BAKU, Azerbaijan, November 21. Azerbaijan's information security market is quite advanced; it differs from some neighboring countries, for example, Türkiye, Deputy Director General of Compliance Control Evgeny Babitsky told Trend.
"Other fraud tendencies and cybersecurity trends can be found there. They organize specialist events here on a regular basis, where colleagues can share experiences and debate the latest cyber defense developments. It is admirable that Azerbaijani experts do not just replicate the experience of other nations without considering how useful it is to a specific industry. Each market has its own quirks, which must be taken into account, for example, when allocating funds for cyber security. We began our first initiatives in Azerbaijan over six years ago. During this time, we have been closely monitoring how the market is evolving. We can observe what international trends are applicable to Azerbaijan because we work in over 35 countries, including Russia and Central Asia. We can react quickly and help banks and fintech companies succeed and not face serious cyber security incidents," he said.
Speaking about the security of banks in an immature market, Babitsky noted that most security incidents in the financial sector are related to the human factor.
"I will give an example of markets that are just developing and, unlike Azerbaijan, do not have this level of maturity. When an incident occurs, people simply do not know how to react. They are not trained to communicate with fraudsters and trust people more than those who have already encountered fraudsters or for whom the financial organization has provided instruction or training in the form of advertising or mailings. Therefore, people voluntarily give fraudsters data that should not be given. As a result, this causes negativity, and financial organizations have to work with it, as customers blame banks for what happened. In practice, it is quite difficult to track such fraudulent ads on social networks and on the Internet in general, even if we assume that they are fraudulent. There can be many of them, and special expensive systems are needed so that the bank can track the appearance of pages on the Internet that masquerade as a particular bank," he added.
The deputy CEO emphasized that fraud is not the only cybersecurity problem faced by banks.
"We run hundreds of projects a year in this area. The question is what priorities and budgets the bank allocates to cybersecurity. If the budget is limited, and most often it is, the bank is forced to improve its own cybersecurity. And tracking fraudulent links all over the internet is simply not the first priority. That's why many come to these systems not as a first step but already with a different level of information security maturity. Not everyone can afford it, and not everyone has reached that level of maturity to track links. Sometimes only a part of them can be tracked, but some fake links still reach the final customer, who gets caught on the hook by fraudsters," he concluded.
Compliance Control is one of the first information security consulting companies in Russia. It started its activity in 2012 as a specialized auditor in the field of payment data security and VISA and Mastercard requirements.
The company has Qualified Security Assessor (QSA) status, which allows it to conduct certification audits for compliance with PCI DSS requirements.