The international cybersecurity festival Positive Hack Days, hosted by Positive Technologies, a leader in result-driven cybersecurity, took place in Moscow’s Luzhniki sports complex on May 22–24. The event was supported by the Ministry of Digital Development of Russia. The Moscow Government acted as a strategic partner: this year’s cyberfestival received support from the Social Development Complex, the Department of Information Technology, and the Department of Entrepreneurship and Innovative Development.
How can we ensure a secure digital future for everyone and build sovereign cybersecurity in every country? How can we achieve technological independence and professional readiness to autonomously maintain cyber resilience under any circumstances, using only our own cybersecurity specialists? Is it possible for a country to train skilled personnel independently, without interacting with experts from other countries and global industry leaders?
These were just a few of the questions that delegations from over 40 countries, including Latin America, Africa, Asia, and the Middle East, discussed at the largest cybersecurity forum. Among the participants were representatives of government bodies and cybersecurity agencies, business leaders, renowned tech experts, software developers, and ethical hackers. This PHDays Fest has been the largest in its history since 2011. Over 150,000 people visited the three-day event, with more than 180,000 viewers tuning in online. The technical sessions were grouped in 26 tracks and featured 270 talks covering key cybersecurity issues. More than 500 speakers participated in the festival, ranging from budding tech enthusiasts to top specialists, CIOs, and CISOs of major IT companies.
Geopolitical confrontations have exposed the problem of the world’s digital architecture: dominant control by large vendors and the infringement of individual countries’ interests through restricted access to technology and equipment. Global tech giants wield enormous influence; dependence on them can paralyze a national economy and undermine technological sovereignty. It was previously believed that there were hardly any worthy alternatives to their solutions in the global market. However, Russia managed to maintain digital sovereignty by combining the efforts of government agencies and strong domestic vendors: since 2022, it has been rapidly developing its own technologies, solutions, and services with a focus on security. Having successfully mastered these challenges, Russia can share its unique experience in achieving digital autonomy with friendly countries and partners. An innovative idea on how to achieve digital sovereignty was proposed at PHDays Fest by Positive Technologies. The concept is based on the idea that strategic cooperation and mutual exchange of expertise can become a source of strength. For example, when developing technologies or products, partners depend on each other only in terms of sharing knowledge and practical experience. Such synergy can be achieved by moving away from the traditional schemes of importing IT and cybersecurity solutions, which plunge countries into complete dependence on suppliers. Instead, cooperative partners, whether countries or commercial enterprises, can progress together by complementing each other. The concept was positively received by Russian experts and supported by delegates from other countries. Positive Technologies declared its willingness not only to launch this initiative, but also to take a leading role in its implementation. The company’s experts are ready to openly share their unique experience in the field of cybersecurity, accumulated over more than two decades, with friendly countries. They offer practical expertise in protecting individual facilities and entire economic sectors, as well as methods for developing effective cybersecurity systems. To foster the growth of local professional talent, the company will act as a mentor and allocate resources to train and upskill cybersecurity specialists and ethical hackers. Positive Technologies also intends to develop local expert communities. This way, the vendor will help partners establish the necessary technological foundation and properly build a sovereign cybersecurity industry, which the partners will be able to maintain and improve independently, relying on their own well-trained and highly qualified specialists. The company took its first steps in this direction in 2024, specifically by launching an international training program for cybersecurity professionals. In addition, Positive Technologies helps to enhance the competencies of cybersecurity leaders in financial institutions of the Gulf countries to better protect the local financial sector.
Digital sovereignty: eliminating dependency through international cooperation
The subject of the plenary session opening the forum was digital sovereignty—the ability of a country to ensure its technological independence and security. As emphasized by Maksut Shadayev, the Russian Minister of Digital Development, this primarily means protecting the interests of users and national security, regardless of external pressure. In his opinion, special attention should be given to the uninterrupted operation of services and maintaining citizens’ access to advanced technologies.
Eduardo Villegas Megías, the Ambassador Extraordinary and Plenipotentiary of Mexico to Russia, confirmed that the issue of technological dependency is global in nature. As the diplomat noted, technological lag is embedded at a fundamental level. Even when working with popular programming languages like Python, strong English skills are required. This creates a sense of dependency and additional barriers to technological development.
The energy sector is facing especially serious challenges in the current geopolitical situation, according to Russian Energy Minister Sergey Tsivilev. The far-reaching digitalization of the industry, on the one hand, opens up new opportunities, but on the other, makes it a target for cyberattacks. However, if a country isolates itself within its national borders, it will be left behind in the face of rapid technological advancement. To ensure the industry’s competitive position, the Ministry of Energy has developed a 2050 strategy that aims to create world-leading technologies.
