If you're watching the news, you'll have seen the United States taking some action against Kaspersky Labs. Kaspersky Labs is a cyber security/antivirus software provider, and has been part of many organizations' security roadmap for over a decade.
But what's going on? What's DHS got against Kaspersky?
Background
Kaspersky Lab, a cybersecurity company based in Russia, has long been recognized for its robust security solutions. However, its ties to the Russian government have raised red flags within the U.S. intelligence community. In 2017, these concerns culminated in a directive from the Department of Homeland Security (DHS), instructing federal agencies to cease using Kaspersky products. This directive was rooted in fears that the software could be exploited by the Russian government for espionage purposes.
Key Reasons for the Ban
1. National Security Concerns: The primary driver behind the ban is the potential threat to national security. U.S. intelligence agencies have expressed concerns that Kaspersky software could provide the Russian government with unauthorized access to sensitive information. Given the heightened state of cyber warfare, protecting national security infrastructure from potential foreign interference is a top priority.
2. Espionage Risks: Allegations of espionage have dogged Kaspersky Lab for years. Critics argue that the company's deep ties to the Russian government create an environment where its software could be used as a tool for state-sponsored espionage. Although Kaspersky has consistently denied these claims, the mere possibility of such risks has been enough to warrant action from U.S. authorities.
3. Lack of Trust in Russian Tech Firms: The broader context of strained U.S.-Russia relations plays a significant role in the decision to ban Kaspersky products. In an era where cyber threats are a major component of international conflict, trust in the technology used by federal agencies is paramount. The U.S. government's lack of confidence in the security and integrity of Russian tech firms has led to a precautionary approach.
Implications of the Ban
1. Impact on Federal Agencies: The most immediate effect of the ban is on federal agencies that were previously using Kaspersky software. These agencies have had to transition to alternative cybersecurity solutions, which can be both time-consuming and costly. The shift underscores the need for rigorous vetting of software used in government operations.
2. Private Sector Considerations: While the ban specifically targets federal agencies, it has also prompted many private sector companies to reassess their use of Kaspersky products. Businesses, particularly those involved in critical infrastructure or handling sensitive data, must weigh the potential risks against the benefits of using any foreign-developed software.
3. Global Cybersecurity Landscape: The ban on Kaspersky is a reminder of the geopolitical dimensions of cybersecurity. It highlights the need for international cooperation and standards in addressing cyber threats. Additionally, it serves as a cautionary tale for other cybersecurity firms about the importance of transparency and trust in their operations.
What Should You Do?
For businesses , the Kaspersky ban serves as a critical reminder to prioritize cybersecurity and remain vigilant about the origins of the software they use. Here are a few steps you can take to ensure your cybersecurity measures are robust:
Review Your Security Software: Assess the cybersecurity tools you currently use and consider their origins and potential risks. Opt for solutions that are well-regarded and transparent about their operations.
Stay Informed: Keep abreast of the latest developments in cybersecurity, including government directives and expert analyses. Staying informed will help you make proactive decisions about your security posture.
Seek Expert Advice: Consult with cybersecurity experts to evaluate your current defenses and identify any potential vulnerabilities. Experts can provide tailored recommendations to strengthen your security framework.
We work with well respected security partners like SentinelOne, Microsoft, and more to keep you safe. Do you need to get off the Kaspersky platform? Drop us a note!
Is your company still using Kaspersky?
Or maybe you'd just like an overall security audit to make sure you're security is buttoned up? Either way, drop us a note and we can have someone reach out.
Want to talk about your security?
Sources:
Department of Homeland Security, "Binding Operational Directive 17-01," September 13, 2017.
The Guardian, "US bans agencies from using Kaspersky software over spying fears," September 13, 2017.
Reuters, "Kaspersky Lab says it is a pawn in U.S.-Russia geopolitical game," October 25, 2017.