Live With Eugene Kaspersky: 15 Takeaways On Malware, Cybercrime And More

Kaspersky And The Cyber Security World

Kaspersky Lab is marking its 10th anniversary of doing business in North America this week. Between 2005 and 2014, the security software company's North American business, based in Woburn, Mass., has recorded a compound annual growth rate of more than 54 percent.

To mark the 10-year milestone, company Founder, Chairman and CEO Eugene Kaspersky (pictured left) and North America managing director Chris Doggett met with members of the press in Boston this week to talk about the company's achievements, the current state of the security technology industry, Kaspersky's channel program and a range of other topics -- even how Boston's horrendous winter compares to winters in Kaspersky's native Moscow.

Here are 15 key takeaways from the conversation.

Kaspersky's U.S. Market Share

"The United States is the fastest-growing market for us," among developed countries, Eugene Kaspersky said. While Europe remains Kaspersky Lab's biggest market overall, the U.S. is the single biggest country for sales.

Kaspersky acknowledged that his company's market share in the U.S. is "not impressive," with competitors Symantec, Intel Security (formerly McAfee) and Trend Micro holding bigger shares. "So we have a lot of work to do. But we are working."

"I'm very, very, very optimistic about our future in the [United] States," he said, citing the company's technological prowess and ability to quickly respond to cyberthreats.

Kaspersky's Retail Market Strength

When Kaspersky Lab entered the U.S. market, company managers thought small and midsize businesses would account for most of the company's sales. But to their surprise, retailers such as Best Buy and Office Depot began stocking Kaspersky Lab's shrink-wrapped security applications and the consumer market quickly became the vendor's stronghold.

"As luck would have it, we had a very strong consumer business, initially," Doggett said.

One day in April 2010, Eugene Kaspersky got the news that market researcher NPD Group had named his company the No. 1 provider of security software in the consumer market. "So I got myself a very expensive scotch whisky that night," he said.

Kaspersky In the Enterprise

Kaspersky Lab has been building on its success among SMB companies to grow sales to larger customers. Sales to enterprise businesses (those with at least 1,000 employees) grew 35 percent in 2014, according to Doggett, while sales to large enterprises (5,000 or more employees) grew 50 percent.

Kaspersky Lab has steadily expanded the enterprise-class capabilities of its flagship Kaspersky Endpoint Security for Business software. Several years ago, the company introduced Kaspersky Security for Virtualization, a product that Doggett said "has really moved us into the data center."

Looking ahead, the company is now selling anti-DDOS (distributed denial of service) software to enterprise customers in Europe and plans to bring it to the U.S. soon. New anti-APT (advance persistent threats) and security intelligence software are under development.

A Peak At Kaspersky's Development Projects

Kaspersky Lab is targeting the financial services industry with a range of software and services through its new financial protection business unit. That includes tools that banks use to secure transactions ("That's an area of very strong demand right now," Doggett said) and develop security for their mobile banking applications.

The company also is developing and prototyping a series of new technologies for securing critical SCADA (supervisory control and data acquisition) infrastructure and industrial control systems. "There's clearly a lot of work to be done in that space," Doggett said.

Kaspersky Lab even has a nascent business in cybersecurity games for training and simulation. "But we are not going to go into the [video] game business," Eugene Kaspersky said.

The Rising Malware Tide

In years past, security engineers at Kaspersky Lab employed more manual practices to identify malware. But Doggett said his company is identifying 325,000 new pieces of malware every day, making that approach impossible. So the company has developed automated systems that quickly identify malware as soon as it hits the Internet.

Investigators, Not Police

While Kaspersky Lab works with law enforcement organizations around the world, "We don't do the last mile of attribution and apprehension," Doggett emphasized. While the company is frequently asked whether it knows who initiated attacks, "Our job is to do all of the research and uncover all of the diagnostic information and then give it to the appropriate people," he said.

Law enforcement generally then conducts the final attribution and apprehension, including interdiction and seizure of physical computers used in attacks. But Eugene Kaspersky acknowledged there have been cases where, at the request of police, Kaspersky engineers have joined police raids to check the suspects' software on the spot.

The Threat To SCADA

Governments and private industry see potential cyberattacks against critical infrastructure and industrial control systems as one of the biggest security threats today. As an example, Eugene Kaspersky cited a report about a steel mill in Germany whose IT systems were hacked last year and, although details remain scarce, resulted in physical damage to the plant.

"Enterprises, they are scared. Governments, they are scared. But at the moment they don't know what to do. They don't have a strategy," Kaspersky said. "The good news is that there are not many attacks like this happening. A few a year."

Old-Style Thievery Meets Cybercrime

Kaspersky is seeing cases where organized crime is employing software engineers to hack into IT systems and changing electronic records to cover their tracks -- "crime as a service," he called it.

