In Moscow passed the X Anniversary intersectoral Forum of CISO FORUM 2017

More than 350 experts gathered on the X Anniversary intersectoral Forum of CISO FORUM 2017: Severe everyday life of CISO which passed on April 17-18, 2017 in DoubleTree by Hilton Moscow. The organizer of action – the infor-media Russia company, sponsors of action of steel of INTELLEKTUALNAYA BEZOPASNOST Group (Security Vision Brand) – the Gold partner; Cisco Systems, Inc. – the Strategic partner; JOINT-STOCK COMPANY "LABORATORY KASPERSKOGO", PUBLIC JOINT-STOCK COMPANY KB "VOSTOCHNY" Kontrol, Imperva SecureSphere, Palo Alto Networks, Fortinet, INFORMATION PROTECTION, Check Point Softwear Technologies Ltd. – Official partners; ESET, FireEye, JOINT-STOCK COMPANY "DIALOGNAUKA", technology JSC The New <83> safety, Cross Technologies, Akribiya, JSC Mikrolap Teknolodzhis, KROK, Mobile Cat – partners; The Outpost, LLC "INSTITUTE FOR SCIENTIFIC RESEARCH SOKB" – Partners of technological session; Solar Security – the partner of a business stream; JSC "Natsionalny udostoveryayushchy Centre", LLC "R-VISION", Tiger Optiks, Tenable Network Security – participants of an exhibition.

a forum were opened by the plenary debatable panel ": yesterday, today, tomorrow. View of CISO of the main prospects and IB trends in Russian Federation". As the moderator of the panel Klimov Eugenie, JSC NIP "INFORMZASHCHITA" acted. Experts brought up a question of evolution of IB in Russian Federation over the last 10 years, discussed trends in the field of threats, economy and IT, considered development of industry standards in the field of IB and strategy of increase of overall performance of services .

Popov Roman, PUBLIC JOINT-STOCK COMPANY "TRANSNEFT", is inclined to classical system of protection. "It is necessary to sleep peacefully and work quietly. It is important to see 100%, but not to protect 100% because it is impossible" - Vanerke Roman noted. Khodakov Sergei, Skolkovo, told that 1-2 projects come to Skolkovo monthly and the main trends at present is an analytics and monitoring. The independent expert Lukatsky Aleksey noted as it is important to find balance between requirements of regulators and the small companies. Now certification is carried out so long that often the market is entered by the programs certified, but not issued not. The main trends Yermachenkov Aleksey called outsourcing; safety from a cloud; safety of a cloud and komplayens: the state puts the clamps in all directions. Demidov Sergei, "the Moscow Exchange", placed emphasis on dense work with the regulator during which attempts to find joint solutions constantly become. Soldatov Sergei urged all to work with the regulator over time to change the world. And among modern trends called personnel hunger and changes in an education system; integration of interaction of IT and CISO; BigData and . Aleksey Volkov, Public joint-stock company "Sberbank Russia", noted that the main bank of the country constantly traces interesting projects of the Russian and foreign companies for the purpose of introduction. " are. There are no these implementers of " - Yermachenkov Aleksey told. Also there is a big shortage of shots. Public joint-stock company "Sberbank Russia" not only cooperates recently with Higher education institutions, but also itself prepares shots, and in 2016 own academy opened. "It is important to create to the employees such working conditions that the person himself wanted to work, instead of to look for a new place of work", - Yermachenkov Aleksey emphasized. Trushkin Sergei, "Integrated company "Rossiysky alyuminy"", was solidary with colleagues and it TOP-5 trends on this the moment became ASUTP convergence; Digital; BigData; growth of a share of the market of outsourcing and increase of formation of IB of experts.

