Cybersecurity fails to meet the deadline – Newspaper Kommersant No. 219 (7420) dated 11/25/2022

Customers of domestic cybersecurity tools are faced with rising prices and delayed deliveries, follows from a survey by Rostelecom-Solar. Among the most popular products are high-performance firewalls. A significant proportion of projects submitted for support to the government concerns the development of just such solutions, Kommersant found out, the cost of their development reaches 1.8 billion rubles. Russian vendors do not have time to finalize products to the level of foreign ones, which, according to experts, is associated with delivery delays.

Kommersant got acquainted with the results of a survey on the organization of cybersecurity in the third quarter, conducted by Rostelecom-Solar among more than 150 representatives of private business and the public sector. Respondents estimated the share of Russian information security solutions at 35% of those used, which is 6 p.p. higher than in the first quarter. At the same time, commercial companies noted an increase in prices for domestic developments to a greater extent than government agencies – by 16% (compared to February 2022) against 12%.

But even more than prices, survey participants are concerned about the delay in the delivery of Russian solutions. Thus, in the first quarter, 54% of respondents reported on timely deliveries, and in the fourth – by 13 p.p. less. The proportion of respondents from the public sector who complain about many months of delays has noticeably increased, from 3% to 21%. According to Vasily Guryev, iTMan project manager from Softline, the problem lies with the customers themselves: “Companies want a little more than what is available in ready-made Russian solutions, to supplement the software with the functionality that was in similar imported products.” The requirements are many, and they are all different, he adds, so “the production of products can be overloaded.”

VPN gateways are in the highest demand among surveyed companies, with 29% of respondents planning to replace or implement them. Rostelecom-Solar associates this with regulatory requirements for information protection. Also among the popular solutions are next-generation firewalls (NGFW): 15% of survey participants plan to implement them. Suppliers, apparently, understand this: out of 23 projects directed to the Development Competence Center (TsKR) “Information Security Tools” supervised by the Ministry of Digital Development, six are from Positive Technologies, Rostelecom-Solar, TechArgos, S-Terra CSP and NumaTech, etc. – relate to the implementation or development of NGFW, follows from the passports available to Kommersant.

Developments are designed to replace the products of Cisco, Palo Alto, Cisco and Fortinet. RTK-Solar confirmed the development of NGFW, referring to the fact that after the departure of foreign vendors on the market, “there is no high-performance solution that can replace them at the proper level.”

The most expensive project NGFW presented “Security Code”: they expect to spend 1.8 billion rubles there. to a 100 Gbps firewall. The company intends to implement the project with its own money, according to the passport. VTB was named the key customer.

Five projects submitted to the Central Committee of the Kyrgyz Republic were developed with the expectation of a state order. So, Spacebit (part of the Informzaschita group) has requested grants for two projects for the Federal Treasury and one for the National Operator for Radioactive Waste Management (NO RAO, part of Rosatom). Spacebit also asks to co-finance projects for the Federal Treasury (total cost – 115 million rubles) and NO RAO (113 million rubles). All projects are being finalized. Two projects for the Federal Tax Service and the Ministry of Defense (approved, estimated at 64.4 million rubles, a grant of 38.6 million rubles) were sent by Garda Technologies.

Deputy CEO of Zecurion Alexander Kovalev explains that Russian NGFW solutions have not been actively developed before due to fierce competition with market leaders: “They provided not only standard solutions, but also web application control: a ban on sending messages in social networks or listening to music. The development of such functions is expensive, Western vendors had the funds for this, he notes. Most Russian solutions in the field of information security were historically developed under the acts of regulators, and they did not impose requirements on NGFW, Alexey Lukatsky, Internet security consultant at Positive Technologies, explained: get certified.”

Yuri Litvinenko