On July 16, 2020, within the preparation of the International Forum of Security & Safety Technologies, an online conference on information security in automated control systems and security of critical information infrastructure has passed. Customers and manufacturers discussed the implementation of the Federal law on critical information infrastructure safety, customer cases and prospects for import substitution in this area.
The conference was opened by Anton Semeykin, Director of the department of economic security in the fuel and energy sector of the Ministry of energy of Russia, with the report on main provisions and practice of applying of guidelines for defining and categorizing critical information infrastructure of the fuel and energy complex. The expert spoke in detail about the main provisions of the methodological recommendations as well as presented practical examples of defining and categorizing facilities of critical information infrastructure of the fuel and energy complex.
A number of cases of effective solutions in the industrial sector were presented at the conference
Ivan Badeha, representative of the department of information security and IT infrastructure of Norilsk Nickel, spoke about approaches to the consideration of cybersecurity risks for a group of industrial enterprises and the basic principles of creating a comprehensive system for the protection of automated control systems.
Alexander Sevostyanov, head of the information protection department of the pipe metallurgical company, shared with the audience of information security specialists the experience of conducting an audit of automated control systems at the company's facilities.
Igor Nosov, director of the IB department at RUSAL, focused on the main stages of how the company categorized CII facilities at enterprises. The speaker outlined his recommendations and spoke about the pitfalls of this process.
Roman Bakurin, chief specialist of the cybersecurity center, NIIAS JSC, told about the unique experience of his organization during the audit of automated control systems at the facilities of Russian Railways.
Overview of modern solutions were presented by
Leonid Shvarev, Director of industry solutions at Open mobile platform
Mobile solutions implemented at CII facilities must comply with the requirements of the 187 federal law and 152 federal law (in the case of personal data), which is confirmed by certificates of regulatory authorities (FSTEC and FSB). The only solution that fully meets the requirements of legislation and regulators is the Aurora software with the Aurora Center centralized management platform.
Azat Shaikhutdinov, project manager of Kaspersky Industrial Cyber Security, Kaspersky Lab JSC
The speaker highlighted in his report the issues of an integrated approach to industrial cybersecurity at all levels, from the operating system level and training for employees to advanced technologies for automated control systems protection and incident response.
Vyacheslav Medvedev, a leading analyst of the development department of Doctor Web, presented his approach to ensuring the security of automated control systems, focused on antivirus protection and risk minimization.
Vseslav Solenik, director of the R-Vision expertise center, presented the R-Vision SGRC product, which can be used to automate the full cycle of compliance with 187 federal lawd
Vladimir Cherny, head of contracts and sales department at Basealt SPO LLC, paid attention to the development of the Alt 8 SP software, which contains both additional operating architectures and the passage of FSTEC checks for compliance with modern requirements for estimated confidence levels.
Ivan Ivlev, Deputy director of the system product development department at RED SOFT, spoke about another Russian software as an element of CII facility protection.
Igor Dusha, director of security product development at InfoWatch, discussed in detail how InfoWatch ARMA allows to build an echeloned protection of automated control systems as well as specialized capabilities for protecting industrial networks.
The XXVI International Forum of Security & Safety Technologies is a continuous communication program for customers, regulators and suppliers. Even now every week customers and solution providers discuss current issues in an online format. Every month online conferences are held with demonstrations of real projects, industrial cases and modern technologies. And on February 9-11, 2021, we will be happy to see everyone at a real, not virtual event - you are invited to the all-Russian technology review and 15 industry conferences! Book your participation >> eng.tbforum.ru/participate-new