Kaspersky CEO: Open your source codes to win governments’ trust
Rather than let their paranoia stew, governments concerned about security should ask technology companies to open up their systems and source codes for inspection. And with 5G networks enabling larger volumes of data to be transmitted and processed via the cloud, IT vendors increasingly will need to provide such options to allay business concerns about security.
5G networks would drive greater connectivity, linking more devices and consumers, and send more data into the cloud, according to Eugene Kaspersky, CEO and chairman of Kaspersky Lab. Web-connected coffee machines and refrigerators would transmit information about what consumers drank and ate, and connected vehicles would offer data about how consumers moved during the day.
“So all the information is in the cloud and 5G is the carrier of this,” Kaspersky said in an interview with ZDNet.
With so much data being processed across devices and analysed over the cloud, he underscored the need for global technology providers to operate “transparency centres” so they could establish trust amongst enterprise customers and consumers.
These facilities would allow governments and enterprises to review the source codes of systems they were evaluating or planned to deploy as well as assess the vendor’s internal processes, he said, pointing to Kaspersky’s own efforts in this area. The Russian tech company opened its first transparency centre in Zurich last year, moving its core processes from Moscow to the Swiss city.
Plans were underway to open another such facility in Madrid, with a third to follow in Southeast Asia, according to Kaspersky, who said Singapore and Malaysia were amongst markets it was evaluating as a possible location for the region. He added that a facility would be established in the first half of this year to support the needs of private enterprises, noting that the Zurich site mainly catered to government requests.
Kaspersky uses the transparency centres to process data it manages for its clients as well as enable companies and governments to review the vendor’s product source codes. It also allows researchers to identify bugs and ways to optimise its products, he said.
He also suggested that, in future, there would be need for these centres to be separately located in every nation in which customers operated.
In fact, any government that was uncertain about a piece of technology or product should ask the vendor to open up its source codes for inspection, said Kaspersky, when asked for his advice on how governments should resolve security fears about certain IT systems, such as the US government’s apparent anxiety about Huawei’s 5G equipment.
He added that Huawei had made their source codes available to the UK and German governments for review.
He also urged businesses to bulk up on their cyber “immunity”, so the cost of a cyberattack would become so expensive that hackers would not think it worthwhile to invest their efforts to launch an attack in the first place.
Kaspersky Lab sees little prospect of the US government lifting the ban on using its security products.
Kaspersky Lab also plans to move the tools and systems used to compile products from its source code to the country.
5G networks create new security concerns but the UK says its monitoring regime can manage the risks.
“China has taken the lead in 5G development,” warns new report – and the US is worried about allies using Chinese 5G networks.
The old certainties about where technology comes from are going away. That means tough choices ahead.