Two new transparency centers in Rome and Utrecht allow Kaspersky customers and partners, as in the seven existing global centers, to get an overview of development and data processing practices at Kaspersky.
The opening of the two additional centers in Italy and the Netherlands is part of Kaspersky's Global Transparency Initiative (GTI), which the cybersecurity provider launched back in 2017. Kaspersky also publishes its current transparency report, which includes information on the inquiries made in the transparency centers.
Trust plays a big role
Trust in technology service providers is playing an increasingly important role for companies [1]. More than 70 percent of IT decision-makers state that it is very important to them to always have certainty about the correctness and trustworthiness of the IT solutions they use. The newly opened Transparency Centers are part of Kaspersky's Global Transparency Initiative[2] and aim to open the "black box" of technology and increase customer confidence in the company's solutions. Kaspersky is the first provider of cyber security solutions to make its source code available for external reviews. The products, internal processes and business activities of Kaspersky are thus disclosed to an extended circle of interested parties who can convince themselves of their trustworthiness.
With the opening of these two additional transparency centers, Kaspersky shows its ongoing commitment to the greatest possible openness and its self-imposed commitment to customers and partners. Together with the centers in Zurich and Madrid, Kaspersky now has the largest network of such centers in Europe.
"Blue Piste" option provides an overview of data processing practices and how the products work
The transparency centers in Rome and Utrecht are located in Kaspersky's local offices, which are now also open to partners, customers and government regulators. Interested parties will only be offered the "Blue Piste" option, which has been the most popular since the opening of the first transparency center in 2018. This provides a general overview of Kaspersky's development and data processing practices as well as its products and services. During the visit, a dedicated Kaspersky team will be available to partners and customers to answer any questions they may have about data processing practices and how Kaspersky solutions work. A live demonstration of a source code review can also be shown there.
Global Transparency Initiative
“We launched our Global Transparency Initiative five years ago. Since then, we've been looking for newer, more efficient ways to give partners and customers even more confidence and certainty about our solutions and services," said Andrey Efremov, Chief Business Development Officer at Kaspersky. “The opening of new visibility centers builds on our breadth of experience and ongoing commitment to our enterprise customers around the world, and confirms that it is vital to create more transparency about how our technology works and how data is being handled. Our commitment to this transparency continues.”
Kaspersky now has nine Transparency Centers worldwide in Europe, APAC, North America and Latin America. In addition to the recently opened centers, further review options are offered there. The "Red Piste" and the "Black Piste" differ in their depth and the required technical knowledge. With the red runway, the most critical parts of the source code are examined and the analysis of a special function is allowed. This "Red Piste" code review is being conducted for consultation purposes only and with the strictest access restrictions to rule out any possibility of modification. The "Black Piste" stands for the deepest and most comprehensive review of the particularly critical parts of the Kaspersky source code.
Current transparency report for the first half of 2022
Kaspersky's GTI also includes the regular publication of the transparency report. This contains information on requests that government and law enforcement agencies make to the company, but also requests from home users regarding the handling of their user data. The latest and most recently published report [3] relates to the first half of 2022.
In the first half of the year, Kaspersky received a total of 89 requests from government and law enforcement agencies in Brazil, China, Italy, Japan, Jordan, Russia, Singapore and South Korea. Compared to the same period of the previous year with 105 inquiries, this means a decrease of 15 percent. As in the past, the vast majority of requests (89 percent) were for technical expertise, such as information to support cybercrime prosecution, Indicators of Compromise (IoC), information on cybercriminals' modus operandi, reverse results Engineering malware or other forensic analysis findings. The other 11 percent related to requests for user data, all of which were denied. The proportion of inquiries about technical know-how rose from 85 percent to 89 percent. The proportion of approved inquiries also rose to 64 percent. The remaining inquiries were rejected because they either did not meet the legal obligations to provide evidence or the required data was not available.
Personal data, location of storage
In addition, the transparency report contains information on inquiries that Kaspersky has received from users regarding the handling of personal data - i.e. details on the location of storage, as well as on the provision and deletion of personal data of users. Kaspersky received 3.285 inquiries about this in the first six months of this year.
Kaspersky will continue to publish this data every six months as part of its Transparency Report. This is to ensure that everyone involved receives the information they need and can trust the company's solutions. In addition, the reports provide information on how inquiries are handled in the company and the underlying principles. All of Kaspersky's transparency reports can be viewed online.
[1] https://newsroom.intel.com/wp-content/uploads/sites/11/2021/03/2021-intel-poneman-study.pdf[2] https://www.kaspersky.de/about/transparency
[3] https://media.kaspersky.com/en/reports/law-enforcement-and-government-requests-report-h2-2021.pdf< More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/