Cyber Defense Hub Expands in Yakutia as State Companies Join Regional SOC

Ten state-owned companies in Yakutia have joined a regional Center for Countering Cyberattacks. The center operates around the clock to monitor information security, coordinate incident response and analyze emerging threats.

Enterprises that manage critical information resources have now been connected to the center. The system functions as a single monitoring and response point for cybersecurity threats and effectively operates as a regional security operations center, or SOC.

Regional Initiative With National Implications

Yakutia became the first region in Russia’s Far East to establish such a center. The initiative strengthens the protection of government digital services and citizens’ data while expanding the market for domestic cybersecurity tools designed for monitoring and responding to cyber incidents. For residents, this means more reliable digital public services, stronger protection of personal data and lower risks of information leaks.

Across Russia, the number of SOC centers operated by large companies and government agencies is growing. Interest in domestically developed cybersecurity technologies and threat monitoring platforms is also increasing. According to industry studies, many Russian organizations plan to launch their own SOC centers in 2026–2027 to meet tightening security requirements.

The risk landscape is also expanding. Rising cyber threats are pushing businesses and government agencies to regularly upgrade their security systems and improve incident response speed. Russian cybersecurity technologies could also attract attention abroad, particularly in the CIS and BRICS countries that are building sovereign IT infrastructure and developing their own cyber defense centers.

Digital transformation undoubtedly opens new opportunities for our region, but it also brings higher requirements for information security. By connecting state-owned companies to the Center for Countering Cyberattacks, we have taken an important step toward building a secure digital environment. The use of modern monitoring technologies and rapid response tools will allow us to reliably protect critical data and information from potential threats

Pyotr Shamayev

Minister for Youth Affairs and Social Communications of the Republic of Sakha (Yakutia)

Building Regional Cybersecurity Infrastructure

Operational headquarters and structures designed to respond to computer attacks, as part of Russia’s national information security framework, began appearing in regional administrations in 2024.

Based on these headquarters, specialized incident response groups for information security incidents – known as GRIIb (Gruppy reagirovaniya na incidenty informatsionnoy bezopasnosti – Information Security Incident Response Groups) – have been established. Their responsibilities include mitigating the consequences of cyberattacks, overseeing the elimination of vulnerabilities in government infrastructure and investigating incidents.

From January through September 2025, analysts at RED Security SOC recorded and helped repel more than 105,000 cyberattacks. Nearly 20,000 of those incidents were classified as high risk, meaning they could have caused damage exceeding one million rubles (about $11,000). Telecommunications companies were the primary targets, while IT and financial organizations ranked among the three most frequently attacked sectors. Experts attribute the growth in cyberattacks to the rapid digitalization of the economy and the increasing presence of politically motivated hacking campaigns.

In 2026, a large-scale DDoS attack temporarily disrupted the websites of several Russian government agencies, including infrastructure belonging to Roskomnadzor and the Ministry of Defense. Attack servers were located mainly in Russia as well as in the United States, China, the United Kingdom and the Netherlands. The attack reached a capacity of 33 Gbps and peaked at a rate of up to 36.9 million packets per second.

Cybersecurity as Part of Digital Transformation

Cybersecurity is becoming an essential component of regional digital transformation. Regional SOC centers are appearing more frequently, and Yakutia’s example shows that individual regions are building their own cyber defense infrastructure.

The market for cybersecurity technologies is expected to continue expanding. Key drivers include import substitution, the development of digital government services and the steady growth in cyber threats.

In the long term, Russia is expected to build a multi-layered cybersecurity architecture combining federal monitoring centers, regional SOCs and corporate security operations centers.

The country is moving toward a decentralized cybersecurity model in which responsibility for protecting digital infrastructure is shared among federal authorities, regional governments and state-owned companies. This shift is already shaping the structure of Russia’s information security services market.