Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/26/2020
01:10 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Q&A: Eugene Kaspersky on Tourism, the Pandemic, and Cybersecurity

The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.

When Eugene Kasperksy is not busy running his security company, he travels around the world. "We travel to taste the local food, smell the aromas, talk to the people, soak up the atmosphere," says the co-founder and CEO of the eponymously named security vendor. "It's an adventure, an experience, and nothing can change that."

Kaspersky's wanderlust is the reason he recently launched a travel accelerator program designed to assist entrepreneurs within the tourist industry whose ideas might have been disrupted by the COVID-19 pandemic. Startups that qualify for the so-called Kaspersky Exploring Russia program will receive marketing and media support from Kaspersky and will have an opportunity to participate in workshops and presentations from leading experts within the travel industry.

Here, Kaspersky talks about his new venture, the impact the pandemic will have on the security industry, Russian cybercrime, his company facing adversity, and other topics.

Q: What prompted you to launch the travel accelerator program? What kind of projects/ideas are you hoping the initiative will yield?

A: It's a difficult time for many businesses around the world, but tourism is among those suffering the most. We wanted to lend a helping hand to startups and small businesses that were planning to launch this year or launched shortly before the pandemic. We're giving them a chance to use this time to grow and develop with the accelerator program.

Q: What are some of the measures you plan on using to evaluate project ideas? What would make for a winning submission in your opinion?

A: First comes the novelty of the idea – how innovative and original it is. We also look at how the project helps tourism develop in general and, Russian tourism especially. We take a closer look at the project's team, how result-oriented it is, if it has the competencies, potential, and experience to grow the startup. And of course we look at competitive advantages, so that the project is sure to occupy a market niche when launched.

Q: What impact do you see the COVID-19 pandemic having on the travel and tourism industry? How has it impacted your own outlook on the matter?

A: Facing the recession, cost-cutting will be in place and I'm sure there'll be a big drop in business travel. We've all understood that many meetings can indeed take place online and this can save a lot of time and money. I'm sure that many companies will look at the money saved on travel during this period and ask whether they really need to go back to the same travel frequency. Of course this will not work for everyone. I myself still believe in the power of the good old handshake and a shared lunch or dinner and hope to be back on the road soon. What won't change in my opinion is leisure tourism.

Q: What impact has the pandemic had on the cybersecurity industry?

A: We see a rise in cybercrime – about 10% worldwide. It's not surprising: people are spending more time online, working from home, and cybercriminals are using this chance to attack, looking for vulnerabilities, exploiting human weaknesses. The pandemic situation is a fruitful time in this sense for them.

Q: Cybersecurity spending has increased substantially in recent years but there's little sign it is having any impact in reducing data breaches and data compromises. What's going on?

A: One of the key priorities for corporate cybersecurity is not to completely prevent data breaches – that's hardly achievable, as cybercriminals are constantly evolving their tools and techniques. It is to reduce the damage of a breach by detecting an attack as early as possible and responding to it properly. If we look at it that way, investment in cybersecurity pays off. An average data breach costs large enterprises $1.4 million, according to our annual survey. Having a dedicated security operations center (SOC) to detect, analyze, and respond to cybersecurity incidents reduces this number to $675,000 on average.

Q: What are the cyber threats that worry you the most currently?

A: Right now I am worried most about attacks on hospitals and medical organizations worldwide. They are under severe pressure to ensure healthcare processes are functioning and effective. The current cyberthreat circumstances they are facing make this an even greater challenge. The healthcare industry relies on technology connected to the Internet: patient records, lab results, equipment, and hospital infrastructure. All these technologies are vulnerable to cyberattacks. I have said this before and will repeat that cyberattacks on hospitals during the pandemic should be considered cyberterrorism. I hope that together with law enforcement agencies we will track down the attackers and punish them.

Q: What do you wish cybersecurity vendors and the industry in general would do more of and conversely, what do you wish they would do less of?

A: The trends that we have been witnessing in the last few years in the industry are protectionism, balkanization, and fragmentation of the Internet. All this leads to a decline in international cooperation among cybersecurity experts, officials, and law enforcement agencies. The world is extremely disunited and polarized. I'd like to see less of this and more cooperation, because we're all fighting a common enemy: cybercriminals. And they are the only ones who are benefiting from this balkanization and fragmentation.

Q: You recently talked about the world's top hackers and cyber-villains all coming from Russia. Why do you think that has happened?

A: I believe you're not quoting me correctly. I always say that not only the worst cybercriminals come from Russia, but also the best software engineers and R&D experts, thanks to the legacy of really good Soviet, and now Russian, technical education. I hope that the next generation of engineers will inherit this legacy. As far as I know the basics of programming are already implemented in the current middle school program in Russia. This is a good sign.

As regards the initial motivation of the majority of cybercriminals, I think it's the same all over the world and Russian cybercriminals are no exception. They want to earn money and don't care about the morality of their ways of doing so. Unfortunately, the black hats traditionally earn more than the guys fighting them. I think the same is applicable to criminals working offline.

Q: What's your philosophy when it comes to dealing with adversity? Your company has had its share of challenges with the US government in recent years. What's your message to your customers here?

We've never stopped providing our security solutions to US private customers and corporate clients, despite all the false allegations made against our company. I want to remind customers that there was never any evidence of wrongdoing from our side, just opinions based on hearsay; and there never will be any – for there was never any wrongdoing. To tell you the truth, we've left that chapter of the company's history in the past. That probably is the philosophy of dealing with adversity – to keep moving forward, no matter what. Our business is evolving, and we're showing great results.

Related Content:

 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really  bad day" in cybersecurity. Click for more information and to register
Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14180
PUBLISHED: 2020-09-21
Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. The affected versions are...
CVE-2020-14177
PUBLISHED: 2020-09-21
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version searching. The affected versions are before version 7.13.16; from version 7.14.0 before 8.5.7; from versio...
CVE-2020-14179
PUBLISHED: 2020-09-21
Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from...
CVE-2020-25789
PUBLISHED: 2020-09-19
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
CVE-2020-25790
PUBLISHED: 2020-09-19
** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our secu...