trust in technology is impossible without security guarantees

This year, the event has reached a new level, turning into a large urban cyber festival. His key ideas were to increase trust in technologies and develop awareness of their use through cyber literacy. The interest of a wide range of users, representatives of business, the state and the media in the event once again emphasizes that Information Security today concerns everyone.

The guests of the open space of the cyberfestival — the cybercity — learned how not to become victims of scammers on marketplaces, as well as about the features of ChatGPT, choosing a secure VPN, and other aspects of IT and information security. As part of the conference part of the cyber festival, experts discussed the transition of government agencies and private companies to effective security, the strategy for uniting the community, methods of secure development, and the development of the bugbounty market. The Standoff cyber battle has come to an end: in four days, the attackers in the fictional State F (but with real control and protection systems) managed to implement inadmissible events 204 times, and the defenders managed to investigate 43 attacks. If the cybersecurity professionals involved in the battle had to face similar malicious activity within their companies, they would be ready to respond effectively.

Guaranteed protection as a result: who is responsible for it

The topic of effective cybersecurity remained key for conference part of the second day .

Vladimir Bengin, director of the cybersecurity department of the Russian Ministry of Digital Development, was surprised at the full hall on Saturday morning. He recalled that in any case, information security specialists have to be directly responsible for the result. “We were waiting for the business to hear us,” he heard. Companies do not care what protections are implemented: they care about the result and understanding of who is responsible for it. Unfortunately, the security guards still very often cannot explain what it will be like. The introduction of some popular protection system is not the result. A normal result is when a security specialist informs management that, specifically today, vulnerabilities in a company are eliminated, say, within 127 days, and this is too risky: it is necessary that they be eliminated in critical segments in 12 hours, and this requires so many million rubles,” admitted Vladimir Bengin.

Aidar Guzairov, CEO of Innostage (the company that co-organized Positive Hack Days 12), said that the changes over the past year in terms of goal setting, awareness, and everything that happens in cybersecurity are comparable to a five-year period in calmer times. “Two years ago at PHDays, we talked about how great it would be for executives to think about information security. Be afraid of your desires: many managers have personally learned what information security is. On the other hand, the cybersecurity industry now perceives responsibility for results differently. If two years ago I could only call our company an integrator, now we are much more than an integrator, and we are responsible for the result, for ensuring that hackers do not threaten our clients’ business. For us, these are primarily reputational risks. We are starting to think about how to achieve results in the field of information security in a different way, more effectively,” Aidar Guzairov stressed.

Sergey Sherstobitov, CEO of Angara Security, agreed with the thesis that Russian cybersecurity has passed the five-year period in a year, noting that the main beneficiaries of the current window of opportunity are domestic developers. “A lot of interesting products are emerging. Customers have moved towards services. If earlier we only said that information security services can give great results in a clear timeframe, now services are becoming in demand in almost all areas. The only exception is insurance services, which for some reason do not take off,” said Sergey Sherstobitov.

“The main change of the last year is the new attitude of owners to information security issues,” said Pavel Kulikov, CTO SDEC. “A lot of organizations have been hacked, causing many to move away from the paradigm of ‘IS is about continuous improvement and learning’ to the question of concrete results. The presence on the Russian market of companies that allow you to get results immediately, and not after six months or a year, is very good. When we were faced with the task of protecting email, we connected to the service in three days, while ourselves, according to the initial estimate, would have been preparing for such work for 3.5 months. But in the current conditions, this time is not. And from eternal continuity, we move on to specifics.