the Program practical session "The Best Practicians and the Main Tendencies in Information Security" and Demidov Oleg continued, PIR-TSENTR, with the report "IB, the international security and strategic stability: results-2016 and forecasts for the future". Bakshinsky Oleg placed emphasis that in each country the terms and are not present the general terminology because of what signing of contracts is strongly tightened. Bakshinsky Oleg lifted a subject of the international counteraction and told about initiatives of private players. Leonov Alexander, Mail.ru, throughout session considered various types of vulnerabilities and approaches to them. "In all approaches there are merits and demerits. Not easy to understand, vulnerability or not, especially at the beginning when there is not enough information" is critical, - Sevostyanov Alexander noted.

into three streams: organizational, technological and business stream. In a business stream "CISO on the guard of business" the independent expert Khayretdinov Rustem carried out a master class "Creation and introduction of corporate rules. Feedback force" during which told, what rules are easier carried out: passive (not to do), demanding little change of the behavior, identical to all of a near circle, logical. Khayretdinov Rustem presented the principles of formation of habits: accurate requirements (all regulations and instructions have to be brought to each employee), independent control (the legalized technical measures), feedback (concrete punishments for concrete violations).

In a technological stream "A know-how in the field of . The best cases and practical recommendations from leading experts of the market" Gorlovsky Fedor, Intellektualnaya bezopasnost Group, and Bakshinsky Oleg, IBM Russian Federation and Commonwealth of Independent States, presented a master class "to Security Vision: operate safety" where took up questions of management of processes, risks of IB and control of them, and also shared experience creation of the situational centers and opened secrets of possible economy through automation of system of safety. "For 2016 more than 4 billion records of personal information and it more, than for 2 previous years were stolen. Attacks became more effective, - Bakshinsky Oleg emphasized, - there is no system which could not be cracked".

Within an organizational stream "The organization of work of IB-department" Aynetdinov Nail, TELE2, presented to case-study "And Why to the Organizations to Watch Useful Finds at Itself From the Outside". Aynetdinov Nail shared secrets how to use nominal accounts and searchers how to take information from the documents which have been laid out in open access, from thematic resources how to find information on employees in mass media. Ustyuzhanin Dimitri, GARAGE COOPERATIVE MEGAPOLIS, reminded delegates that there is a huge number of the most various threats which should be divided into subcategories: known, unknown, hidden, internal. It is necessary to work with everyone subcategories separately. "It is important to find balance and to be adequate. It is everyone has to solve. It is necessary to understand that all the same somewhere you will pass blow, but it does not mean that it is not necessary to introduce the IB programs", - Manannikov Dimitri concluded.

Shakhlevich Alexander, Imperva, in the performance reminded that information already far left for perimeter of the organization and can be stored on external carriers, on mobile devices, etc. "It is impossible to reach 100% of security therefore it is necessary to place correctly priorities", - Sevostyanov Alexander told.

Konusov Andrey, "Outpost", acted as the moderator of practical session by "Business eyes" during which the independent expert Korotkov Andrey presented to case-study "Safety Eyes of the Owner of Business". Korotkov Andrey opened a subject of expectations of business from and told what not all risks are equally useless. Victor Ivanovsky, Solar Security, in the report "Did not think up further, improvise, or whether Agile can apply to " presented to action plan: the profile is risk, efficiency of measures, identification of problems, plan creation. Victor considered a projection of Agile to and emphasized that Agile is not a universal method, but works where it is necessary to make decisions quickly. Sevostyanov Alexander, TMK, in the case-study "Key Problems of Construction in Hierarchical Organizational Structures" considered the main characteristics and features of the organizations constructed on various models, and also the factors which are negatively influencing development of IB in the hierarchical organization. From Yermachenkov Aleksey, "Mosproject-3", delegates learned how it is correct to prove the needs for resources and further to show results from their use. Also Yermachenkov Aleksey considered why in different situations it is better to choose this or that option of protection and how to be convinced that protection works. In conclusion of session Teploukhova Olga, "Akribiya", submitted the report on the subject "Risks and Methods of Ensuring Confidentiality of Personal Information within Loyalty Program" in which noted that many segments of the IT market of show immaturity in information security questions. Thus external security audits are an effective instrument of management of relationship with contractors, and the considered practice of work with contractors allows to reduce risks of safety of PDN significantly.

