2019-08-29 08:46

InfoWatch president Natalia Kasperskaya: "The Russians are explaining how this thing works."

Natalia Kasperskaya, President of "InfoWatch" Group of Companies and Chairman of the Board of Otechestvenny Soft, told "DP" how Russian information security solutions differ from American ones and why, despite the constant development of such systems, hackers still find vulnerabilities.

Is there a demand for domestic information security solutions abroad? How interesting is Russia, for example, to the Asian or African market?

- In my opinion, Russia has a unique trade offer in information security (IS). Only a few countries are professionally engaged in this area. This is the USA, they are the market leaders. Israel, the UK, and Russia are by far the leading countries in this area. There are single encryption developments in Switzerland and antivirus products in Germany. There are companies in France related to artificial intelligence. But systematically, "from" and "to" cover the entire spectrum of information security solutions in just four countries. In fact, these are two fronts: pro-American countries and Russia.

At the same time, information security is designed to protect modern information technologies. And we must understand that all modern technologies are remotely managed and, in fact, belong to their manufacturers, not to their buyers. So, if a customer acquires some technology, for example, some element of the Internet of things, then he expects that the technology will work in a certain way. But the buyer, especially from an African or Arab country, is not in a position to verify this. Because he doesn't have enough knowledge and specialists. And these technologies still have to be protected.

Obviously, a country that wants to preserve its digital sovereignty would like to have security features that would allow for real protection, including from an IT manufacturer. And here the Russian means of information security come to the aid.

We have a very well developed market, with dozens of world-class solutions. Besides, Russians are ready to teach foreign buyers and architecture of the decisions and frequently to open source codes.

In other words, domestic companies are much more open in terms of providing intellectual property. They will teach not how to use the software product - to press buttons - but how the product is arranged inside, what it does, what other possibilities it has. If Americans are teaching user skills, Russians are more engineers. They will explain to foreign buyers of Russian IS solutions, "how this thing works", will teach to work with the software product of their engineers, will give customers the opportunity to further develop. That is why I believe that Russian IS solutions are a unique trade offer of our country on the world market.

How do InfoWatch and Kaspersky Lab solutions fundamentally differ? Why do these companies compete with each other?

- These are different solutions. "Kaspersky Labs (KL) mainly protects enterprises and individuals from external threats, viruses and the like. InfoWatch is focused on protecting businesses from internal threats. In addition, Kaspersky Lab and I have different target audiences.

We focus on large corporations, while the Lab focuses on medium and small businesses and individuals. Some of our products are similar to those of Kaspersky Lab.

For example, we have Attack Killer, which protects web applications from vulnerabilities, and Kaspersky Lab has such a system too. But I wouldn't say we're in tough competition here, either. Because we have a different product positioning and a different target audience. On the contrary, we are ready to cooperate, we have a normal relationship.

Everyone knows about hackers, but analysts are still recording an increase in the number of attacks and information leaks. What is it - a decrease in the security level or carelessness of employees? And how do we live with that?

- Let's first look at why the number of leaks is increasing.

There is a growing amount of digital information in the world. In the past, the amount of data that humanity generated doubled every year. Now that growth has slowed a little bit, but it's still huge volumes. Naturally, such volumes of data will always create gaps.

In addition, a large number of new systems are appearing, for example, the same IoT (Internet of Things. - Ed.). Smart TVs, smart kettles, fridges and other appliances. All of them are a potential source of problems. Because any new technology carries new threats. The number of new technologies is growing, so are the number of new threats.

One more reason of increase in number of leaks is following: earlier occurrence of new technology meant fast appearance of protection against threats which this technology carried (for example, viruses for the personal computer - anti-virus programs), now these technologies appear literally every day, and protection means behind them simply do not keep up. According to some data, about 60 % of devices of the Internet of things today are not protected.

How to live with it? To understand that the digital world bears new risks which it is necessary to learn to recognize. For this reason, I'm not in favor of rapid digitalization.

After all, by introducing new technologies, people rely on new functionality, often neglecting the possible negative consequences. And when these consequences come, it turns out that it is extremely difficult and expensive or impossible to protect this technology. For example: the Mirai botnet (2016) was used to launch a DDoS attack on the infrastructure of Dyn, the largest DNS provider in the US. The attackers sent a simultaneous signal from several hundred thousand Internet devices (mostly web cameras) to Dyn. The provider failed and as a result such resources as GitHub, Netflix, Reddit, Twitter, The New York Times and PayPal became temporarily unavailable. The attack was possible because the webcams had no encryption and could be accessed by any hacker. How do you fix that? Just physically change all the cameras. Do you have any idea how expensive that is?

All of the above means that the design of any system must be based on basic information security rules and security features (if any). And if they do not exist, then you should not hurry to install such technologies.