedom of expression is: speak and do that you want, saving at the same time anonymity (if to aim at it, then it is not a problem). That architecture which was applied initially at construction of the Internet that ideology which was put, did not assume that there can be problems with personal data of users. Today we see that the complete freedom adjoining on absence of control has also a reverse side: The Internet is criminalized. In reply the pendulum begins to move to other extreme – total control from the state.

Our task consists in reaching such compromise between self-regulation on the Internet (that, certainly, is positive) and protection of interests of society, users and the state. It is difficult to argue, with a thesis that elements of regulation are necessary, but not to make plain and known errors, it is necessary to be defined from subjects what data relating to personal it is necessary to protect as well as how to do it. In what cases of information exchange what information about the subject can be requested and as are transferred. It is necessary to analyze models of information exchange on the Internet, to define the most general patterns and to develop rules. It is obvious that there are identification data which we should show at each information exchange and which are unreasonable for protecting. You do not conceal the name when you ask to be provided. The mechanisms of reliable authentication and authorization allowing to connect unambiguously actions which you make with you are necessary. It is necessary to provide convenient and safe mechanisms of collecting and storage of the optional personal data used for commission of different actions, including legal character. All these aspects require a comprehensive investigation. Only based on the analysis of information exchanges on the Internet and review of the relation to classification of personal data, it makes sense to speak about regulation on the Internet.

As for the international regulation, really, it can be only such because the Internet is a network without borders, and within one state not to solve a problem (though there are examples of local solutions - it is a way in anywhere as different "national firewalls" - have no future). For this purpose it is necessary to agree at the interstate level, the first step is harmonization of national legal acts, exchange of experience. It is necessary to approve international approaches to rules of classification of information processes, allowed to fix mechanisms which, on the one hand would protect personal data of users from various leaks on the other side of legal safeguards to different business operations in network, would allow the states to fight crime in network and protected users from "importunate" interest in their persons, as from other users, and the state. The idea is simple: we need to transform those mechanisms of information exchange between subjects which exist in the real world - to the world digital, at the same time having saved them from the existing problems and having enriched with new opportunities".