However, no single country can ensure full technological security on its own. International exchange of experience and collaborative development of solutions are essential, according to Ahmed Mustafa Al-Issawi, Director of the Personal Office of H.E. Sheikh Suheim bin Ahmed Al Thani and Investment Director of Al Adid Business. Qatar is actively developing as an international hub for technological innovation, bringing together leading companies in the fields of cybersecurity and big data. Special attention is given to educational programs: scholarship initiatives enable students to study cybersecurity at universities in various countries, including Russia.
Having originated from a community of hacking enthusiasts, the cybersecurity industry has maintained a spirit of cooperation: fundamental interests of different companies often align despite the competitive environment. The annual PHDays Fest shows that even competing companies can work together effectively to address common challenges related to digital sovereignty.
In the modern world, technological sovereignty requires a new approach: a shift from isolationism to strategic cooperation. Attempts by individual countries to independently develop complete analogues of all foreign technologies from scratch are destined to fail, resulting in a futile race. Yury Maksimov, co-founder of Cyberus, noted that the solution lies in jointly building a new digital architecture where collaboration becomes a strategic advantage, not dependency.
Between innovation and risk: how to manage technology
The panel discussion “Humanless technology: liberation from routine or path to digital slavery?” delved into how to control digitalization without stifling innovation. Journalist and TV host Vladimir Pozner, who moderated the session, emphasized that the rapid development of technology is a global challenge and has the potential to change people. According to Sergey Kravtsov, the Minister of Education of the Russian Federation, digital products are primarily commercial products that people, especially children, can become addicted to. Therefore, these products should be consumed in moderation. At the same time, the minister noted that the education system needs technology, but it must be safe.
According to Andrey Belevtsev, Senior Vice President and Head of Technology Development at Sberbank, developers should establish technology development guidelines from the early stages to ensure that their products remain safe as they mature. The speaker added that in the case of generative artificial intelligence, it is fundamentally important to integrate standards of expected behavior into the models, test the algorithms for compliance with these requirements, and monitor all development stages.
According to Denis Baranov, CEO of Positive Technologies, when new technologies emerge in the world, they are immediately adopted by experts, ordinary citizens, and cybercriminals alike. Digital products have become widely accessible, and their development is unstoppable. “We must help society and businesses adapt to these challenges. Cybersecurity professionals need to provide people with all the necessary tools and knowledge to work safely with new technologies,” said Denis Baranov.
On the sidelines of the conference, Ruslan Rakhmetov, CEO of Security Vision, shared his views on cooperation. He believes that Russian companies absolutely need to actively engage in international cooperation. The most effective approach is for vendors to collaborate rather than try to enter international markets alone. Through collaboration, vendors can offer more than just products; they can provide meaningful technical solutions that provide customers with substantial benefits. The expert noted that integrators play an important role in this strategy because they can represent a country’s interests. Vendors can unite under their umbrella and operate in sync in friendly countries. Another key factor for success is government support and the reinforcement of government relations on the international stage. This helps create favorable conditions for successfully promoting Russian solutions.
Cyberfraud as a systemic threat: how to stay ahead of criminals
Half of all cybercrimes in Russia, from financial fraud to terrorist activities, are committed remotely. As noted by Danil Filippov, Deputy Head of the Investigative Department of the Ministry of Internal Affairs of Russia, modern cybercrime has evolved into a highly organized system. Elman Mekhtiyev, Deputy Chairman of the Bank of Russia’s expert council for protecting the rights of consumers of financial services, added that the language barrier—the last obstacle to cross-border attacks—will disappear in 2–3 years due to the adoption of AI.
Kazakhstan’s experience demonstrates the effectiveness of systemic solutions: among them are blockchain platforms for data access control and automatic credit issuance freeze for victims of data breaches. However, fraudsters adapt quickly, noted Ruslan Abdikalikov, Chairman of the Information Security Committee at the Ministry of Digital Development, Innovation, and Aerospace Industry of the Republic of Kazakhstan. For example, criminals have started teaching victims how to bypass the loan issuance freeze. All this requires continuous improvement of security measures. The country is integrating the National Bank’s anti-fraud systems with those of telecom operators and offers widespread digital literacy training for citizens.
Egor Khalilov, Deputy General Director of F6, also spoke about the need for all market participants to join forces. Only the combined efforts of banks, retailers, and telecom operators will help combat sophisticated fraud operations. He considers the creation of an industry-wide anti-fraud center with a risk assessment rating system to be a key step.
