Who will protect 50 thousand critical information infrastructure facilities?
Posted: Mon Jan 27, 2025 6:07 am
An equally acute and pressing problem is the insufficient information security maturity of Russian manufacturers of industrial control systems. According to Alexander Karpenko, this is also reflected in the fact that the topic of attacks is taboo for developers of industrial automation systems, and this seriously complicates the work of ensuring cybersecurity.
An equally acute problem, as cayman islands phone number list noted by Alexander Poznyakevich, Head of Industrial Infrastructure Protection at Kaspersky Lab, is that Russian vendors do not eliminate vulnerabilities in a timely manner, including critical ones. And in order to force them to do so, regulators have to be involved. As Dmitry Darensky complained, sometimes it is simply unclear who in the Russian vendor of APCS should be contacted to notify about the presence of certain problems. As a result, import substitution not only does not increase the security of facilities, but reduces it.
Read also
More than 70% of critical information infrastructure (CII) facilities in Russia are located at fuel and energy complex enterprises. In second place is healthcare with 12% and communications with 9%. The total number of CII facilities in Russia is more than 50 thousand. These results were obtained during a study by ANO "Digital Economy".
Here, however, regulators are already actively working. Andrey Ivanov, the architect of solutions at InfoTeKS, reminded that starting from January 1, 2023, the requirement to use secure development technologies for software used at critical information infrastructure facilities will become mandatory. And in general, active lobbying by FSTEC for secure development technologies, according to Alexander Poznyakevich, will allow the situation with firmware for APCS equipment to be corrected fairly quickly.
Positive examples of cooperation between vendors of protection tools and APCS are also emerging. As Igor Dusha noted, InfoWatch ARMA has such experience, having assisted a number of APCS manufacturers in building a safe development pipeline.
As Vladimir Karantaev emphasized, universities are also actively working to promote safe development technologies. At least three Russian universities already teach a corresponding course, and this number will only grow. Many large companies, in particular PJSC Rosseti, also include requirements for the mandatory use of such development approaches in their technical specifications.
Also, according to UDV Group Technical Director Andrey Suslin, it is necessary to form demand for systems designed from scratch and based on the Russian component base. And the sooner this is done, the better. Now it is more profitable for vendors to sell re-labeled foreign products, which will obviously be worse than the original, including due to the fact that vulnerabilities in the software will not be eliminated in time.
The downside of import substitution, as Dmitry Darensky warned, is also the need to reconfigure security tools, in particular security information and event correlation systems (SIEM). This is due to the fact that Linux and Windows kernel-based systems have different indicators of compromise.
An equally acute problem, as cayman islands phone number list noted by Alexander Poznyakevich, Head of Industrial Infrastructure Protection at Kaspersky Lab, is that Russian vendors do not eliminate vulnerabilities in a timely manner, including critical ones. And in order to force them to do so, regulators have to be involved. As Dmitry Darensky complained, sometimes it is simply unclear who in the Russian vendor of APCS should be contacted to notify about the presence of certain problems. As a result, import substitution not only does not increase the security of facilities, but reduces it.
Read also
More than 70% of critical information infrastructure (CII) facilities in Russia are located at fuel and energy complex enterprises. In second place is healthcare with 12% and communications with 9%. The total number of CII facilities in Russia is more than 50 thousand. These results were obtained during a study by ANO "Digital Economy".
Here, however, regulators are already actively working. Andrey Ivanov, the architect of solutions at InfoTeKS, reminded that starting from January 1, 2023, the requirement to use secure development technologies for software used at critical information infrastructure facilities will become mandatory. And in general, active lobbying by FSTEC for secure development technologies, according to Alexander Poznyakevich, will allow the situation with firmware for APCS equipment to be corrected fairly quickly.
Positive examples of cooperation between vendors of protection tools and APCS are also emerging. As Igor Dusha noted, InfoWatch ARMA has such experience, having assisted a number of APCS manufacturers in building a safe development pipeline.
As Vladimir Karantaev emphasized, universities are also actively working to promote safe development technologies. At least three Russian universities already teach a corresponding course, and this number will only grow. Many large companies, in particular PJSC Rosseti, also include requirements for the mandatory use of such development approaches in their technical specifications.
Also, according to UDV Group Technical Director Andrey Suslin, it is necessary to form demand for systems designed from scratch and based on the Russian component base. And the sooner this is done, the better. Now it is more profitable for vendors to sell re-labeled foreign products, which will obviously be worse than the original, including due to the fact that vulnerabilities in the software will not be eliminated in time.
The downside of import substitution, as Dmitry Darensky warned, is also the need to reconfigure security tools, in particular security information and event correlation systems (SIEM). This is due to the fact that Linux and Windows kernel-based systems have different indicators of compromise.