Kaspersky Gov't Relations Head: We're Looking To Localize Some Data Collection To Address Geopolitical Concerns
Kaspersky Lab's head of government relations said the company wants to localize aspects of its cybersecurity data processing engine outside of Russia to allay customer fears.
The Moscow-based platform security vendor is considering situating data collection and processing capabilities for the Kaspersky Security Network (KSN) in particular countries or regions to help address concerns that have been raised about KSN data, according to Tara Hairston, head of government relations for Kaspersky Lab North America.
KSN is a complex distributed infrastructure dedicated to processing cybersecurity-related data streams from millions of voluntary participants around the world. Hairston said Kaspersky is currently looking into the best way to effectively address questions and concerns about the KSN infrastructure that have been raised.
"This is an industry issue," Hairston said Thursday at the Trusted Advisors Summit in Scottsdale, Ariz. "It is not just us. But we are the ones that are kind of the face of it, and we need to address it head-on."
Kaspersky plans to have independent assessments and audits of its internal processes and product source code conducted following many months of pushback over alleged ties to the Russian government, which the company has vehemently denied. The company filed a lawsuit in December challenging the Trump administration's ban on the use of the Kaspersky's cybersecurity software within federal agencies.
By the end of 2018, Hairston said Kaspersky plans to start the process of redesigning and reconfiguring its back-end infrastructure, particularly as it relates to KSN data collection and processing. As part of this effort, Hairston said Kaspersky is also looking at practices that could minimize data exposure while ensuring that the project remains effective.
Kaspersky has been in conversations around how to give increased notification to customers with regards to KSN, Hairston said. Much of that dialogue has centered around how to go about ensuring that the data being collected is the absolute bare minimum, Hairston said, as well as what additional protections could be put in place.
"Some of the things that are affecting us as a company are affecting other companies as well," Hairston said. "And we all have to be mindful of how we're moving forward as an industry."
The trends driving the geopolitical concerns around Kaspersky Lab have started to impact other companies in the IT space, Hairston said, including ones based in the United States. These issues have taken center stage as companies become more focused on ensuring their supply chain is safe and that the products they employ to protect data aren't also being used to facilitate cyber espionage, she said.
These developments prompted Kaspersky Lab, in October 2017, to launch its Global Transparency Initiative, which Hairston said is focused on defining what trust is and how it can be maintained. While the initiative is in part a direct response to the geopolitical situation involving Kaspersky, Hairston said the efforts are primarily driven by a desire to address the general lack of trust when it comes to IT.
That erosion of trust has resulted in a push to only source IT from organizations based in a businesses' home country in hopes of ensuring that they systems, networks and information they protect are secure. This protectionism can also be driven by a desire to protect domestic industries by only sourcing from companies that are local, Hairston said.
For instance, Hairston said China requires everything to be sourced internally or reviewed by its government.
This course of action, though, isn't practical due to the global nature of supply chains with people taking code from a variety of places, Hairston said. Additionally, she said the move doesn't actually provide organizations with any additional security.
Businesses also find themselves dealing with a diffuse population of actors going far beyond nation-states that are capable of carrying out sophisticated cyberattacks due to the leaking of cyberespionage tools, Hairston said. As a result, she said people further down the cybercrime food chain have been able to do a lot of damage.
Finally, Hairston said there isn't any international consensus around what is or isn't permissible activity in cyberspace. Nation-states often want to tell others what they should be allowed to do from a cyber-norms perspective, she said, but want their own cyber capabilities to remain wholly undisturbed.
As these factors impact companies around the world, Hairston said Kaspersky has looked thoroughly into establishing best practices and setting the bar for the rest of the industry.
"They may not be feeling the heat today," Hairston said, "but we can guarantee that they're likely to feel it tomorrow."
The geopolitical situation with Kaspersky has shined a light on the growing fear and distrust in the IT industry that's now coming from all directions, according to Stefan Zauchenberger, president and managing partner of Kansas City-based ICE Systems.
The concerns have been heightened by the growing number of IT vectors and entry points, Zauchenberger said, especially in the industrial space as it relates to manufacturing systems or the power grid.
"It's a matter of trust," Zauchenberger said.