At the same time, Roskomnadzor representative Milos Wagner urged caution and advised against putting too much pressure on companies. According to him, the agency has shifted its focus from constant monitoring to prevention. It has also implemented a new approach to regulatory oversight: organizations are now inspected only after confirmed data breaches.
The modern CISO: from protection to management
Another discussion focused on the evolving role of cybersecurity leaders in an environment where cyberthreats can disrupt the operations of individual companies as well as entire industries. Alexey Lukatsky, a Business Consultant at Positive Technologies, noted that today’s CISOs not only ensure infrastructure security but also enhance business competitiveness through effective cyberrisk management.
A prime example is the experience of Arab Islamic Bank (Jordan), where the CISO plays one of the key management roles. According to Ahmad Mohammad Sabri Aljamal, Information Security Risk Manager at the Arab Islamic Bank, this was made possible by translating technical threats into financial and reputational consequences, as well as fostering a culture of cybersecurity within the organization.
Tushar Dinesh Vartak, CISO of RAKBANK (UAE), also emphasized the importance of mastering the language of top management and understanding business processes for proactive security. Michel Rodriguez Averoff, CISO at ETECSA (Cuba), added that rapid digitalization requires CISOs to continuously train and develop their teams because each new technological solution creates potential attack vectors.
New partnerships and initiatives. Expanding partnerships and advancing cybersecurity in Russia and abroad
During the forum, the DOM.RF Group and Positive Technologies signed a partnership agreement that aims to cultivate the Russian software market and develop domestic alternatives to cybersecurity products for the banking industry. In addition, the FinTech Association has joined forces with Positive Technologies to ensure the cyber resilience of the financial sector. By joining the association, the leading cybersecurity solution developer will collaborate with its fellow members to create conditions in which security issues do not hinder the implementation of the latest technologies in financial companies.
Positive Technologies also signed memorandums of understanding and cooperation with four educational institutions in Indonesia: Universitas Muhammadiyah Jakarta, Universitas NU NTB, Business Center Alumni UI (KBA UI), and Sakuranesia Foundation. The collaboration will focus on improving the skills of cybersecurity professionals in Southeast Asia. The company has developed an extensive program to foster local expert communities in friendly countries. These agreements enable Positive Technologies to share its specialized knowledge and assist educational partners in training highly qualified cybersecurity specialists. Through training, the company contributes to the development of sovereign cybersecurity and the strengthening of digital architectures in other countries.
Additionally, the second season of Positive Hack Camp, an international educational project on practical cybersecurity organized by Positive Technologies, was announced. In July, specialists from multiple countries will once again come to Moscow to learn about cybersecurity from leading Russian experts.
Other PHDays Fest highlights
As part of the cyberfestival, the legendary cyberbattle Standoff 15 took place. In this battle, defenders faced off against ethical hackers in conditions as close to real life as possible. More than 40 teams of attackers and defenders from 18 countries, including CIS countries, Southeast Asia, and the Middle East, participated in the large-scale competition. The total prize fund for the attackers was 5 million rubles. The Russian team DreamTeam secured the top spot, claiming the title of seven-time Standoff champion.
The open-access zone of the cyberfestival featured Cybercity, a quest packed with interactive installations. In the popular science zone, guests could explore the world of digital innovations, learn useful facts about the technologies that surround us, and develop the necessary skills for safely using and controlling modern technology. Seasoned experts informed the guests about cybercriminal scams, IT career paths, AI, and tech startups. The youngest speakers from the Movement of the First shared their experiences with IT projects. This zone also featured the Safety in Motion School where visitors could learn the right way—and more importantly, the safe way—to use personal mobility devices. At the university and college fair, some of the country’s leading educational institutions, including Higher School of Economics, Bauman Moscow State Technical University, ITMO University, and Moscow State University, informed students and high schoolers about career prospects and educational programs in the field of cybersecurity.
The digital forum and vibrant cyberfestival concluded with a grand evening concert under the open sky, featuring Uma2rman, Minaeva, and GRUNGE.
This year’s PHDays Fest was sponsored by Security Vision, a developer of cutting-edge information security products. Innostage was the meta-partner of the festival. The event’s industry partner was Rostec. Gazinformservice, a Russian systems integrator and cybersecurity vendor, was the technology partner for the Fuel and Energy Complex track, while Jet Infosystems was the partner of the Industrial track. Among other partners of Positive Hack Days were CodeScoring, CyberEd, F6, ICL System Technologies, NGENIX, PROWAY Security, UserGate, Xello, Barrier, Cyberfy, RT-Information Security, Rucenter, Skala^r, SKB Kontur, T-Bank, Trinity, and Fitmost.
