According to the analysis of more than 450 competitive procedures and implemented projects in the banking sector in 2022-2023, Angara Security experts have identified five key areas in the field of IB that are relevant for banks, financial organizations and insurance companies.
The leader in the ranking of the most demanded services (more than 21%) were consulting and audit services for information infrastructure, which include compliance, the formation of IB policies in accordance with the requirements of market regulators, categorization of CII objects, as well as the search for optimal models for forming an IB circuit, taking into account the equipment and software available on the market.
In second place (more than 20%) are security analysis services of information infrastructure. These include services for finding vulnerabilities in web applications, user interfaces, IT systems of organizations, managing arrays of personal data, technological processes, as well as identifying vulnerabilities in foreign software and hardware that have been left without support after the departure of vendors. At the same time, demand for these services has grown from 14% in 2022 to 20% in 2023.
In third place (more than 15%) is perimeter protection and network security. It is here that the shortage of import substitution solutions ready for implementation, such as SIEM and NGFW, software-defined network infrastructures and domain infrastructure management solutions, network access control solutions, secure cloud access brokers and firewall audit automation, is most seriously affected.
In fourth place - SOC center services, as well as event monitoring and response (more than 7%). Unlike large banks that deploy their own SOC centers on their infrastructure, for most mid-sized organizations, projects of this level are not available in-house only on the basis of their own resources. At the same time, such organizations (for example, regional subsidiaries of large financial and insurance institutions) are considered as an "entry point" for cyberattacks on the infrastructure of federal-scale banks due to the lower level of IB of dependent organizations and their contractors, lack of funding and specialists, including in the field of cyber forensics. In fifth place (7%) are services for protection against targeted and DDoS attacks.
«When migrating from foreign solutions, customers expect Russian solutions with similar functionality and reliability. However, copying the functionality of IB products is clearly not enough today. In the development and promotion of Russian solutions, emphasis should be placed on creating and implementing breakthrough technologies into products, which is critical for the long-term development of the market,» Angara Security experts note. The company also notes among the promising areas solutions based on AI, widespread use of DevSecOps in fintech, Threat Intelligence, cyber forensics, services for vulnerability management, brand protection practices for mass financial services.
