• Position : Consultant
  • Affiliation : PIR Center
  • Position : CEO
  • Affiliation : InfoWatch Group
complete list

Related articles

It was almost two decades ago, when I was brought a manuscript. It was entitled “Information challenges to national and international security”. International information security – or cybersecurity, to use the more popular but grossly oversimplified term – is now high on the agenda of global challe...

In this issue of Russia Confidential, we continue our review of highlights of the 4th Moscow Conference on International Security attended by leading security experts, military specialists, and decision-makers from 86 countries.
The focus of this issue is on information security - which was for the f...

Cyber security of the critical infrastructure: what to defend, how and from whom?


MOSCOW,   NOVEMBER 21, 2016. PIR PRESS – “We are facing the threat of the possible recurrence of purposely designed software breaking even through the “air wall”. In these circumstances we are concerned about what is being done about it, and how regulators, industry representatives, market, and, finally, international society are changing their approach to the recent developments” – PIR Center consultant Oleg Demidov.

The problem of the critical infrastructure cybersecurity was one of the most discussed issues during the international conference “Emerging technologies and global security: an agenda for the 21st century”, that took place in Moscow on September 28. The wide range of speakers included experts as well as professional technical community members and information security vendors, which helped to form a multidimensional view of the situation. The session was moderated by PIR Center consultant Oleg Demidov.

The plenary session was opened by InfoWatch Group president Natalya Kaspersky, who highlighted the difficulties, which information security vendors face at different stages of their work. The problems are caused by the customer interaction and by the immaturity of the Internet of Things as a concept. “The Internet of Things is a new technology thus far, which is implement almost without any security systems. That is why it’s quite sure to say, that the companies, that implement the Internet of Things, are less safe than the conservative ones”, - Kaspersky stated. 

Andrey Suvorov, head of Critical Infrastructure Business Development at Kaspersky Lab, listed the key difference points between the security modes of corporative networks and complex cyber-physical systems. The latter requires “sustainable technological process”, Suvorov noticed. Moving further, he pointed out the problems of threat detection at this type of systems: “It is not sufficient to know if there is a malware in the computer – one has to recognize the deviation in the technological process”.

The speakers also covered the development of the industrial facilities information security systems market and the problem of the demand and supply imbalance in this sphere. “Most products are highly targeted, though consumers are interested in all-in-one solutions. It is possible to create new security systems, while combining the existing ones” – as the head of “Cybersecurity technologies” at the “Skolkovo Foundation” Sergey Khodakov formulated the key controversy, describing Skolkovo’s support to startup IT-companies.

Consultant on cybersecurity Vadim Podolny concluded the meeting. The expert noted that the protection of the automatic control systems of technical processes (ACS) against cyber threats already plays an important role in the design and construction of nuclear power plants: “ACS - is 10% of nuclear power plants cost and 10% of the ACS is being invested in cybersecurity”. According to the speaker, the development of the standards in the field of cyber security of nuclear power plants and the IAEA activities in this area have the considerable importance. According to him, a document describing the band nuclear security model is currently under development and will be released in 2017.

The joint report of the PIR Center and the Centre russe d'etudes politiques “Cybersecurity of Civil Nuclear Facilities: Assessing the Threat, Mapping the Path Forward” was also presented on the session. Summary of the report, as well as other materials on this topic can be found on PIR Center project webpage “Cybersecurity of Critical Nuclear Infrastructure”.

The presentations and the texts of speeches delivered by participants of conference are available on the website