Criminals will hack into the IT system for a petroleum, grain or coal facility, change the balance of the stored commodity, and then physically steal loads of the product, leaving no one the wiser. Another example: Smugglers hack into a shipping company's IT system, or even border control IT, and change the record for a shipping container to indicate that it had been inspected when it wasn't.

"I'm afraid about the next step: Terrorists to employ very professional engineers" as cybermercenaries for attacks on physical infrastructure, telecommunications networks and critical data, such as that found within financial systems, Kaspersky said. "Unfortunately, we are living in a very vulnerable world," he said.

What Must Be Done To Thwart The Threat

Kaspersky said the focus must be in three areas:

-- Technology: Develop and implement security technologies to protect small business and individuals, large enterprises with critical data and physical infrastructure. Big companies must adopt new security technologies at a faster pace.

-- Education: Improve security training and awareness for employees and expand information-sharing initiatives between nations.

-- Law Enforcement: Strengthen cybercrime regulations in all countries, including regulations governing critical infrastructure, and improve international cooperation and information sharing between law enforcement and intelligence services.

"I'm afraid a couple of very bad incidents will happen" before many large companies speed up their cybersecurity efforts, Kaspersky said.

Consolidation In The Security Software Industry

Kaspersky expects to see consolidation in the security technology industry with smaller companies snapped up by bigger companies.

But don't expect Kaspersky Lab to be on the acquisition hunt. Eugene Kaspersky puts a premium on the engineering-driven culture in his company, and he said that's difficult to replicate within an acquired company. The one time Kaspersky acquired a company, Spamtest Project in 2005, he said it took three years to fully integrate it with the rest of his company. Kaspersky said he prefers to develop technology in-house.

Kaspersky also disclosed that in Kaspersky Lab's early years, the company was approached by a number of vendors that wanted to buy it. More recently, he said, three of those same companies approached Kaspersky Lab to buy them.

Kaspersky's Growing Channel Presence

Kaspersky Lab started with five channel partners and now has more than 3,500 in North America -- including 500 that joined the company's channel program in the last year. "We have quite a few new partners coming in," Kaspersky said. "So we are growing our presence here."

Last week, Kaspersky hosted its North American Partner Conference in Miami, where it unveiled a retooled channel program that offers more incentives for selling to midmarket and enterprise customers.

"We heard from [partners] that they're seeing high growth with us. That they are very happy with the gross margins they have in the business. It's more attractive for them," Doggett said.

Channel Partner Concerns

The security IT market remains "a highly competitive space," Doggett said, repeating what he heard from solution providers at last week's North American Partner Conference. And the costs of doing business in the market are higher than other IT market segments.

Part of that challenge is the constant battle to maintain a skilled workforce. "It's hard to find the people, and costly when they do," Doggett said.

There's also some consolidation occurring in the security software channel. Doggett pointed to the recently completed Accuvant and FishNet Security merger as an example of the trend.

Don't Count On A Kaspersky Lab IPO Any Time Soon

Kaspersky Lab, working with accounting firm KPMG, began using industry-standard accounting practices a number of years ago in preparation for a possible initial public offering -- what Eugene Kaspersky called behaving "as a prototype of a public company."

But Kaspersky made it clear an IPO isn't likely in the next few years, citing the flexibility that comes with staying private. "It's not my way," he said of public company requirements. "It's slower, the decisions must be made in a different way, too much reporting. I want to keep the company flexible, fast.

"But I didn't say never," he added.

Internet of Things Creates New Vulnerabilities

Promoters of the Internet of Things (IoT) envision a world where everything from industrial control systems, to home appliances, automobiles and medical devices will be interconnected. But from a security point of view? "We call it the 'Internet of Threats,'" Kaspersky said.

Kaspersky Lab evaluates devices for their potential to be a target for hackers before deciding whether to develop security software for them. The company skipped the iPod, for example. "The Apple Watch? We don't know," Kaspersky said. But the company has developed prototype security software for smart TVs; Kaspersky said he's "100 percent sure" they will be a target. The same for smart cars.

Kaspersky can just imagine the huge number of IoT-enabled devices his company will have to evaluate in the future. "Our test lab will look like a mall," he laments.

Boston's Winter Vs. Winter In Moscow

Kaspersky Lab is headquartered in Moscow. But the company's U.S. headquarters is just outside Boston in Woburn, Mass., and Eugene Kaspersky has spent time this winter in both places. He said Boston, which has recorded more than 105 inches of snow and extended periods of below-freezing temperatures, has had it much worse.

Moscow, he said, has had an unusually warm winter with rain around the holidays that would normally be snow. "Much less snow than in Boston. I don't like it. Give our snow back to us," he said.

We would if we could, Mr. Kaspersky.