“The cybersecurity market needs to open up because customers need to trust it”
The Russian invasion of Ukraine has changed world geopolitics and many companies’ fortunes. The international escalation between sanctions against Russia and bans imposed by the Moscow government on Western countries has particularly affected Russian companies operating outside national borders and those developing, implementing and selling Russian-related technologies.
Among the various companies that have come under the spotlight is Kaspersky, known worldwide as one of the most relevant companies dedicated to cybersecurity, with over 400 million users, 240,000 companies and a global turnover of $752 million in 2021. Already active in previous years with a transparency initiative regarding its operations, Kaspersky has since then set in motion a constant dialogue with the institutions of various European countries to demonstrate its independence from Russia. In Italy, as in France and Germany, many voices and even decrees were raised last March calling for Kaspersky’s products to be replaced with those of other companies due to the potential risk of malicious attacks facilitated by a company close to the Kremlin.
Kaspersky is a company with no ties to countries or governments
“The company was founded in 1997 and has been independent since its inception, under the ownership of founder and CEO Eugene Kaspersky and, with a minimal share, his ex-wife Natalya,” Cesare D’Angelo, General Manager Kaspersky Italy, who we met at the Transparency Center inaugurated at the end of September in Rome, tells 4i-Mag.
“The proof lies in what has been done during the first 25 years of the company’s life, which in 1998 moved its registered office to the UK, while in 2020 the transfer of data to servers in Zurich, our European hub where our customers’ data is kept, was completed. We are talking about cyber threat information because we do not process sensitive personal data’.
One might think that it was precise because of the media pressure that Kaspersky initiated Operation Transparency, aimed at strengthening the dialogue with institutions, customers and partners in order to demonstrate how the company goes about writing software, updating, distributing and processing data.
In fact, the Global Transparency Initiative began in 2017, when the Trump administration feared that Kaspersky products allowed Russians to spy on Americans’ computers. Although never proven, the accusation was an opportunity to open up the company to improve trust and security towards its services. Thus were born the Transparency Centres, which today number nine scattered across Europe, Asia and the Americas: those in Rome and Utrecht joined the already active offices in Kuala Lumpur, Madrid, São Paulo, Singapore, Tokyo, Zurich and Woburn (in Massachusetts).
What did you do when the national cybersecurity agencies of various countries and the press put you in the spotlight, blaming the company’s dependence on Russia?
D’Angelo: Our priority was to continue to provide service to customers and, on the other hand, to communicate with the market and institutions because it is important to emphasise that no one has ever questioned the quality of our technology. On the other hand, everyone has made political choices about which we can do little. During the past few months, the SOC 2 and ISO 27001 certifications were renewed at the Transparency Center in Zurich, which testify to the correctness of data management processes and the integrity of updates and software parts against third-party tampering. This is a concrete response to the concerns raised by regulators.
Kaspersky was the first company to launch a transparency process in cybersecurity. What kind of benefits has it brought over time and in the face of the unpredictable geopolitical developments due to the Russia-Ukraine conflict?
D’Angelo: We are the only company in the cybersecurity sector that allows the source code of developed products to be inspected, a possibility granted to those who have the expertise to do so. This best practice is a source of pride and uniqueness since being transparent in dealing with such a sensitive and delicate subject puts us in a position to present ourselves to our customers in the best possible way. It is also thanks to this choice, in the difficult time that began last spring, that we have managed to keep many customers with us.
They put their trust in us precisely because of what they have seen and achieved over the previous years. It is no coincidence that we have had loyal customers for 10-12 years. We would like, however, for openness to controls to become an industry standard because the customer has to trust us. However, it is up to the institutions to change this and demand more clarity.
Fabio Sammartino, Head Of PreSales Kaspersky Italy: The hope that other cybersecurity vendors will follow our example stems from the few tools the market has to assess product quality. There are only independent certifications and tests, which are required when there are tenders. This is fine with us because we are very well prepared, but it would be better for everyone to expand the evaluation tools.
Has the post-conflict difficult period affected the Italian branch? Were there any redundancies due to the change of perspective?
D’Angelo: No one has been laid off, and there is no idea of reducing employees, which today number 45 distributed between Rome and Milan. Several people have decided to change companies, and there have been drops in turnover, but the crisis in some areas is compensated globally by growth in other areas. The best results come from the Middle East and Russia, where with the withdrawal of competitors, only we are left who know the country, culture and territorial dynamics. Africa and Asia are also growing, as is South America. The geopolitical issue has mainly impacted Europe and North America.
Remaining in Western Europe, what are the main markets for Kaspersky?
D’Angelo: Germany is the richest, then there is France which also has North Africa, then Spain and Italy, which have a comparable market. Less relevant for us is the United Kingdom.
Why should companies, individuals and institutions today prefer Kaspersky to its competitors?
Sammartino: Firstly, because of the level of our technology. Then for the ability to qualitatively analyse cybercrime and its protagonists. We have a unique amount of information coming from the Russian area, which is a fundamental value that allows us to make our products and intelligence services more secure. This comes from the amount of cybercriminal groups active in Russia: 90 per cent of ransomware attacks come from there. These are criminals we study and whose attacks we are able to prevent. That is why we can bring impossible value to others.
D’Angelo: A relevant detail on the subject of ransomware, the main threat to companies, is that independent tests have shown that we are the only ones to detect 100 per cent ransomware without any compromise of files. It does not mean that we have solved the ransomware problem, but it is an important factor for customers when they have to choose who to entrust with their security.
What is the attitude of companies towards the ransomware threat?
Sammartino: There is a high tendency to pay because a company without backup has few immediate choices. Companies think paying is the best solution to get back up and running as soon as possible. But there must be more to solve the problem of understanding what happened and how the cybercriminals got in. Secondly, it is not uncommon for those who pay to suffer a second attack a few months later, with double the damage. To remedy the emergency, interventions must be planned before and not after the attack. Companies need to understand that investing money to defend their security systems is an advantage, not the other way around.
Can any attack be neutralised in the future?
D’Angelo: The goal is Cyber Immunity, which means making the cost of the attack higher than the attacker’s expectation of gain, so he changes his target. Thanks to Eugene Kaspersky’s vision, we do this with Kaspersky OS, the operating system already mounted on IoT gateways, to centralise and guide communication between sensors distributed across the territory. Subsequent developments will involve smartphones and car controllers, in a process that will change our business.