Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/26/2020
01:10 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Q&A: Eugene Kaspersky on Tourism, the Pandemic, and Cybersecurity

The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.

When Eugene Kasperksy is not busy running his security company, he travels around the world. "We travel to taste the local food, smell the aromas, talk to the people, soak up the atmosphere," says the co-founder and CEO of the eponymously named security vendor. "It's an adventure, an experience, and nothing can change that."

Kaspersky's wanderlust is the reason he recently launched a travel accelerator program designed to assist entrepreneurs within the tourist industry whose ideas might have been disrupted by the COVID-19 pandemic. Startups that qualify for the so-called Kaspersky Exploring Russia program will receive marketing and media support from Kaspersky and will have an opportunity to participate in workshops and presentations from leading experts within the travel industry.

Here, Kaspersky talks about his new venture, the impact the pandemic will have on the security industry, Russian cybercrime, his company facing adversity, and other topics.

Q: What prompted you to launch the travel accelerator program? What kind of projects/ideas are you hoping the initiative will yield?

A: It's a difficult time for many businesses around the world, but tourism is among those suffering the most. We wanted to lend a helping hand to startups and small businesses that were planning to launch this year or launched shortly before the pandemic. We're giving them a chance to use this time to grow and develop with the accelerator program.

Q: What are some of the measures you plan on using to evaluate project ideas? What would make for a winning submission in your opinion?

A: First comes the novelty of the idea – how innovative and original it is. We also look at how the project helps tourism develop in general and, Russian tourism especially. We take a closer look at the project's team, how result-oriented it is, if it has the competencies, potential, and experience to grow the startup. And of course we look at competitive advantages, so that the project is sure to occupy a market niche when launched.

Q: What impact do you see the COVID-19 pandemic having on the travel and tourism industry? How has it impacted your own outlook on the matter?

A: Facing the recession, cost-cutting will be in place and I'm sure there'll be a big drop in business travel. We've all understood that many meetings can indeed take place online and this can save a lot of time and money. I'm sure that many companies will look at the money saved on travel during this period and ask whether they really need to go back to the same travel frequency. Of course this will not work for everyone. I myself still believe in the power of the good old handshake and a shared lunch or dinner and hope to be back on the road soon. What won't change in my opinion is leisure tourism.

Q: What impact has the pandemic had on the cybersecurity industry?

A: We see a rise in cybercrime – about 10% worldwide. It's not surprising: people are spending more time online, working from home, and cybercriminals are using this chance to attack, looking for vulnerabilities, exploiting human weaknesses. The pandemic situation is a fruitful time in this sense for them.

Q: Cybersecurity spending has increased substantially in recent years but there's little sign it is having any impact in reducing data breaches and data compromises. What's going on?

A: One of the key priorities for corporate cybersecurity is not to completely prevent data breaches – that's hardly achievable, as cybercriminals are constantly evolving their tools and techniques. It is to reduce the damage of a breach by detecting an attack as early as possible and responding to it properly. If we look at it that way, investment in cybersecurity pays off. An average data breach costs large enterprises $1.4 million, according to our annual survey. Having a dedicated security operations center (SOC) to detect, analyze, and respond to cybersecurity incidents reduces this number to $675,000 on average.

Q: What are the cyber threats that worry you the most currently?

A: Right now I am worried most about attacks on hospitals and medical organizations worldwide. They are under severe pressure to ensure healthcare processes are functioning and effective. The current cyberthreat circumstances they are facing make this an even greater challenge. The healthcare industry relies on technology connected to the Internet: patient records, lab results, equipment, and hospital infrastructure. All these technologies are vulnerable to cyberattacks. I have said this before and will repeat that cyberattacks on hospitals during the pandemic should be considered cyberterrorism. I hope that together with law enforcement agencies we will track down the attackers and punish them.

Q: What do you wish cybersecurity vendors and the industry in general would do more of and conversely, what do you wish they would do less of?

A: The trends that we have been witnessing in the last few years in the industry are protectionism, balkanization, and fragmentation of the Internet. All this leads to a decline in international cooperation among cybersecurity experts, officials, and law enforcement agencies. The world is extremely disunited and polarized. I'd like to see less of this and more cooperation, because we're all fighting a common enemy: cybercriminals. And they are the only ones who are benefiting from this balkanization and fragmentation.

Q: You recently talked about the world's top hackers and cyber-villains all coming from Russia. Why do you think that has happened?

A: I believe you're not quoting me correctly. I always say that not only the worst cybercriminals come from Russia, but also the best software engineers and R&D experts, thanks to the legacy of really good Soviet, and now Russian, technical education. I hope that the next generation of engineers will inherit this legacy. As far as I know the basics of programming are already implemented in the current middle school program in Russia. This is a good sign.

As regards the initial motivation of the majority of cybercriminals, I think it's the same all over the world and Russian cybercriminals are no exception. They want to earn money and don't care about the morality of their ways of doing so. Unfortunately, the black hats traditionally earn more than the guys fighting them. I think the same is applicable to criminals working offline.

Q: What's your philosophy when it comes to dealing with adversity? Your company has had its share of challenges with the US government in recent years. What's your message to your customers here?

We've never stopped providing our security solutions to US private customers and corporate clients, despite all the false allegations made against our company. I want to remind customers that there was never any evidence of wrongdoing from our side, just opinions based on hearsay; and there never will be any – for there was never any wrongdoing. To tell you the truth, we've left that chapter of the company's history in the past. That probably is the philosophy of dealing with adversity – to keep moving forward, no matter what. Our business is evolving, and we're showing great results.

Related Content:

 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really  bad day" in cybersecurity. Click for more information and to register
Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-6287
PUBLISHED: 2020-07-14
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create a...
CVE-2020-6289
PUBLISHED: 2020-07-14
SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forgery, which could be used to trick user in to browsing malicious site.
CVE-2020-6290
PUBLISHED: 2020-07-14
SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attacker tricks the user into using a specific session ID.
CVE-2020-6291
PUBLISHED: 2020-07-14
SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefore allows unlimited access after authenticating once, leading to Insufficient Session Expiration
CVE-2020-6292
PUBLISHED: 2020-07-14
Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration.