An inside look at Russia’s cybersecurity market: a Q&A with BI.ZONE

Sberbank has long outgrown the definition of "a bank." It is now a full-fledged ecosystem, which includes about 350 affiliates and subsidiaries that create high-tech products to maximise reach and meet the needs of modern society. We are part of this ecosystem – we develop solutions and services in the field of cybersecurity. For effective protection and response to cyberthreats, companies need qualified specialists and expensive equipment, which involves significant investments in staff training and technical support. Facing a lack of specialists in the labor market on  one hand and the difficulty of deploying equipment on the other, along with the growing number of threats, as well as the introduction of additional legislative requirements for ensuring cybersecurity – all this stimulates the involvement of external resources.

It is worth clarifying that BI.ZONE is not a division of Sberbank at all, but a separate, independent company aimed at the external markets, and not at servicing the parent organisation. Sberbank is not BI.ZONE’s main client, although being the sole owner of the subsidiary – Sberbank Group only takes about 20 percent of our revenue. All project tenders proposed by Sberbank which we win, we win on merit, in an open and fair competition.

Being a Sberbank subsidiary, we have an acute understanding of the threats that haunt financial organisations and the features of their infrastructures, but this is absolutely not the only area where clients come to us from. BI.ZONE services and solutions were and are tailored to be applied in any industry. We work with retail, as well as manufacturing, energy, transport and other sectors.

With the expansion of our customer base, we continue to develop unique products and launch new cybersecurity services. One particular case from a month ago, we officially launched the direction of cloud security services based on our own Security Operation Centre – this is called Managed Security Services. These services are easily scalable and deployable in any market segment. We see the demand from both large businesses that are faced with a shortage of personnel, and from small companies that do not have the means to house specialised experts. Already in the first month of providing these new services, we had several large customers come from completely different industries.

Processing and ATMs remain the primary targets. Another global problem is data leaks, during which confidential information about a bank and its customers may end up being disclosed. Moreover, leaks are the result of both targeted attacks and fraudulent actions of employees within a financial organisation.

Speaking about banking customers, in recent years, cybercriminals have begun to exploit not only technological shortcomings of security of systems, but also human credulity. In Russia, we have recorded a boom in attacks using social engineering when fraudsters, by phone or via SMS, persuade a victim to transfer money to them. Recently, we conducted a global study and came to the conclusion that 80% of thefts from individual accounts occur as a result of this particular type of attack. In second place are attacks on mobile devices running Android and banking Trojans came in third place.

The cybersecurity market today is saturated with a variety of products and services, but they mostly solve specific customer problems. Our approach to providing security is all-encompassing, we strive to cater to as many customer needs as possible – from security analysis, proactive defense and penetration testing to computer forensics. We have a large and a really strong team of security experts and developers – probably the best on the market.

We are currently developing three technological fields. The first is expert services: forensics, penetration testing, lab research of hardware attacks and stress testing. Secondly, we are in the business of developing our own products, of which our antifraud system and the Threat Intelligence Platform are gaining momentum. The third major area is outsourced cybersecurity. We are talking about cloud products that allow our customers to do business calmly, transferring the cybersecurity function into the hands of experts. This is a good alternative for companies that cannot afford a dedicated team of specialists and expensive equipment or who want to focus on strategic tasks such as increasing the maturity of cybersecurity processes or risk management.

BI.ZONE has unique expertise: we understand well the Russian-speaking darknet – extensive and branched. The collected data is often comprehensible only to our specialists, since they can fully decrypt and analyse a particular threat, being native speakers. The most important thing here is that BI.ZONE protects 80% of the Russian financial market by collecting and analysing large amounts of data about threats in our region - no other cybersecurity company in the Russian market can compare with this indicator. All this allows us to collect in-depth expertise and develop the latest technologies in the field of cybersecurity. From this perspective, our company is truly unique. 

We understand that cybercrime has no state borders, and we are actively sharing our knowledge and experience with major international organizations on a non-profit basis. BI.ZONE is INTERPOL’s partner in combating cybercrime, a technological partner of the World Economic Forum Centre for Cybersecurity (WEF C4C), BI.ZONE CERT (Computer Emergency Response Team) is a full member of FIRST Association. We plan to further develop cooperation and build partnerships. I am convinced that by joining forces at the international level, we will indeed be able to structure a more effective cyberdefense for the future today.