The recent news about the U.S. Department of Commerce’s decision to ban Kaspersky Lab from operating in the United States might seem concerning at first glance. However, we believe this decision has limited real-world impact on cybersecurity strategies for our IT customers.
What Happened
The Department of Commerce’s Bureau of Industry and Security (BIS) has issued a Final Determination prohibiting Kaspersky Lab, Inc., the U.S. subsidiary of the Russia-based cybersecurity company, from providing its products and services in the United States due to national security concerns. This decision affects Kaspersky’s affiliates, subsidiaries, and parent companies. BIS also added three related entities to its Entity List for their cooperation with Russian military and intelligence authorities. The determination, resulting from a thorough investigation, found that Kaspersky’s operations posed an unacceptable risk due to potential Russian government influence.
Businesses and individuals using Kaspersky products are encouraged to transition to new vendors by September 29, 2024, to avoid cybersecurity risks. This action aligns with previous measures against Kaspersky, including a 2017 directive and the 2018 National Defense Authorization Act prohibiting its use by federal agencies. The Department of Commerce, in collaboration with other federal agencies, is working to inform affected users and facilitate the transition away from Kaspersky products. The full list of prohibited transactions and additional resources are available on the BIS website.
Bureau of Industry and Security Press Release https://www.bis.gov/press-release/commerce-department-prohibits-russian-kaspersky-software-us-customers
Why Kaspersky Was Banned
The U.S. government has cited several reasons for this prohibition, rooted in concerns over national security and the potential risks posed by Kaspersky’s operations. These reasons highlight the complex relationship between the company and the Russian government, as well as the inherent vulnerabilities in using Kaspersky’s software within the U.S. market.
- Government Influence: Kaspersky is subject to the jurisdiction of the Russian government, which can compel the company to provide sensitive data.
- Access to Sensitive Information: Kaspersky’s software has broad administrative privileges, potentially allowing the transfer of U.S. customer data to Russia.
- Malicious Software Capability: The company has the ability to install malicious software or deny critical updates, which could leave systems vulnerable.
- Third-Party Integration: Kaspersky products are integrated into third-party systems, increasing the risk of sensitive data exposure.
Why Our Customers Shouldn’t Worry
At Lumitiv, we have long advocated for a more nuanced approach to cybersecurity. Relying solely on commercial antivirus software, whether it’s Kaspersky or any other brand, is not sufficient to deal with today’s cybersecurity threats. While tools like Microsoft Defender, which is built into Windows, provide a baseline level of security, they are just one piece of the puzzle that organizations need to assemble.
Our Approach at Lumitiv
We prioritize the security and compliance of the software solutions we use. That’s why we exclusively utilize providers that have obtained either FedRAMP or DISA CSP authorizations. This ensures that our software partners adhere to the highest standards of security required by the US federal government and the Department of Defense.
- FedRAMP Authorized Providers: We rely on cloud service providers that have achieved FedRAMP Low, Moderate, or High Impact authorizations, depending on the sensitivity and criticality of the data being handled.
- DISA CSP Authorized Providers: For solutions requiring enhanced security, we use providers authorized under DISA CSP guidelines, certified at Impact Levels 2 through 6, ensuring they meet stringent requirements for handling everything from non-controlled unclassified information to classified information up to SECRET.
By choosing FedRAMP or DISA CSP registered software solution providers, we ensure that our clients’ data is protected by the most rigorous security standards available.
Specialized Solutions Enhance Security
In our client corporate environments, we don’t depend solely on Microsoft Defender. We believe in using specialized solutions tailored to address specific threats. By partnering with expert software providers for each area of protection, we offer our customers the highest level of security available to them. This best-in-class strategy ensures that every business vulnerability is covered by the most effective tools available, and we’re constantly vetting and validating our partners to ensure their effectiveness.
Comprehensive Cybersecurity Strategy
Effective cybersecurity isn’t just about having the right tools. It involves a comprehensive and ongoing strategy of awareness and testing. There’s a common misconception that turning on a few software packages and changing some configurations can be done as a one-time project, but cybersecurity is an ongoing, organization wide initiative.
- Regular Awareness Training: Educating employees about the latest threats and safe practices.
- System Updates: Keeping all software and hardware up to date to protect against vulnerabilities.
- Infrastructure Maintenance: Ensuring that all systems are maintained to the highest standards.
- Network and Backup: Building secure networks and reliable backup solutions to safeguard data.
Conclusion
The ban on Kaspersky products in the U.S. doesn’t affect our customers. Our approach to cybersecurity goes beyond any single software solution, focusing instead on a multifaceted strategy that incorporates specialized tools, ongoing education, and rigorous maintenance. At Lumitiv, we are committed to providing the most secure environment for our clients, ensuring their business operations remain protected against ever-evolving cybersecurity threats.