In practical session "Safety: myths and reality" Akinin Andrey, Web Control, dispelled illusions of security and reality of web safety: why UTM is not panacea and that it is better to choose an URL categorization or the reputation analysis. Budarin Eugenie, Kaspersky Lab Russia, acted with the subject "Actual Protection where Is Not Enough Simply Antivirus" "300000 new questions arises every day. How to reveal that 1% of attacks which need to be investigated further? – Budarin Eugenie asked. Very often in practice it is necessary to face lack of reaction.

Budarin Eugenie gave real cases from practice (incidentally infected car, a case with a beaten investment, LiteManager) and considered how development of purposeful attack differs in the theory and reality.

Taratynov Pawel, Aliev Amir, JSC NIP "INFORMZASHCHITA", Beloglazov Aleksey, Check Point Softwear, and the independent expert Omelyanenko Julia took part in a master class "Protection from the ART and unknown threats". Taratynov Pawel sounded figure in 450 million in a year of dollars - damage which cause to the whole world of . In mass attacks to financial branch in 2016 104 organizations in 31 countries suffered. Omelyanenko Julia considered types of Ransomware. It is difficult to Ransomware to destroy since influence goes directly on data. Even more often directors on should come up against situations when the virus gets on the computer, ciphers all data and criminals at once send the letter with the offer to receive a key to ciphered information for money. Aliev Amir on concrete examples sorted as protection can work: defines threat, restores the ciphered files, prepares the report. Beloglazov Aleksey considered various scenarios of attacks and a chain of the interconnected processes. The main idea, Yermachenkov Aleksey designated, to prevent everything that only it is possible if did not manage to prevent, at once to start to investigate.

the Master class Yemelyannikov Mikhail ", Yemelyannikov Mikhail, Popov Roman and partners", "Personal information in vessels: LinkedIn, Skartel and others" caused so many questions that long time after its end listeners did not release Yemelyannikov Mikhail. Delegates learned, whether it is possible to transfer or sell the depersonalized data of visitors of sites to other persons and how many soglasiya in writing it is necessary to receive at the employee to fulfill the established requirements. Korotnev Konstantin, JOINT-STOCK COMPANY "GAZPROM GAZENERGOSET", on the master class "Risk management " emphasized that a common goal of IB - decrease in risks, ensuring compliance, the organization of processes of IB. Development consists in integration of IB into corporate culture, minimization of expenses for IB and increase of efficiency and transparency of IB." The risk is a combination of probability and damage," - Korotnev Konstantin therefore it is extremely important to be engaged in risk analysis and comparison of events reminded.

Manannikov Dimitri, SPSR express, carried out a master class "Safety as business function" in which considered subjects of business and their purpose." Whether business can achieve some objectives? - Manannikov Dimitri asked listeners. Business often sets as a main objective increase in profit or cut in expenditure, but whether always the purposes of business coincide with the security service purposes? Each purpose needs to be sorted on measurable indicators and further to conduct management on the purposes.

the Independent expert Lukatsky Aleksey collected the most large audience the master class "Process of the organization of fight against a phishing". Yermachenkov Aleksey told about use of false domains and URL crazy and gave a striking example Public joint-stock company "Sberbank Russia", at which at present more than 80 false domains, which most part the harmful. Incorrect references are inserted into messages and bear a malicious code. Thus logins and passwords gather. Malefactors can use similar symbols (for example, a letter O and figure 0). In conclusion of a master class Yermachenkov Aleksey on the example of a site CISO of a forum showed how in some clicks to clone a site.

Sanin Alexander ", the Outpost", in the master class "Authentication and IDP - how to prepare that it was tasty" shared experience of creation of system which will facilitate life to users if they do not like to get many different passwords, and emphasized that similar systems work at different number of users. Vanerke Roman, JOINT-STOCK COMPANY "DIALOGNAUKA", and Pavlunin Stanislas, JOINT-STOCK COMPANY "TINKOFF BANK", carried out a master class "Protection realization from the ART in JOINT-STOCK COMPANY "TINKOFF BANK". In 2015 damage volume from attacks made 70 million rubles. Attack all organizations, but attacks to banks bring the greatest benefit: money or personal information of clients. Pavlunin Stanislas told: to 3-4 attacks in JOINT-STOCK COMPANY "TINKOFF BANK" detect every week.

the First day of CISO of a forum came to the end with the interesting cultural program during which delegates could not only communicate with each other, but also ask speakers questions which did not manage to sound during meetings.

Sedov Oleg, BISA, as the moderator opened a round table "IB-service of my dream. Intrigues or safety at a bezopasnik. Practical component of a role and tasks of the modern head of IB in structure of management of the company" in the morning on April 18. At the beginning of a round table experts spoke about the changes which have happened in security service lately. Vinogradov Alexander, JOINT-STOCK COMPANY KB "ZLATKOMBANK", noted that over the last 10 years in the bank sphere very much grew.

Vorobyev Artem, BAYER, told how security service life in the BAYER company for the last strongly changed year: the system of internal control was introduced, there was a considerable jump in digital pharming. Frolov Dimitri, Central bank Russian Federation (Bank Russia), placed emphasis that in 2013-2014 there was a big splash in number of cyberthreats worldwide. As for the bank sphere in Russian Federation, cyberthreats are included more and more in everyday life of employees of safety therefore it is necessary to introduce strategic approach and to find a competent combination of business and . Anton Aleksandrovich Ivanov, Skolkovo, shared with listeners how to save on IB and told about creation of services in IB. Anton Aleksandrovich Ivanov emphasized that in recent years all began to look for new decisions and remembered about startups. On a question "As the regulator of my dream looks?" Ustyuzhanin Dimitri, GARAGE COOPERATIVE MEGAPOLIS, answered that it is difficult to think of the regulator in a positive key because he often forces to be engaged in on paper to the detriment of real work. Therefore the dream regulator simply does not exist. Martynenko Kirill, Public joint-stock company "Sberbank Russia", also noted that for the last years Public joint-stock company "Sberbank Russia" strongly changed. According to Martynenko Kirill the regulator acts as the guarantor of stability. Also Martynenko Kirill noted that in Public joint-stock company "Sberbank Russia" understood that strongly lags behind business therefore now many forces are directed to the maximum reduction of this lag.

into three streams: hacker, technological and legal. Manannikov Dimitri Gadar, JSC bank "Otkrytie", acted as the moderator of a hacker stream. Batrankov Denise, the KNOW-HOW from Palo Alto Networks Fell Alto Netvorks, in a master class ", noted that it is very important to know how us attack and as it is correct to be protected, and on a concrete example showed how quickly and it is qualitatively possible to block exploits. Arkhipov Mon, Acronis, presented a master class "to Risks vs Real world: as processes on paper and in life" differ. The majority of the companies use in work the expert risk model taken for base in all local and international standards, but whether there correspond modern realities to threats on paper? Correction of mistakes is a kernel. Regular work on tuning raises degree of satisfaction of users. "IB is not once to adjust indicators, it is permanent job", - Arkhipov Mon concluded.

