Leadership in cybersecurity
In the days ahead, technology will change the pattern of our lives and cybersecurity will play a key role in economic development Ensuring successful cybersecurity is 80% dependent on the correct organization of processes, and only 20% dependent on technology.
We are constantly improving our processes to guarantee cybersecurity. The professionals of Sberbank’s security service work 24/7 collecting and analyzing crucial information on instances of fraud aimed at the Bank and its clients. In 2017 desktop training exercises were successfully performed on recovery from a global malware attack on the Bank.
The data accumulated, the high level of professionalism of our specialists, the use of innovative technologies, and our ongoing cooperation with law enforcement agencies all help to thwart the activities of hacker groups at a very early stage.
One area of our work is the fight with phishing attacks. Financial online services, have long since become the main target for phishing attacks, and this trend is only strengthening. At the initiative of Sberbank’s Security Operation Center, more than 600 domain names used in phishing attacks, around 200 fraudulent platforms and more than 1.3 thousand websites distributing malware have been detected and closed in Russian internet-space.
We actively support outside initiatives, including those of the state authorities, to develop cybersecurity skills For example, in 2017 Sberbank was entrusted with heading the Cybersecurity Center of Excellence’s information security direction as part of the Digital Economy program of the Russian Federation.
An important event in 2017 was the launch of the Cybersecurity Academy. Sberbank Corporate University hosted a two-day seminar entitled “The Role of Cybersecurity in Digital Organizations”. The seminar was attended by representatives of work groups from the Russian government’s Digital Economy program, tech companies, universities, and Sberbank subsidiaries.
We believe that education is extremely important when it comes to cybersecurity. Security specialists are often not taught IT technologies, and IT specialists are not told about security. The goal of our Academy is to ensure comprehensive cybersecurity training and to improve our expertise.
The development of a system to prevent cyber fraud will continue in 2018–2020, to ensure 100% protection of all Sberbank’s client service channels. We plan to develop and implement a unified authentication service and our own digital signature service. We also plan to introduce a unified Cybersecurity Fusion Center, which will include artificial intelligence, machine learning and big data technologies to guarantee centralized cybersecurity management of the Sberbank Group.
The Cybersecurity Service will carry on developing international relations, will propose new formats for the Cybersecurity Academy’s programs, and will form and introduce new cybersecurity services to the market.