Story image

Exclusive: The major risks of cyber Balkanization

Recently IT Brief had the opportunity to sit down with Anton Shingarev, VP of public affairs for Kaspersky to discuss some of the major risks of Balkanization to the cyber world. 

Can you tell me a bit more about Balkanization in the internet space? 

What we find is that the cyber world is falling apart. The united internet world is ceasing to exist. There are a few reasons why it's happening. 

You're from New Zealand? You may think come on, we are from New Zealand a remote country with no major enemies, who needs or who cares about us? 

In the modern interconnected world, you can be a very far remote peaceful country, but you can still be attacked, it can be collateral damage, it can be just random for criminals who want money, you can still be a victim. The whole country can be paralyzed, it’s a theoretical example but it can happen. 

The WannaCry attack that happened last year was a good example. Some industries were paralyzed. Myers, which is a huge transnational company was paralyzed for a week and many other companies were paralyzed, so the virus can disrupt the country and it can disrupt the economy. 

Congress finally realised that and they're scared and the natural response is to build walls and that’s why the world has fallen into many, many small pieces.

Why do you think governments are increasingly drawn to the idea of isolation? 

As I said, it's natural. When they see the threat, how can they then protect themselves from that? We think these stakeholders, the regulators think, okay, we need to impose new strict regulations and it's going to help. Sometimes it does help, but it’s not really a permanent solution. 

Once again, an example of New Zealand, there are hardcore laws in terms of bringing in foreign species. It's done to protect your unique ecosystem but you can’t do the same for the internet, right? You can’t say ‘dear hackers’, you need to check the file before sending it, please. 

So how do you overcome the challenge of governments closing themselves off? 

I would say that it goes in waves. Before everything was allowed. You could do whatever you want. You could collect as much data as you want, you could store it, whatever you want. Now, governments realize, okay, wait a minute, hold on, we need to control it. 

We aim to find a balance. So our approach is that when we're talking to governments, like regulators in Australia, we say, look, yes, there are new rules of the game so let's find them together.

What kinds of laws do governments commonly implement? 

It's about data localisation. How you store data and process data in specific territories, it's about what you can share, what is critical national infrastructure in terms of it, how you should protect it, what are the fines, what are the requirements. But like I said this kind of closing off is not great.

Can we talk a bit about GDPR, this has undoubtedly been one of the most commonly discussed initiatives, what is your opinion on it?  

I believe it's good, the intention is good. I've heard that it was one of the most discussed laws in European Union history, there were something like 1,000 amendments. It took about 7 years for the law to finally come into effect, so some parts of it are already outdated. 

But overall I think it’s a good law because it's a very clear signal, we're gonna protect the data of our users, you cannot do with data whatever you want. It's a good point to start, it should continue to evolve in my opinion. 

And there is a big discussion on EU privacy legislation right now. So I mean, if this the right direction, and also this is a good example for countries that don’t have similar laws yet, they can draft their own new laws based on GDPR.

As a cyber security company, what are some of the biggest issues Kaspersky faces when it comes to interacting with regulations and governments? 

A lack of clear rules and principles. Rules and laws are good if they exist, even if they're bad, at least there are rules. We can either follow them and operate in the country or if there are rules that are not acceptable to us, we just don’t operate there. But if there is a country without rules, we don't know how to operate and it creates uncertainty, which is bad.

So really for us, it’s all about understanding the rules and regulations of a government and that’s why having candid discussions with them is so important.

Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.
Bitglass appoints new cloud, business development leaders
The cloud security company has appointed vice presidents for worldwide channels and worldwide business development.