In a technological stream Andriyashin Aleksey, Fortinet in Russian Federation, presented a case "Adaptive system of safety of Fortinet" and told that recently opportunities for became more since the quantity of entry points promptly grew: mobile phones, tablets, handhelds. It is very important to trace and protect remote connections. are transformed to digital safety. "Lack of network borders, increase in speed of information transfer and complication of systems of data - the main trends at present", - Yermachenkov Aleksey stated the point of view. Grodzensky Yakov, "System software", acted with a case "The integrated control system of risks of IB on the basis of the analysis of vulnerabilities" where declared that sometimes there is an impression that threats arise much quicker, than means of protection. The main difficulties of ensuring information security are confidentiality, integrity, availability. The residual risk becomes less operated. Methods of information security share on organizational and technical. Owing to limitation of the budget we often displace accents towards organizational measures, disregarding risks. Khegay Alexander, Cross Technologies, with a case "Personal information which we forget to protect" closed session. The Cross Technologies company represents development (Docs Security Suite, nautilus), distribution (VARONIS, Printer Guard, AccessData) and integration (, , consulting) programs. Sevostyanov Alexander in detail considered the main advantages of programs and opportunity which they open.

In a legal stream Zinin Ulyan, Microsoft COR in Russian Federation, submitted the report on the subject "Artificial intelligence throws down a challenge". Zinin Ulyan considered services on the basis of Artificial intelligence: Uber ( driver); treatment of tumors in medicine; studying of salary expectations from SuperJob; the clever keyboard which guesses, what word will be the following; the translation from any language on any; personal assistant. First of all there is a question: to regulate or not, after all regulation - the most reliable mechanism of influence in Russian Federation. At this stage researches are conducted how to use Artificial intelligence, without imposing on it strict regulation. The expert on Tsarev Eugenie continued session by a master class "The practician of the lawsuits concerning IB. Real responsibility of the director of IB". At the beginning of the report Budarin Eugenie considered the main options of disputes: disputes on quality, execution of turnkey contracts, labor disputes, tax disputes, bankruptcy; further made division into IT and IB disputes and gave examples of lawsuits from personal practice. In the second part of the report listeners learned how to construct work of the director on that there were no legal consequences: as it is correct to organize work of the employee of service IB and to behave in non-standard situations.

the Master class "Clever approach to management of vulnerabilities" from Bulatenko Igor, QIWI, continued the program of a hacker stream. Bulatenko Igor noted as control of vulnerabilities is important. "What it is possible to find under a cowl of the standard scanner? " - Bulatenko Igor asked listeners. Scripting language, checks of vulnerability and implicit logic of determination of vulnerability. Recently everything becomes more clear race of arms:" the dark magic" on collection of information, is more than checks - the scanner is better; for thoughts – as far as you trust harmless pentest and in summary a question to the security-vendor?

the master class of the independent expert Soldatov Sergei "Labor everyday life of the hunter on threats" in which the speaker shared a wide range of cases from personal experience Very much interested listeners. Soldatov Sergei emphasized that it is extremely important to find quickly information to analyse it and to draw conclusions on injuriousness. Bychkov Artem, JSC bank "Otkrytie", in the performance of "Hack yourself" propagandized "hacker" outlook on life in protection and approach "make itself" and told how to protect a brand by means of make-shifts. On the example of real fakes Feoktistov Artem proved, early detection and the traffic analysis are how important.

In a technological stream Feoktistov Artem, KROK, acted on a subject "as DLP: that protection did not turn into pumpkin" where told that very few people are happy with DLP, but it does not mean at all that it is not necessary to work in this direction. For simplification of work it is necessary to divide attack to steps: delivery, installation, distribution, performance of actions, threat elimination. At DLP introduction often there are organizational problems: not all employees know about DLP. To avoid in work of these mistakes, it is worth involving business in process and to consider his requirements. Kader Mikhail, Cisco Systems, Inc., in the case "Use of network telemetry for detection of incidents of safety" gave examples of real threats and told how to find anomalies on behavior. "The main task is to understand that anomaly" is, - Yemelyannikov Mikhail concluded. Romanov Mikhail, "New safety", presented a case "White spots of exclusive access. How to solve them? " brought up a question of the decision of global system of access. Yemelyannikov Mikhail told how the system (the constant analysis and identification of keys and confidential communications, monitoring, protection, management) works and how to work with exclusive access. Considered options of integration and feature of work in the distributed infrastructure. "The most important - to make system of safety jellied", - Yemelyannikov Mikhail emphasized.

