Russian private and public companies increase spending on cyber exercises

Russian private and government organizations are increasing investments in cyber exercises. Over the year, expenses for these events increased by 20% and can reach 1 million rubles. for the training of one employee. Cyber ​​exercises also make it possible to test defense systems in action. However, not all companies are able to afford full-fledged events: small organizations send their specialists to third-party exercises for national teams. But in this segment, experts say, there is a “clear lack of supply.”

Kommersant got acquainted with the results of a survey by Solar Group (part of Rostelecom) on the conduct of cyber exercises in Russian commercial companies of various segments and public sector organizations, including federal and regional authorities.

More than 100 specialists responsible for information security took part in the study. From its results it follows that 75% of surveyed companies plan to conduct cyber exercises to improve the skills of specialists. The majority (42%) plan to conduct them with a budget of 500 thousand rubles. per employee, 13% – from 500 thousand to 1 million rubles, and 19% – more than 1 million. About a quarter of companies (26%) are ready to allocate only up to 100 thousand rubles.

“On average, we can talk about a doubling of budgets for the market as a whole,” notes Evgeniy Akimov, director of the Solar cyber range. “The growth is mainly due to the large number of companies that are using this tool for the first time. However, there are those who have already conducted cyber exercises in 2022. According to them, we see an increase in budgets by about 20%.”

Cyber ​​exercises mean testing the practical skills of specialists in protecting against hacker attacks, the ability to prevent and detect threats, the Solar Group clarified. The number of specialists in each organization who must undergo training is relatively small: 20% plan to train one or two people, 37% – up to ten, 20% – up to 50, and 21% – more than fifty.

Informzashita confirms the growth of market participants’ investments in cyber exercises, but talks about a more modest 10–15%. If previously, to check the security of companies, they resorted to pentest services (testing infrastructure for penetration from the outside), the company explained, but now a trend is emerging towards cyber training for employees. The reason for the popularity of this format is the growth of insider threats (50% of leaks, according to the company, occur due to the fault of an internal violator), both intentional and unintentional, says Alexander Matveev, director of the IZ:SOC center for monitoring and countering cyber attacks at Informzashchita.

Elena Molchanova, business leader of the Standoff 365 Positive Technologies cyber training ground, adds that companies that have a cybersecurity monitoring center conduct exercises to practice detecting and investigating cyber attacks for 10–20 people at once – they are the most expensive.

Smaller organizations, the expert adds, often send specialists to exercises conducted for national teams, but in this segment “there is a clear lack of supply.” As a result, the expert notes, in some cases companies are forced to replace training with courses or conduct smaller-scale training on their own.

Realizing the responsibility for the personal data of clients, businesses choose exercises as a clear tool for assessing the effectiveness of their investments, says Pavel Kuznetsov, product director at Garda Technologies (part of the Garda Group of Companies). In his opinion, an increase in investment, at least by large companies, in security is not accompanied by a reduction in spending on “other activities.” Large companies with a developed cybersecurity department already spend a significant portion of their funds on IT areas, adds Natalya Nazarova, director of the Institute for Entrepreneurship and Economic Development, and “it is unlikely that the costs of cyber exercises will be critical for them.”

Tatiana Isakova