Pictured: third meeting of Transneft Expert Board on security matters
On 14 December 2017, the third meeting of the Transneft Expert Board on security matters was held in Moscow. Its participants discussed some aspects of averting cyber threats to secure critical information infrastructure.
President Nikolay Tokarev, First Vice President Maksim Grishanin, Vice President Vladimir Rushailo took part in the Expert Board proceedings on behalf of Transneft.
Chairman of the Expert Board and President of Transneft Nikolay Tokarev delivered a welcome address. He pointed out that automation of nearly all processes, on the one hand, makes the Company’s operations more effective, but on the other hand, it increases vulnerability. “We daily face numerous cyberattacks, which causes our concern. It’s hard to imagine what may happen if someone interferes with the activities of Transneft and its working schedule, given that our operational activity affects all refineries, the export of crude oil and petroleum products, and if we bear in mind that Transneft is a monopoly transporting oil from Nakhodka on the Pacific to the Baltic Sea, the urgency of this matter is obvious,” he emphasized.
To ensure the uninterrupted operation of trunk pipeline transport and to keep its contractual commitments, the Company develops information infrastructure and takes various measures to make it immune to cyber threats. The Company’s President informed about the programme developed and implemented by Transneft, which defines methods of counteracting all kind of threats to information security, also regulating the planning of works to minimize the consequences of cyberattacks.
“At present we are forming a center for computer security to protect the Company’s information and technological resources; it will operate in close interaction with the state system of detection, prevention and elimination of consequences of computer attacks,” Mr. Tokarev added.
In his address Vice President Vladimir Rushailo called the attention of the Expert Board members to a number of key issues in repulsing threats to the security of Transneft information resources and raising the level of their protection.
He informed that in recent years the number of cyberattacks upon the manufacturing sector of the national economy significantly increased and noted that the negative consequences of such impact upon the fuel and energy facilities is fraught with serious economic and environmental damage. He added that Transneft suppressed some attempts to use the corporate equipment for the generation of cryptocurrencies. He also told about cyberattacks on the Company via ransomware.
Mr. Rushailo mentioned the need to follow through with the joint effort by the Company’s specialists and the expert community, aimed at the timely development of draft documents and better regulation in view of passing of the federal law On Security of Crucial Information Infrastructure in the Russian Federation (GosSOPCA). In Vice President’s opinion, engagement with public authorities, local governance bodies, institutions and citizens will further the coordination of activities aimed at ensuring the information security.
First Vice President Maksim Grishanin dwelled on the measures to ensure the stable operation of Transneft information infrastructure.
He made a case for implementing respective complex solutions for information protection from targeted attacks. What’s needed are information security event management and monitoring systems providing for the inventory of information and technological resources, collection and correlation of information security events, management of information security events and integration with GosSOPCA. He called the attention of the Expert Board members to the risks involved in using imported equipment and software in the information infrastructure, arguing that it is necessary to implement the import substitution programme at a more competitive and quality level. Thus, in his words, after repeated failures during the past year Transneft suspended the use of Schneider Electric equipment in the new PCS systems until the technical malfunctions are removed.
The following participants took an active part in the subsequent discussion: Deputy Chairperson of the Council on Economic Policy at the Federation Committee of the RF Federal Assembly M.N. Ponomarev, Deputy Chairperson of the Council of the Federation Committee on Defence and Security M.I. Didigov, Official Secretary and Deputy Chairman of the Bank of Russia A.O. Torshin, Director of the Institute of Legislation and Comparative Law under the Government of the Russian Federation T.Y. Khabrieva, member of the Federation Committee’s Council on Budget and Financial Markets D.V. Saveliev, Plenipotentiary of the Russian Government in the Federation Council A.V. Yatskin, Chief of Staff at the Russian State Duma Committee on Energy D.B. Ivliev, Head of the Department for Economic Security Issues at the Staff of the RF Security Council Y.I. Khamchichev, Deputy Director of Presidential Deoartment for Correspondence from Citizens and Organisations N.N. Khokhlova, Head of Staff of the State Duma Committee on Security and Anti-Corruption Y.N. Demidov, Deputy Head of the RF FSS Directorate P.V. Belov, Interim Director of the RAS Institute of State and Law, Doctor of Law, Professor and corresponding member of the RAS A.N. Savenkov, Board Chairman of the All-Russian Public Organisation “Association of Russian Lawyers” V.S Gruzdev, Doctor of Law and Professor V.S. Chernyavsky, Director General of Svyaztransneft V.A. Bertyakov, representatives of the Russian Energy, Telecommunications and Internal affairs ministries, Federal Service of Troops “Russian Federation National Guard”, Russian Telecom Equipment Company Rostec Group, Kaspersky Laboratory, academic community as well as independent experts.
It was mentioned that cybersecurity is an integral part of digital economy that is evolving in Russia. Everybody was unanimous that it is necessary to enhance the legislative and technological base facilitating a higher security of the information and telecom infrastructure. The speakers specifically addressed the need to create prerequisites for the transition to homemade software.
The Expert Board members expressed their confidence that the meeting would contribute to a more vibrant effort aimed at ensuring the information security and protecting the Company’s resources from cyberattacks.