Anton Shingarev, vice president for public affairs at Kaspersky Lab
Beset with factors that influence its operations such as global geographical tensions, the internal political situation in the U.S., and campaigns against the company, Moscow-based Kaspersky Lab has announced a global transparency initiative to ensure full transparency needed to sustain trust in the company, its products, and the cybersecurity industry.
The initiative entails the relocation of core facilities and processes, including customer data storage and processing for most regions, software assembly, and threat protection updates from Russia to Switzerland, as well as the establishment of the first Transparency Center, also in Switzerland.
To ensure transparency, the Transparency Center will dispose the source book, provide the source code and updates and offer these for an independent review to be supervised by a Switzerland-based independent third-party that is qualified and selected by Kaspersky. To be hosted in Switzerland, the Transparency Center is expected to open this year.
Relocation of data processing facility
The most important part of the initiative is the relocation of their data processing facility, according to Anton Shingarev, vice president for public affairs at Kaspersky Lab. They have to redesign as they collect a lot of information, numbering about 300,000 new samples of malware a day. The activity will start this September 2018 where first pieces of information will be collected, stored and processed in Switzerland. The whole project will be completed by the first quarter of 2020.
The data storage and processing facility will store and process information for users in Europe, North America, Singapore, Australia, Japan and South Korea, with more countries to follow. Information is shared voluntarily by users with the Kaspersky Security Network (KSN), an advanced cloud-based system that automatically processes cyberthreat-related data.
Kaspersky Lab products and threat detection rule databases (AV databases), on the other hand, will be assembled and signed with a digital signature in Switzerland before end-2018. Newly assembled software can be verified by an independent organization to show that software builds and updates received by customers match the source code provided for audit.
Why Switzerland
Shingarev said the move to relocate the data processing facilities to Zurich, Switzerland is a decision based on consultation with their partners and regulators.
Shingarev adds they choose Switzerland to be the relocation site of their core infrastructure because it is not involved in political alliances.
“It is part of their DNA, being independent for hundreds of years. Besides, the data protection laws in Switzerland are very strict, one of the strictest in the world. They are very transparent and we’re getting an independent third-party which verifies all the data we collected. Switzerland is one country that protects data by laws in a very strict way,” said Shingarev.
The factors that can influence Kaspersky Lab’s operations provide the company the opportunity to become the first to implement new changes such as transparency center, relocation of data processing facilities, and source code for more transparency that will benefit customers as well as the cybersecurity industry. .
“By implementing this transparent approach in cybersecurity, Kaspersky Lab is establishing an unprecedented standard in the industry. At this point in the history of cybersecurity, openness is crucial in forging transparent relationships and help establish policies that would benefit each and all to be safe from cyber threats,” said Shingarev.
