Protection of critical infrastructure in Russia
Working in many regions of the world, we have access to data relating to information security in various countries and in the world as a whole, we analyze it and sometimes draw interesting conclusions. And recently, in connection with the sensational attacks of Stuxnet, we asked the following question: Are Russian critical infrastructure facilities ready to withstand cyber attacks? 
So, today we would like to discuss our research data on the protection of critical infrastructure in Russia and the world.
It should be noted that we understood not only nuclear power plants as objects of critical infrastructure. The companies surveyed in the course of the study were selected from industries that are of such importance to the national economy or to society that in the event of successful attacks and damage to their computer networks there will be a threat to national security - this is health care and emergency services, for example, telecom.
The data of the survey did not claim absolute accuracy, but nevertheless, quite clearly, in our opinion, illustrate some of the problems:
We considered “sufficient” the assessment, which was defined by the respondents as medium or high. Accordingly, if the degree of protection was defined as low or zero, this assessment was considered not sufficient.
Now compare the Russian data with global indicators. For clarity, we calculated the average values ​​of the status of security in Russia and in the world. We took + 100% for the maximum security, and -100% for the minimum, calculated the arithmetic average of statuses for all criteria and obtained the total index. It turned out -7% in Russia and + 25% on average in the world.
For the sake of justice, of course, it is worth noting that our critical infrastructures experience fewer attacks than in many countries (at least according to our own assessment of both). But on the other hand, a year ago, Russia soared to the 7th place of the charts of countries with the highest level of Internet crime, and according to some indicators even entered the top three.
')
Details and some other research data can be found here ( pdf )
So, today we would like to discuss our research data on the protection of critical infrastructure in Russia and the world.
It should be noted that we understood not only nuclear power plants as objects of critical infrastructure. The companies surveyed in the course of the study were selected from industries that are of such importance to the national economy or to society that in the event of successful attacks and damage to their computer networks there will be a threat to national security - this is health care and emergency services, for example, telecom.
The data of the survey did not claim absolute accuracy, but nevertheless, quite clearly, in our opinion, illustrate some of the problems:
- 20% of respondents do not respond properly to information security incidents;
- 26% - do not use sufficient measures to control access to infrastructure based on credentials;
- 30% - do not have a disaster recovery plan for information systems, or it is in a low degree of readiness;
- 30% - do not apply sufficient measures to ensure the security of websites;
- 33% - do not properly monitor information security;
- 34% - do not apply sufficient measures to protect the network;
- Executive management 35% - not aware of the importance of threats to information security to a sufficient extent;
- 37% - do not apply sufficient measures to ensure the security of electronic messages;
- At 39%, safety training is not conducted at a sufficient level;
- 45% do not conduct a security audit at a sufficient level;
- More than half (51%) do not apply sufficient measures to protect endpoints (work computers of users, servers, terminals, etc.), that is, more than half of enterprises are not protected.
We considered “sufficient” the assessment, which was defined by the respondents as medium or high. Accordingly, if the degree of protection was defined as low or zero, this assessment was considered not sufficient.
Now compare the Russian data with global indicators. For clarity, we calculated the average values ​​of the status of security in Russia and in the world. We took + 100% for the maximum security, and -100% for the minimum, calculated the arithmetic average of statuses for all criteria and obtained the total index. It turned out -7% in Russia and + 25% on average in the world.
For the sake of justice, of course, it is worth noting that our critical infrastructures experience fewer attacks than in many countries (at least according to our own assessment of both). But on the other hand, a year ago, Russia soared to the 7th place of the charts of countries with the highest level of Internet crime, and according to some indicators even entered the top three.
')
Details and some other research data can be found here ( pdf )
Source: https://habr.com/ru/post/112745/
All Articles