Thursday, September 17, 2020

Natalya KASPERSKAYA, "The concept of" Cybersecurity "is not regulated by law

PRESIDENT OF THE INFOWATCH GROUP OF COMPANIES, CO-FOUNDER OF KASPERSKY LABORATORY

She was born in 1966 in Moscow. Graduated from the Moscow Institute of Electronic Engineering (MIEM) with a degree in Applied Mathematics. In 1997 she founded Kaspersky Lab and became its CEO. For 10 years, under the leadership of Natalia, Kaspersky Lab has transformed from an unknown startup into a bright leader in the international IT market with a half-billion (in dollar equivalent) turnover. In 2007, Natalya Kasperskaya became the head of InfoWatch, which develops innovative solutions to protect corporations from the most pressing internal and external threats.

Natalya Kasperskaya actively invests in the development of high-tech companies, is a member of the Grant Committee of the Skolkovo Foundation, a board member of the Association of Software Developers (ARPP) "Otechestvenny Soft", a member of the Expert Council on Russian software under the Ministry of Communications and Mass Media. Heads the subgroup "Internet + Society" under the Presidential Administration, created in pursuance of the list of instructions of the President of the Russian Federation dated January 29, 2016. Expert of the professional organization of security officers BISA. Natalya Kasperskaya is a laureate of the Women in Technology competition in the Middle East in the Best Technology Business Entrepreneur nomination and other international competitions. In 2016, she became the winner of the national stage of the Entrepreneur of the Year international competition and the winner in the High Technologies nomination computer engineering career.

In 2017, Natalya Kasperskaya was recognized by the expert community as the Person of the Year 2016 in the IT and telecom industry as part of the Best in Russia business award. In March 2017, she was included in the "30 Most Inspiring Business Leaders" rating by Insights Success magazine.

Ed. - Natalia, good afternoon. Today, there are a large number of issues related to both the information security of individuals and the state. How protected is the domestic public sector from data leakage, if we consider the problem in an international context? And how to deal with the violation of the privacy rights of individuals? 

N.K. -In a country where most information security tools do not belong to a domestic manufacturer, but are purchased abroad, it is rather problematic to talk about security issues. If from the point of view of software, we can at least theoretically provide ourselves, then from the point of view of "hardware" the situation is rather sad. And in different areas - from mobile devices, smartphones and ending with heavy servers. There are separate companies that are engaged in assembly. But this is assembly, not production. Since the key component is the availability of its own research and production base. In the Soviet Union, there was a powerful scientific and practical reserve for the production of microelectronics. Perhaps Soviet production lagged slightly behind Western counterparts - but it was its own. Now we are in serious dependence. The problem with this, firstly, is that someone else's "hardware" can contain unwanted elements or bookmarks, which entail negative consequences up to the immediate termination of foreign software in Russia. In fact, all modern equipment, as a rule, has built-in antennas and is somehow connected to the Internet. Today, the topic of the Internet of Things is very fashionable, which is increasingly being introduced into our lives. I often have a question: why does a kettle need the Internet? But this is a modern trend. However, this small improvement in functionality comes with very serious risks. The presence of a radio antenna in one or another component makes it possible to talk about the possibility of influencing it from the outside. that someone else's "hardware" may contain unwanted elements or bookmarks, which entail negative consequences up to the simultaneous termination of the operation of foreign software on the territory of Russia. In fact, all modern equipment, as a rule, has built-in antennas and is somehow connected to the Internet. Today, the topic of the Internet of Things is very fashionable, which is increasingly being introduced into our lives. I often have a question: why does a kettle need the Internet? But this is a modern trend. However, this small improvement in functionality comes with very serious risks. The presence of a radio antenna in one or another component makes it possible to talk about the possibility of influencing it from the outside. that someone else's "hardware" may contain unwanted elements or bookmarks that entail negative consequences up to the simultaneous termination of the foreign software on the territory of Russia. In fact, all modern equipment, as a rule, has built-in antennas and is somehow connected to the Internet. Today, the topic of the Internet of Things is very fashionable, which is increasingly being introduced into our lives. I often have a question: why does a kettle need the Internet? But this is a modern trend. However, this small improvement in functionality comes with very serious risks. The presence of a radio antenna in one or another component makes it possible to talk about the possibility of influencing it from the outside. all modern equipment, as a rule, has built-in antennas and is somehow connected to the Internet. Today, the topic of the Internet of Things is very fashionable, which is increasingly being introduced into our lives. I often have a question: why does a kettle need the Internet? But this is a modern trend. However, this small improvement in functionality comes with very serious risks. The presence of a radio antenna in one or another component makes it possible to talk about the possibility of influencing it from the outside. all modern equipment, as a rule, has built-in antennas and is somehow connected to the Internet. Today, the topic of the Internet of Things is very fashionable, which is increasingly being introduced into our lives. I often have a question: why does a kettle need the Internet? But this is a modern trend. However, this small improvement in functionality comes with very serious risks. The presence of a radio antenna in one or another component makes it possible to talk about the possibility of influencing it from the outside. However, this small improvement in functionality comes with very serious risks. The presence of a radio antenna in one or another component makes it possible to talk about the possibility of influencing it from the outside. However, this small improvement in functionality comes with very serious risks. The presence of a radio antenna in one or another component allows us to talk about the possibility of influencing it from the outside.  

Ed: - Can we programmatically prevent the enemy from accessing our devices, install an antivirus that will prevent the sending of any information to the conditional iPhone?

N.K .:  - The problem is that, as a rule, all antiviruses and similar products work at a higher level. Yes, there is hardware - this is a very low level, the level of software commands. There is an operating system level, and a higher level. Anything above the operating system are the applications that people usually work with. Hardware bookmarks are created at the hardware level. And if you work at a higher level, then no matter how hard you try, you cannot penetrate to a lower level.

Cybersecurity: How to Protect Yourself from Internet Attacks

Ed: - You quite often suggest specifying the very definition of information security. Does the country understand the range of threats it may face? 

N.K .: - The concept of "cybersecurity" is key in the modern system of identifying threats. We have a rather paradoxical situation in our country - with the fact that there are cyber threats, but there is no concept of cyber security as such. More precisely - it seems to exist, but is not legally defined. At the same time, when we say "cyber threat" or "cyber security", everyone understands perfectly what we are talking about. However, it is not legally defined. There is the concept of "Information Security": this is a collection of information that must be protected by certain principles: integrity, confidentiality, availability. For example, there may be a virus attack that does not violate the confidentiality of information. Or maybe a Trojan virus - which simply infiltrates corporate software and observes. And from this point of view, he is not an obstacle. And this is a rather strange situation - since viruses and other threats, like bookmarks, must be specially identified. For example, the United States is conducting separate cyber troop exercises. And even in this respect we have some uncertainty. And I absolutely do not understand why we cannot legally legalize this concept. The problem is supposedly not officially worth it - although the number of viruses we have is no less than that of other threats. why we cannot legally legalize this concept. The problem is allegedly not officially worth it - although the number of viruses we have is no less than that of other threats. why we cannot legally legalize this concept. The problem is supposedly not officially worth it - although the number of viruses we have is no less than that of other threats.

No comments:

Post a Comment

Server management systems

Enterprises receive the services and functions they need (databases, e-mail, website hosting, work applications, etc.) for their corporate I...