the Psychological stream Kuzmin Oleg, JOINT-STOCK COMPANY "BKO CONCERN "ALMAZ-ANTEY", opened a master class "Psychology . Decision-making psychology". "To understand the employee, it is necessary to work at his position", - Bakshinsky Oleg stated the point of view. Further the main problems of the head of department were considered: the lack of knowledge in the field of IB, small experience, perception its people around, bad suppliers, the small budget, is not present communication with the management (the slow solution of questions), failure projects. Bakshinsky Oleg shared own experience of fight against all listed problems.

Bazhin Andrey, Public joint-stock company "Bank VTB" the Capital, acted as the moderator of discussion "As now cope with deficiency of the qualified employees? ", in which took part Arkhipov Mon, Acronis, Petrova Helena, "Ekonomiks-bank" and Andrey Drozdov, ISACA. All speakers confirmed that now on all Russian Federation there is a personnel hunger at the sphere . Andrey Drozdov noted that the HR markets Moscow and Saint Petersburg are various.

Moscow has opportunity to employ high quality experts and to offer them the corresponding payment. And in Saint Petersburg demand less offer there is less. "According to world researches worldwide huge shortage of shots in IB sphere", - Korotkov Andrey told. Arkhipov Mon placed emphasis what not all experts who study in IB, go then to work in the specialty. But thus in the market there is a lot of and such employees who have no profile education that does not prevent them to be strong bezopasnik. Also Arkhipov Mon stated the renewed brain drain from Russian Federation. Petrova Helena agreed with colleagues that the main sources of information are in Moscow and all shots are grown up in Moscow therefore often good experts simply have no incentive to move to regions. Besides according to Petrova Helena the employee from Moscow will be in the region the black sheep with other salary and other experience. Important also it is necessary to change system an education system available at present that people did not wait when to them will lower something from above, and studied – all came to the general opinion participants of discussion and listeners in a hall.

during the last break draw of prizes from Tiger optiks took place. For participation was to give the business card on the stand enough. Leonov Alexander, Mail.ru became the winner.

in conclusion of the business program the unique report "The traffic analysis in a cyberspace" was submitted by the special guest of a forum Girs Kenneth, the constant representative of the Cybercenter of NATO, to Comodo. Girs Kenneth told that first of all it is necessary to find information and to analyse it. There are many ways of protection against the external analysis: sending at the same time large number of various messages that it was not clear, which signal you really want to transmit; use of different frequencies; application of people as information transmitters without use of phones and . "The analysis of a traffic is very quickly and cheap", - Girs Kenneth placed emphasis. Also during the report listeners were once again convinced that the content analysis - very difficult work, and the traffic analysis extremely helps with it. "Having read 30 of your posts on social networks it is possible to tell with an accuracy for whom you will vote", - Girs Kenneth told since the written posts have the features and are unique, as fingerprints. "If I know you and I know with whom you speak, I with a big share of probability can tell about what you speak. And it gives huge opportunities", - Girs Kenneth finished.

at the end of Anniversary CISO of a forum parade of speakers took place. Two days listeners could vote for that expert who was most useful and which touched upon the most sore and important subjects . Following the results of vote were awarded: independent expert Lukatsky Aleksey, Manannikov Dimitri, SPSR express, Khegay Alexander, Cross Technologies, Akinin Andrey, Web Control, independent expert Khayretdinov Rustem, Klimov Eugenie, JSC NIP "INFORMZASHCHITA", Bulatenko Igor, QIWI, Gorlovsky Fedor, Intellektualnaya bezopasnost Group, and Yemelyannikov Mikhail ", Yemelyannikov Mikhail, Popov Roman and partners".

the infor-media Russia Company thanks all speakers, partners and listeners who took part in action. To new meetings!