Budgets shrink, leakage protection remains inadequate

Budgets shrink, leakage protection remains inadequate

In Russia, the providing of businesses with information security tools is increasing, but the situation is improving only in terms of protection against hacker attacks. This conclusion can be made on the basis of the research conducted by SearchInform.

According to the survey, over four years (since 2017), the providing of companies with administration tools increased by 31%, antivirus programs - by 15%, SIEM systems - by 7%. The dynamics of equipping organisations with data loss protection software is worse, DLP systems are installed in 31% of companies, which is only 3% more than in 2017. At the same time, the number of information leaks also remains almost unchanged from year to year - the number of affected companies remains at the level of 60% annually. The vast majority of data loss occurs due to insider violation or error.

Thus, the equipment with information security tools of Russian organisations remains insufficient. This is especially true for the public sector, where the basic data loss protection software (DLP systems), according to the survey, is deployed in 20% of companies, which is 11% lower than in the private sector. At the same time, the software has become a familiar tool for a number of industries: credit and finance, industry, IT, fuel and energy complex, retail. In those companies where DLP is installed, 72% of internal incidents are detected with the help of this software, and only 6% of leaks are detected not within the information security department, but by someone outside the company. This is half as much as in other organisations.

Database audit and file storage systems (DCAP and DAM systems for protecting data at rest) are still a new tool for the Russian market and are used in no more than 1-2% of organisations.

“One of the reasons for the lack of equipment is that companies have to deal with security issues on a tight budget. Moreover, in 2020, twice as many companies reported that the budget was down, and this trend continues for the third year in a row. But security software is becoming part of the core business IT suite, so companies will increasingly look to lowcost security options. We predict that the distribution of the service/MSSP model will become widespread in the next year or two, and the dynamics will accelerate. Companies will become more likely to rent software, opt for cloud solutions and DLP outsourcing. This is a good interim solution when organisations are unable to commit budgets all at once. This is also relevant in the context of a shortage of personnel, "- comments Alexey Parfentiev, leading analyst at SearchInform.

The research figures also show how modern trend technologies are taking root in information security.

“In 2020, companies weren’t up to the introduction of new tools, but organisations are showing interest in them. Companies see technology as an opportunity to reduce security costs: automate controls and reduce labor intensity. But the main thing is that the companies' request is fundamentally changing: it is too late to identify an incident after its occurrence, it is necessary to prevent and predict it. Behavioral technologies make it possible to do this,” says Alexey Parfentiev.

The SearchInform research is a traditional report on the information security situation in companies in Russia and the CIS. 833 people took part in the study: heads and employees of information security departments, industry experts and heads of organisations from the commercial (71.5%), state (26.5%) and non-profit spheres (2%). The study covered IT, oil and gas sector, industry and transport, credit and finance, retail, healthcare and other industries. The survey was carried out in the cities of Russia and the CIS. The respondents were interviewed in September - November 2020 offline in the regions of Russia and online in the CIS countries during the Road Show SearchInform conference.


Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.