Key findings of the study
Posted: Thu Jan 23, 2025 3:19 am
ssian software by 2025, as required by the presidential decree. The main problem is to find a suitable analogue for foreign products
Every fifth company that owns critical information infrastructure (this includes communication networks and information systems of government agencies, financial, energy, transport, medical, telecommunications and a number of other companies) admitted that they will not have time to completely switch to Russian software by 2025, as required by the decree of the President of Russia from March 2022.
This conclusion is given bangladesh whatsapp resource in the study by K2 Cybersecurity (a division of K2Tech) and the publication Anti-Malware.ru, which was reviewed by RBC. In June-August of this year, the authors of the study surveyed 108 IT and information security managers of Russian companies with revenues of over 5 billion rubles and state corporations in the electric power industry, medicine, pharmaceuticals, finance, transport, logistics, metallurgy and other industries, as well as representatives of developers of hardware and software for information security.
In 2022, a decree of the President of Russia prohibited the purchase of foreign software for use at significant critical information infrastructure facilities, as well as services for its use without the consent of the authorized body. The same document prohibited the use of foreign software at such facilities from 2025. Significant critical information infrastructure facilities include those that have been assigned one of three categories. According to the law adopted in 2017, all owners of critical information infrastructure must assign one of three categories to their facilities (for example, the first category is assigned to those facilities, attacks on which can cause the most significant damage) and the "identification" process is still ongoing. For violation of the requirements for ensuring information security of such facilities, fines in the amount of 10 thousand to 500 thousand rubles, administrative and criminal liability are imposed.
By now, only 7% of Russian companies have completed the transition from foreign to Russian software. Another 14% are in the final stages. The rest are in the initial or slightly more advanced stages of work. At the same time, 10% have not yet started the transition;
24% of respondents do not understand what solutions are needed to implement the decree, and 31% believe that domestic solutions are not capable of coping with the requirements;
Among the most popular software were firewalls (54% of respondents answered this way), antivirus protection (33%), network equipment (29%) and cryptographic protection tools (25%);
27% of respondents named the selection and purchase of domestic software and equipment as the main problem in the process of project implementation. 14% of respondents were forced to increase the budget for information security tenfold.
Nevertheless, Andrey Zaikin, Business Development Director at K2 Cybersecurity, insists that despite the serious difficulties that businesses face, most respondents perceive the deadlines for completing state-set tasks as optimal and feasible. "But we should not forget that in the context of critical infrastructure, we are talking about hundreds of thousands of organizations. In our experience, a large number of enterprises still use foreign solutions to protect such institutions, and only a part of them have begun the process of import substitution in the last year and a half," Zaikin said.
Every fifth company that owns critical information infrastructure (this includes communication networks and information systems of government agencies, financial, energy, transport, medical, telecommunications and a number of other companies) admitted that they will not have time to completely switch to Russian software by 2025, as required by the decree of the President of Russia from March 2022.
This conclusion is given bangladesh whatsapp resource in the study by K2 Cybersecurity (a division of K2Tech) and the publication Anti-Malware.ru, which was reviewed by RBC. In June-August of this year, the authors of the study surveyed 108 IT and information security managers of Russian companies with revenues of over 5 billion rubles and state corporations in the electric power industry, medicine, pharmaceuticals, finance, transport, logistics, metallurgy and other industries, as well as representatives of developers of hardware and software for information security.
In 2022, a decree of the President of Russia prohibited the purchase of foreign software for use at significant critical information infrastructure facilities, as well as services for its use without the consent of the authorized body. The same document prohibited the use of foreign software at such facilities from 2025. Significant critical information infrastructure facilities include those that have been assigned one of three categories. According to the law adopted in 2017, all owners of critical information infrastructure must assign one of three categories to their facilities (for example, the first category is assigned to those facilities, attacks on which can cause the most significant damage) and the "identification" process is still ongoing. For violation of the requirements for ensuring information security of such facilities, fines in the amount of 10 thousand to 500 thousand rubles, administrative and criminal liability are imposed.
By now, only 7% of Russian companies have completed the transition from foreign to Russian software. Another 14% are in the final stages. The rest are in the initial or slightly more advanced stages of work. At the same time, 10% have not yet started the transition;
24% of respondents do not understand what solutions are needed to implement the decree, and 31% believe that domestic solutions are not capable of coping with the requirements;
Among the most popular software were firewalls (54% of respondents answered this way), antivirus protection (33%), network equipment (29%) and cryptographic protection tools (25%);
27% of respondents named the selection and purchase of domestic software and equipment as the main problem in the process of project implementation. 14% of respondents were forced to increase the budget for information security tenfold.
Nevertheless, Andrey Zaikin, Business Development Director at K2 Cybersecurity, insists that despite the serious difficulties that businesses face, most respondents perceive the deadlines for completing state-set tasks as optimal and feasible. "But we should not forget that in the context of critical infrastructure, we are talking about hundreds of thousands of organizations. In our experience, a large number of enterprises still use foreign solutions to protect such institutions, and only a part of them have begun the process of import substitution in the last year and a half," Zaikin said.