In-depth

Eugene Kaspersky on shifting security, spying and geopolitics

The security CEO revealed his thoughts on the state of security, government backdoors and more in our exclusive interview

The security industry draws some interesting characters well highlighted by every speaker at Kaspersky's Security Analyst Summit happily downing the shot of whiskey handed to them after their presentation.

Founder Eugene Kaspersky is no different he's no John McAfee, but drama and controversy still surrounds the Russian CEO. He's been accused of ties to the KGB (which he's strenuously denied), his son was kidnapped for ransom after he was declared one of Russia's richest men, and reports claim emails show he threatened to "rub out" rival firm AVG using fake samples.

In person, Kaspersky is perfectly affable, happily answering our questions whether individuals really need antivirus, if Bring Your Own Device (BYOD) was a bad move for corporate security, where the company stands on government snooping, and what the tension between Russia and the UK means for his business.

Has security moved away from individuals, and more towards institutions such as from banking customers to the banks themselves?

It's been moving that way for many years now. The criminals were attacking the individuals only ten years ago, and then they were shifting to small businesses and big businesses, and now to the enterprise and financial services. They've become much more professional What does it mean for individuals? When your bank is attacked, who pays? [We suggested they do.] Who pays for your bank it's your country, your company.

Years ago I was asked: so if your computer is infected and they don't steal the data, they just use your computer to send spam. Who pays for that? Do you not pay for it? You pay for it, because you pay for the internet connection. When they need to improve infrastructure [because it's overloaded by spam], who pays for that? Every attack, we all pay for.

Is BYOD a bad idea for companies, given individuals and consumer level equipment might be less well protected?

It's much more complicated. In the past, it was much more simple: you had your home computer, and you had your office computer, your home security and your business security. Now forget about home security the devices are everywhere and in many cases are connected to business.Nothing's going to stop it because it [BYOD] is an accelerator for business. If your company doesn't use these technologies, there's disadvantages to your employees and you lose [out to your] competition. There's no way to change it, no way to avoid it. We have to make these devices safer and more secure for the business environment so we have more and more work to do.

Governments are keen to insert backdoors into tech services and software. Where does Kaspersky stand on this?

There are different layers to this question, and different things the police do. The secret service and the police, they want to know what's going on, and they mean it for good: they want to see their terrorists and criminals. That's good. But at the same time, they want a huge amount of data from a huge amount of people. That's bad. They need data but how much. That's the question.

The second layer is when the cyber police or international police are spying on suspects. That's good. That's their job. The cyber tools they use, there's nothing wrong there. But we will unfortunately protect even suspects from the tools [police and authorities] use, because we don't know who is using the tool.

The criminals, the bad guys, the bad actors, they can use the cyber tools, the legal tools. We are like an X-ray. We detect the different malware no matter who is using it the terrorists, the criminal, or the policeman. But we don't know who is using it, so our policy is 100% clear: if we see a piece of malware, it will detect it.

The third layer is when the states spy on the states you don't need to send James Bond out anymore, you just click, click, click. We see a lot of it.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Square to acquire Afterpay for $29 billion
mergers and acquisitions

Square to acquire Afterpay for $29 billion

2 Aug 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021