29% of respondents noted difficulties in coordination

[tanjimajuha20]

As for the frequency of training, 87% of respondents say that cyber exercises should be conducted at least twice a year. 16% believe that this should be done monthly, 45% - once a quarter, 26% - every six months. The remaining 13% chose the option "less than once a year."

Dmitry Dudko, head of the integrated security center at the Lanit group of companies, believes that the best option is to conduct cyber drills once every three years: "A certain cycle brazil whatsapp resource of information security projects has developed in the industry. At the initial stage, an incident occurs or an audit is conducted, a budget is determined for the creation or modernization of a security system. Then the design takes place, and the information security system (ISS) is implemented either immediately or the following year. Consequently, conducting cyber drills more often than once every three years is an expensive pleasure."

and the unwillingness of management to allocate funding for such events. 25% complained about the lack of time due to the high workload of IT specialists. 21% consider the cost of the service too high. And only 8% cited a lack of trust in external providers and prefer to independently improve the skills of information security (IS) teams.

Despite this, the vast majority of representatives of Russian companies consider cyber training useful (72%) and effective (66%). At the same time, 69% of respondents are confident that such events help to increase the level of security of the organization.

Information security expert at the consulting company Axenix Evgeny Kachurov explained how many employees should take part in cyber exercises: "It all depends on the type of exercises. Some of them may involve only employees of IT and information security departments. Other types of exercises should involve all employees of the company. For example, if we consider training for an incident related to the leakage of personal data, in addition to IT and information security, representatives of business units and other areas should be involved, in addition to IT and information security."

Olga Trofimova, Head of the K2 Cybersecurity Consulting Department at the K2Tech IT company, believes that the key to successful cyber exercises is the participation of the largest possible number of users of the company's information systems. "It is important not to limit yourself to representatives of information security departments, since various groups of employees have legitimate access to information systems and the information processed in them and, accordingly, can commit incorrect actions under the influence of intruders. Since companies' resources are often limited, we recommend including in such exercises at least privileged users of systems (administrators), employees of key business departments and top managers of the company," advises Olga Trofimova.

Business leader of the cyber training ground Standoff 365 Positive Technologies Elena Molchanova is sure that the strategy of cyber exercises for different organizations should be different: "For a small organization, it is important that all employees understand the importance of information security and have basic cyber hygiene skills, and that information security and IT specialists understand what threats are most likely to affect them, implement and maintain information security tools up to date, and know how to respond during incidents. At the same time, full-scale cyber exercises, which are usually held at cyber training grounds, are practically unrealistic for them: too expensive, and there is no point in holding them for one to five people. In this case, organizational measures to respond to attacks are practiced at so-called command and staff exercises, which the company can conduct independently, and technical monitoring and response skills can be developed as part of a combined team at cyber training grounds