Kaspersky Lab – Russia’s IT Security Jewel

Written by

Naming a company you founded after yourself can be problematic. OK, no one tries to place the blame for HP’s recent woes on Bill Hewlett or Dave Packard (anyway, according to HP’s current management a big turnaround in fortune is underway). However, the ups and downs of Dell are still closely associated with its eponymous founder Michael Dell, especially as he bids to take the company private again, a battle The Economist believes he may lose. For McAfee the recent antics of its founder, John McAfee, were mainly embarrassing after he went into hiding after being linked to a murder enquiry.

So, it was a brave decision back in 1997 when Eugene and Natalya Kaspersky named the anti-virus company they founded, Kaspersky Lab, after themselves. The name sounds, and is, Russian, and although the company now operates as a UK legal entity, it originates from Russia and many of its functions are still based there. Russia is perceived as a hotbed of organised crime and cybercrime, so why would you trust one of its companies with your online security?

In fact, compared to the examples listed in the first paragraph, Kaspersky is not widely known outside IT security circles (except in Russia itself, where it is a well-known consumer brand). There are two reasons for this. First, although its revenues, in excess of £600M, put it in the top 10 IT security companies, only the biggest are that well known, namely Symantec and McAfee (which is why the recent story about John was so widely covered).

Second is the way Kaspersky goes to market (outside of Russia). It has created a widespread network of OEMs (original equipment manufacturers) and ISVs (independent software vendors) that embed its anti-virus in their own products to provide that particular capability for their own offerings. OEMs and ISVs do not always reveal what is under the bonnet unless asked; however, a long list of technology partners on Kaspersky’s website includes:IBM, Alcatel-Lucent, Cisco, Juniper, Blue Coat, Check Point and D-Link.

Such prestigious partners have underlined the pedigree of Kaspersky’s anti-malware products and convinced many others to place their trust in the vendor; worldwide there are now over 400 million end-points under Kaspersky’s protection. Technology partners now account for just 20% of its business with a further 30% coming from businesses across Europe and beyond via 5,000 plus resellers. The balance comes from consumers.

If Kaspersky relied on just selling anti-malware, then its long-term future would be in doubt. As two recent free Quocirca research reports have shown, traditional IT security is no longer good enough on its own to defend against the growing numbers of targeted attacks and other emerging threats (see The trouble heading for your business and Advanced cyber-security intelligence). All IT security vendors have had to adapt, and Kaspersky has done so with a number of additions and modifications to its product set over the years.

Bringing it all together is the Kaspersky Security Network, a global network that gathers data from over 60 million end-points from contributing Kaspersky customers, providing rapid protection by keeping all users’ devices up to date with the latest information about malware and dangerous network links. However, such a capability is table-stakes for any IT security vendor and does not in itself defend against previously unseen (zero-day) threats.

So, the latest release of Kaspersky End-point Security for Business (KESB) includes a set of features designed to counter zero-day attacks. These include sandboxing, virtual keyboards, whitelisting, blacklisting, behavioural and heuristic analysis, etc. The range of end-points protected has been extending to include tablets, smartphones and virtual devices. There is also an an overall device management tool to manage patching, usage policy etc.

In addition, Kaspersky System Watcher introduces a context aware security capability by combining information from Kaspersky’s firewall, behaviour analyser and cloud-based reputation server to provide a broader overall risk assessment of suspected malware.

Kaspersky admits it is often not first to market but says this is to the long-term benefit of its users, as all of its technology is built in-house and therefore tightly integrated. Customers might not agree if they get caught out by some new threat whilst Kaspersky’s innovations are still in its Lab. That said, many may be unaffected if, as is often the case, Kaspersky is used alongside other security technology.

Kaspersky is an important player in the IT security industry and with its continuing innovation it seems set to remain so. It is likely protecting your organisation against various security threats somewhere, even if you do not know it. It is one of the few Russian software companies with a global footprint and has achieved a level of trust many Western business would envy; a jewel indeed.

What’s hot on Infosecurity Magazine?