Eugene Kaspersky on the cyber jungle

Steve Cassidy braves the tech jungle that is CeBIT to hear the security guru give some sage advice.

It was this audience that Eugene Kaspersky had in mind with his presentation. He didn't dive in especially deep to his topic - not one slide gave any hard numbers behind any of his assertions. What he provided was a rapid-fire tour of the motivations behind the attacks, not the mechanisms.

Every time I use a computer, I am aware of the possibility that someone government, or criminal could be watching.

He wanted the room full of CXO types to sit back in shock and think "wait, this isn't some crazy nerd talking here it's a chief exec, just like me, who knows the limits of my beliefs."

While stories of hackers making their own petrol station discount cards by hacking the sales system of the chain of garages didn't get much attention (they were caught within a month, apparently), the story of a heist lasting five years, of coal from Russian automatic loading systems for coal trains, clearly had a bigger impact.

Incredulity management didn't appear on his big screen, or on the cutesy cartoon board being drawn off to one side of the stage as he spoke. But it ran through his whole presentation. As techies, we all have a responsibility to figure out what the bosses are going to understand, given that they probably won't want to dive into the deep details of what makes an attack work or fail. And, at a certain level, the attack that gets through is the one that someone is too incredulous to spend money protecting against.

With a room full of CXOs, Kaspersky wasn't going to move much below appeals for international standardisation and cooperation to talk specifics about risks to net neutrality. Nor was he going to go into the differences between having to protect a vulnerable machine against its own security holes, or putting imperfect machines behind restricting traffic chokes of some kind. He wanted other people largely, regulators and various forces for social change to shoulder the burden of improving cyber security, mostly by way of very non-technical initiatives like education and legal changes to regulation.

He even had a section on the nature of cyber espionage, though at this point I suspect he realised he was treading on thin ice against his own preferred fixes for the lower-level criminals it's very hard to co-operate internationally when your co-operators are also spying on you.

Right at the end, the master of Ceremonies blindsided him with a final question: "Who worries you more the cyber criminals, or the NSA?"

Eugene Kaspersky hedged his bets with a 90 per cent non-verbal answer. He spread his arms wide and eventually shook the MC by the hand, limiting his words to a carefully non-committal "Thank you very much" before going on to say "Every time I use a computer, I am aware of the possibility that someone government, or criminal could be watching."

It doesn't matter how jolly or engaging you are as a speaker that's a pretty chilling thought.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
The fate of Parler exposes the reality of deregulated social media
Policy & legislation

The fate of Parler exposes the reality of deregulated social media

14 Jan 2021
Should IT departments call time on WhatsApp?

Should IT departments call time on WhatsApp?

15 Jan 2021