Discuz! Board

 找回密码
 立即注册
搜索
热搜: 活动 交友 discuz
查看: 146|回复: 0
打印 上一主题 下一主题

Regulator signals

[复制链接]

1

主题

1

帖子

5

积分

新手上路

Rank: 1

积分
5
跳转到指定楼层
楼主
发表于 2024-11-7 18:12:47 | 只看该作者 回帖奖励 |正序浏览 |阅读模式
Almost 100% of socially significant services in Russia are provided digitally, the volume of investments in domestic IT solutions in 2022 amounted to 521.9 billion rubles, said Igor Lyapunov, CEO of Solar Group, at the SOC-Forum 2023. Despite the sharply increased number of cyber threats, the digitalization of production and healthcare continues, and the national project "Data Economy" is being prepared for launch, he said.
– We see two trends: on the content writing service one hand, accelerating digitalization, on the other, constant pressure from hackers sponsored by foreign states. Solar Group records more than 170 targeted attacks on Russian resources per day. According to our data, about 440 million lines of confidential information leaked online in 2023.

To counter these threats, business, the professional community and regulators need to work together.

But often operators or owners of resources related to critical information infrastructure (CII) try to artificially divide CII objects into segments to reduce negative consequences and reduce the category of significance, noted Deputy Director of the FSTEC of Russia Vitaly Lyutikov.



Since the end of 2022, FSTEC has checked more than 40 thousand systems, a third of which were returned for revision in terms of [assessment of possible] damage

Vitaly Lyutikov, FSTEC of Russia:

– When deciding which systems should be protected, we propose to be guided by documents developed by industry regulators and, of course, Government Resolution No. 127 as the main regulatory act.

Industry lists of typical critical information infrastructure facilities have been developed and agreed upon with the Russian Federal Service for Technical and Export Control in seven industries: science, fuel and energy complex, energy, transport, rocket and space and nuclear industries, and banking. Similar lists may appear in other areas by the end of 2023, said Elena Torbenko, head of the Russian Federal Service for Technical and Export Control, at the forum.

Standard lists are not lists of significant critical information infrastructure facilities, she emphasized.

A typical list is:

Types of systems that a critical information infrastructure entity has, taking into account its types of activities;
Systems that should be included in the list of objects subject to categorization.
“In our opinion, this is a great help to organizations at the initial stage of realizing themselves as subjects [of critical information infrastructure] and realizing their systems as objects that need to be protected,” noted Elena Torbenko.

FSTEC has identified more than 700 violations in the field of cybersecurity, Vitaly Lyutikov said. According to him,

In 98% of cases, the simplest violations are detected, which, nevertheless, can create the preconditions for the emergence of threats

“We will invite organizations that are scheduled for inspection in 2024 to meetings where we will present typical errors so that they have the opportunity to correct the shortcomings before the inspection,” warned Vitaly Lyutikov.

回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver|手机版|小黑屋|Comsenz Inc.  

GMT+8, 2024-11-25 09:44 , Processed in 0.035773 second(s), 15 queries , Apc On.

Powered by Discuz! X3.1

© 2001-2013 Comsenz Inc.

快速回复 返回顶部 返回列表