News about Kaspersky has hit the headlines again this month after first surfacing in September 2017 with regard the US. That followed further intervention after the software manufacturer was originally removed from a list of approved vendors in July. Back then, there was a concern that the Russian administration could use the software to gain entry in to U.S. networks or U.S. government agencies.
In September, agencies were given 30 days to identify the products being used and a further 60 – 90 days to stop the use and remove and/or replace with another provider.
On Friday the National Cyber Security Centre (NCSC) issued a letter to permanent secretaries regarding the “issue of supply chain risk in cloud-based products”. This letter, whilst not specifically aimed at Kaspersky, calls in to question the origins of the software.
This was also highlighted in a blog by Dr Ian Levy, Technical Director, NCSC. However, it should be noted that he also says that the biggest risk to most organisations remains:
- not keeping software up to date;
- poor network configuration management;
- poor credential management.
Coming back to the Antivirus software. The letter points out that for Antivirus software to be really effective it has to do two things:
(a) be highly intrusive within a network so it can find malware, and
(b) be able to communicate back to the vendor so it knows what it is looking for and what needs to be done to defeat the infiltration.
“Russia is acting against the UK’s national interest in cyberspace” said the UK Prime Minister in her Guildhall Speech earlier this year. If we combine all this together, it leaves us a little uncertain as to what should be done. There are obviously choices.
If you don’t have anything you think would be of advantage to anyone else, you can continue with your current provider. However, if you have any concerns, you might want to think about changing.
Secon Cyber Security works with a number of Anti-Virus software vendors. Trend Micro, one of the key strategic partners, has a full suite of products. From an endpoint perspective they have their Smart Protection Complete Suite as well as individual products to address specific areas, be that Antivirus, encryption, web, email or something else. These are recommended by Gartner, Forrester, AVTest and others.
Trend Micro also have their own Smart Protection Network which monitors all the endpoints that are installed and shares information from all of them to make better decisions. This means they are able to Collect, Identify and Protect. This, combined with their acquisition of Tipping Point in 2016 (and DVLabs) and their Zero Day Initiative (which has been around since 2005) makes them a leader in protecting the endpoint.
Trend Micro don’t just focus on user protection though. They have a full suite designed to protect servers, data centres, on premise, cloud and networks. Some of their solutions can be used in conjunction with, and to supplement, your existing endpoint protection.
Finally, Trend Micro is NSS Labs Recommended 4 years in a row with 100% Breach Detection rate, which makes it the perfect choice for the Enterprise or at home.
Secon Cyber Security are a Trend Micro Gold Partner with a 17-year relationship. Talk to us on how we can help you with a Trend Micro solution that meets your needs including help with the installation and configuration of any Trend Micro product. This includes our bespoke Managed Detection and Response service (MDR) which collects the logs and events from your Antivirus solution and is monitored by our Security Operations Centre 24 x 7, 365 days per year.