Source code inspection means trust in cybersecurity

By August, 2019 ICT
Cybersecurity firm Kaspersky will open a new Transparency Center in Malaysia inviting governments and companies to inspect source code for greater trust.

Kaspersky CEO Eugene Kaspersky announces the creation of a new Transparency Center in Malaysia – will it create more trust? That’s the goal! Image: Paul Hemsley.

They say trust should be earned – but with trust in institutions in such short supply lately, one company is leading the charge by fostering a renewed campaign to increase public confidence in its range of products and services.

That company is Russian cybersecurity firm Kaspersky (recently rebranded from its previous Kaspersky Lab banner), which announced the creation of its first Transparency Center in the Asia Pacific region in Cyberjaya, Malaysia on 15th August, 2019.

The announcement comes as the company reaffirms its international push to build a more trusting relationship between itself, government and private sector buyers and stakeholders, as well as the wider ICT and cybersecurity community.

The new Cyberjaya centre is actually Kaspersky’s third of its kind, with existing facilities in Zurich, Switzerland and Madrid, Spain, serving as a hub for guests to learn more about the company’s engineering and data processing practices, and gain deeper insight into its ongoing strategies to thwart the efforts of cybercriminals worldwide.

This is especially true as Kaspersky has begun pushing for a new mindset in fighting cybercrooks by switching from “cybersecurity to cyberimmunity”, ideally achieved through “trusted behaviour”, installing “security layers that isolate all modules”, and “microkernel architecture” – essentially using a blockchain approach to inoculate ICT infrastructure rather than having to regularly treat common symptoms.

It’s an important step for Kaspersky in planting its flag firmly in the heart of the Asia Pacific region’s very own tech hub of Cyberjaya to assure neighbouring nations including Australia and New Zealand that its source code is open for inspection, which represents what the company feels is a significant “paradigm shift” in the way organisations must interact.

The launch and operation of these new ‘transparency’ facilities are part of Kaspersky’s ‘Global Transparency Initiative’ (GTI), which it calls its own “brainchild” to address the growing demand from partners and government stakeholders on how its products and technologies work.

With his signature rockstar-like enthusiasm at the launch event in Malaysia, Kaspersky CEO Eugene Kaspersky said the company intends to show customers and government stakeholders that its products are 100 per cent trustworthy.

Of course, the element of trust has been the key motivator behind the concept of opening such a series of Transparency Centers in Europe and Asia, as its efforts to seek government contracts in Australia and the United States have been stymied by bureaucratic paranoia in relation to its national origin in Russia.

Enjoying this article? Sign up for more! eNews Signup

And with these Transparency Centers being a significant investment by Kaspersky to stand out in a competitive marketplace as the one that’s the most user-friendly and most capable of meeting the demands of a continually changing cyber world where fighting off independent and state-sponsored cyber-attacks are reaching critical mass, Kaspersky expects a pay-off in dividends that will result in more business and higher revenue to invest in further research and development.

Anton Shingarev, Kaspersky’s vice president, public affairs, feels strongly that the company has much to offer on cybersecurity to Western nations, despite the anti-Russian sentiment that fuels the paranoia within the US government.

However, speaking to GovNews, Mr Shingarev feels that although these American suspicions don’t measure up to the harsh realities of cybercrime, all the geopolitical tensions “to some degree are reasonable”.

Explaining that the banning of procurement for Kaspersky in the US government and the hesitation from the Australian government is what motivated the GTI in the first place, Mr Shingarev said Kaspersky being perceived as a Russian company is an image problem in these markets.

With the creation of the GTI as a way to stem the political misconceptions of Kaspersky, especially since political tensions have escalated between the US, China and Russia in the last few years, Mr Shingarev said Kaspersky needed to keep its distance.

“We consulted with the National Cybersecurity Centre in Britain to try and understand their concerns and how we can address their concerns. We can’t completely remove ourselves from the politics, it’ll be with us forever but we can minimise it,” Mr Shingarev said.

The other problem Kaspersky faces is the introduction of new amendments to the Australian Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, where companies operating in Australia could be compelled to surrender sensitive information.

Kaspersky, along with Amazon among others, have submitted recommendations to the Australian government that oppose these measures, stating that disclosing information on creative and sensitive security infrastructure, including source code, “may pose a serious threat to keeping…products’ integrity and trustworthiness”.

Mr Shingarev told GovNews that although it’s currently unknown how these new amendments will work and whether the government will hear the submitted feedback from industry, he believes it could backfire on the government and “create serious vulnerabilities and possible problems for security for large internet companies”.

The final word there is that Mr Shingarev is “fine with transparency”, as the GTI suggests, but he’s “against additional steps which weakens it”.

The Transparency Center in Malaysia will open its doors early in 2020.

Noushin Shabab and Negar Shabab, being some of the top cybersecurity gurus of their age, share their thoughts on fixing Australia's digital talent shortage.

5 Minutes With… Noushin Shabab and Negar Shabab, Cybersecurity Twins

| 5 Minutes With... | No Comments
How should Australia fix the cybersecurity talent shortage of the next generation? Find out here!
The NSW government has recruited the former technology head of Macquarie, Damon Rees to help lead the state's digital agenda.

5 Minutes With… Damon Rees, Chief Information and Digital Officer, NSW Government

| 5 Minutes With... | No Comments
Get the whole story on NSW's digital pathway from one of the government's top information leaders.
Coretta Bessi, former Chief Procurement Officer at NBN Co, chats to GovNews about how to effectively run a high level decision-making role.

5 Minutes With… Coretta Bessi, former Chief Procurement Officer, NBN Co

| 5 Minutes With... | No Comments
How to effectively run a high level decision-making role in one of Australia's most closely examined organisations.
Stone & Chalk's expert in residence Paul Shetler chats to GovNews about the state of the public sector and what needs to be improved.

5 Minutes With… Paul Shetler, Expert in Residence at Stone & Chalk

| 5 Minutes With... | No Comments
What needs to be improved internally in the public sector? The former head of the Digital Transformation Office has the answers.

Leave a Reply