RU
Join SPIBA
November 25 | 17:30

SPIBA General meeting

Astoria Hotel St. Petersburg, Ballroom, Bolshaya Morskaya, 39
Registration

SPIBA General meeting

All systems created from scratch must be built with security in mind.

On November 25, 2025, SPIBA members met in the Ballroom of the Astoria St. Petersburg Hotel, a long-standing partner of the St. Petersburg International Business Association, for their autumn General Meeting to discuss complex cybersecurity issues.

Stefan Van Doorslaer, Chairman of the SPIBA Executive Committee and representative of the owner of Astros Logistics, addressed the audience with a welcoming speech and announced the evening’s program.

Four new members were introduced at the final General Meeting of 2025. Experts in the fields of law, travel, education, and restaurateurs presented their companies and the services they can offer SPIBA members, and eagerly confirmed their commitment to long-term cooperation and joint events.

Cybersecurity and data protection are extremely pressing issues. It’s no coincidence that specialists in this field were invited to speak at the SPIBA General Meeting. Association members know that such events, regardless of the topic, attract the best speakers. Their expectations were met this time as well. The discussion was reminiscent of a military or criminal investigation situation. The gripping examples and sensible recommendations captivated the audience and generated a huge number of intriguing questions. Both speakers acknowledged that the days of hairy, sullen guys who avoid communicating with the outside world are over. The audience of interested parties is expanding. Cybersecurity issues have become relevant for every business and for everyone.

Rustem Nilovich Khairetdinov, Deputy General Director of the Garda Group of Companies, titled his presentation “Data Traders, Punchers, Fraudsters – How They Hunt for Your Data, and What to Do About It.” Evgeny Olegovich Tsarev, managing director of RTM Group and an expert in IT law and cybersecurity, spoke about how attackers are destroying the IT infrastructure of Russian companies. The presentations confirmed and complemented each other.

Initially, digital systems were built for rapid company development and market share, as entrepreneurs focused more on opportunities than risks, and security wasn’t a priority.

Now the focus is on protecting data, not the entire infrastructure, because “it’s impossible to protect what doesn’t want to be protected.” It’s impossible to protect all digital systems. They are constantly changing, and all changes occur without documentation. Furthermore, technologies communicate with each other without human intervention.

Russia has become a breeding ground for cyberattacks. In the first eight months of 2025, 13 billion records of Russian data were leaked. “We are all as transparent as glass,” noted Rustem Khairutdinov.

The goal of attacks now is not profit, but destruction. Both experts agree that a “kill attack” is a new form of cyberattack. And the results of the attack are monetized even before they begin.

It’s difficult to attack a highly protected system (such as a bank). It’s much easier to attack a contractor, which is precisely what’s happening. And in every case, there’s an internal “accomplice,” often unaware of it. This is dangerous, as any user of a digital system is a potential accomplice and poses a potential threat to the business. “People are the biggest problem in a digital system,” the experts agree.

Artificial intelligence also plays a significant role in attacks. It continuously searches for vulnerabilities. A neural network finds them faster than humans. But AI itself is also vulnerable to attack.

Rustem Nilovich discussed the mechanisms of cyberattacks and proposed ways to protect infrastructure and data. He believes it’s impossible to save everything. Therefore, it’s necessary to protect the most valuable asset—data. All new systems must be built with built-in security. It’s necessary to control not only system access but also requests and responses, and manage data visibility (anonymization, masking, tokenization, encryption). But it’s not enough to defend against attacks—you also need to learn how to recover. This requires constant training and practice—”everything should be at your fingertips.”

Evgeny Tsarev, who described attack chains in detail, with examples (including the removal of Kaspersky, AnyDesk, and Hotspot), is confident that interrupting them requires, first and foremost, user education—raising awareness (thanks to education, the likelihood of attacks decreases by approximately sevenfold), delimiting access rights for installing and uninstalling software and hardware, and monitoring the contents of installed software and hardware.

The speakers jointly answered numerous questions from the audience, cautioning against indiscriminate use of WiFi, especially unknown ones, in public spaces, and urging caution when using gadgets, because “the biggest traitor—the smartphone—is in your pocket.”

After listening to the speakers and before reporting on the budget and actual expenses for 2025 and presenting the budget for 2026, the Chairman of the Executive Committee of SPIBA, having heard the warnings of cybersecurity experts, jokingly suggested to replace all computers with typewriters next year (judging by the brief pause in the audience, perhaps not even all the young listeners knew the nearly forgotten word “typewriter”). SPIBA’s 2026 budget was approved by the Association’s members.

Following the election of candidates for the SPIBA Executive Committee, Stefan Van Doorslaer invited the participants to continue the discussion in an informal setting and thanked them for their support and dedication to the Association.

Link to cloud storage with photos from the event – https://disk.yandex.ru/d/XJXwPQnhyO0Kng 

Look@Petro