Data destruction is a grave concern to the world. At the brass tacks, there are flaws discovered in the ‘Internet building blocks’ that has put organisations and the personal data of millions of people in a vulnerable position.
In an interview with IFM, Chief Business Officer Alexander Moiseev offers a deep-dive into Kaspersky’s latest efforts to fight malicious activity on the web, why cybersecurity needs a different approach, and how businesses should act on cybersecurity threats.
Can you elaborate on Kaspersky’s partnership with ThreatConnect?
With our partnership, there the integration of Kaspersky Threat Data Feeds. It works as follows: Kaspersky Lab collects data about the ever-evolving attack techniques from its numerous trustworthy sources to offer its Threat Data Feeds. These feeds are now available for customers of ThreatConnect Platform.
What is the individual contribution of both partners to enhance protection capabilities for customers?
The more trustworthy sources of threat intelligence a company has, the stronger its cyber defence is. By using the ThreatConnect Platform, companies can aggregate and compare threat intelligence data from numerous sources to protect themselves from evolving threats and mitigate company-specific cybersecurity risks. By incorporating Kaspersky Threat Data feeds into the threat intelligence framework that they are already using, organisations will get a clearer picture of the threats that pose the most danger to them.
Can you describe the challenges faced after the allegations faced by your company in2017 and how you plan to overcome them?
These challenges were reputational rather than financial. Despite false allegations reported by media without any evidence, we believed we had a responsibility to show and prove that we can be trusted. At the same time, the trust landscape is complex and misconceptions and unfounded concerns should be addressed in a clear and helpful way. We believe, that as an industry, we should be transparent about exactly what kind of data we need, why we need it, and what we use it for—and what kind of information is never collected and shared.
What drives Kaspersky’s growth despite the upheavals?
Despite the challenging geopolitical situation, the company is constantly developing and improving its solutions and technologies. The positive financial results in 2018 show that our customers and partners trust the company. The company continues to score exceptionally high in independent ratings and has received some of the most prestigious international awards in independent tests conducted by leading organisations around the world. For example, for the second consecutive year we have been recognised for our customer satisfaction ratings, being named a 2018 Gartner Peer Insights Customer Choice for Endpoint Protection Platforms. In addition, Kaspersky Lab has been recognised as a ‘Strong Performer’ among threat intelligence providers by Forrester. In the report, Forrester cited the company’s ability to collect and analyse information as ‘exceptional’, with research bolstered by a global sensor network of endpoint agents and an international research and analysis team. Another example is the 2018 Germany-wide survey run by respected German media that showed that KL is among the top five trusted software brands by the German consumers.
The performance was good in APAC and Europe. However, there was a slowdown in Latin America. Why?
A slowdown in Latin America in 2018 was mainly caused by currency devaluation in the region. However, we are confident that we will further succeed in this market and have increased headcount in the region to ensure we accomplish our business goals.
Can you detail some of the internal modifications that took place last year—in terms of IT infrastructure, audit practices, and the like?
Last year was significant for us in terms of developing the Global Transparency Initiative that we launched in 2017 as part of the company’s ongoing commitment to ensuring the integrity and trustworthiness of its products.
In November 2018, we opened our first Transparency Center in Switzerland, which serves as a facility for trusted partners and government stakeholders to review the company’s code, software updates, and threat detection rules along with other activities. Two additional Transparency Centers in Asia and North America are planned to be open by 2020. In addition to that, we initiated relocation of our research and development infrastructure from Russia to Switzerland as well. Thus, from November 2018 malicious and suspicious files shared voluntarily by users of Kaspersky Lab products in Europe started to be processed in two data centers in Zurich.
In the framework of the GTI, we contracted one of the Big Four professional services firm to audit the company’s engineering practices around the creation and distribution of threat detection rule databases. Our aim was to independently confirm their compliance with the highest industry security practices. The assessment will be done under the SSAE 18 standard (Statement of Standards for Attestation Engagements) with the issue of the SOC 2 (The Service and Organisation Controls) report expected in Q2 2019.
In addition, Kaspersky Lab continues to support an active bug bounty program to strengthen the security of its products, and in March 2018, we announced an increase of the reward to $100,000. Within one year, more than 50 bugs were resolved of which several were especially valuable.
In 2018 we have been developing. At the beginning of this year, Kaspersky Lab launched a new global partner program ‘Kaspersky United’ that enables our partners — including resellers, service providers, and system integrators — to focus on selling the Kaspersky Lab services and products that match their own specialties and therefore monetise better. The core set of tools, services, and incentives are available for any partner in any country, meaning that all of our partners around the world can benefit. However, we have also addressed specific regional needs by providing figures, sales indicators, rebates, and other metrics relevant to the local market. We believe this approach helps us to strengthen our global partner ecosystem, while meeting the diverse needs of our partners and customers.
Is today’s ‘hyper-connected’ global landscape more vulnerable than ever to cyber threat? What are the necessary steps to strengthen protection?
Increasing connectivity of the world results in cyber threats becoming more complex. That’s why it is highly important not only to ensure the proper understanding and assessment of threat risks, but also to develop a secure-by-design environment, by integrating cybersecurity within the system from the very beginning. We at Kaspersky Lab also point to the fact the current cybersecurity situation requires a transition from ‘cybersecurity’ as it is to ‘cyber immunity’, which means that cost of a cyberattack should exceed the cost of potential damage that it can inflict.
How should business act upon securing a more proactive, strategic approach to cyber threats?
While cyberattacks are becoming more and more complex, causing financial, reputational and legal impact on businesses, they need a comprehensive approach to fight against these attacks. These range from threat intelligence to detection and response solutions, managed security services, as well as soft skills training including in reputational tactics. In addition, as supply chain attacks remains a major concern for corporate cyber protection, organisations will need to come up with more strict requirements for service providers and hardware and software makers to reduce the risks