sb-nz logo
Story image

Exclusive: The major risks of cyber Balkanization

Recently IT Brief had the opportunity to sit down with Anton Shingarev, VP of public affairs for Kaspersky to discuss some of the major risks of Balkanization to the cyber world. 

Can you tell me a bit more about Balkanization in the internet space? 

What we find is that the cyber world is falling apart. The united internet world is ceasing to exist. There are a few reasons why it's happening. 

You're from New Zealand? You may think come on, we are from New Zealand a remote country with no major enemies, who needs or who cares about us? 

In the modern interconnected world, you can be a very far remote peaceful country, but you can still be attacked, it can be collateral damage, it can be just random for criminals who want money, you can still be a victim. The whole country can be paralyzed, it’s a theoretical example but it can happen. 

The WannaCry attack that happened last year was a good example. Some industries were paralyzed. Myers, which is a huge transnational company was paralyzed for a week and many other companies were paralyzed, so the virus can disrupt the country and it can disrupt the economy. 

Congress finally realised that and they're scared and the natural response is to build walls and that’s why the world has fallen into many, many small pieces.

Why do you think governments are increasingly drawn to the idea of isolation? 

As I said, it's natural. When they see the threat, how can they then protect themselves from that? We think these stakeholders, the regulators think, okay, we need to impose new strict regulations and it's going to help. Sometimes it does help, but it’s not really a permanent solution. 

Once again, an example of New Zealand, there are hardcore laws in terms of bringing in foreign species. It's done to protect your unique ecosystem but you can’t do the same for the internet, right? You can’t say ‘dear hackers’, you need to check the file before sending it, please. 

So how do you overcome the challenge of governments closing themselves off? 

I would say that it goes in waves. Before everything was allowed. You could do whatever you want. You could collect as much data as you want, you could store it, whatever you want. Now, governments realize, okay, wait a minute, hold on, we need to control it. 

We aim to find a balance. So our approach is that when we're talking to governments, like regulators in Australia, we say, look, yes, there are new rules of the game so let's find them together.

What kinds of laws do governments commonly implement? 

It's about data localisation. How you store data and process data in specific territories, it's about what you can share, what is critical national infrastructure in terms of it, how you should protect it, what are the fines, what are the requirements. But like I said this kind of closing off is not great.

Can we talk a bit about GDPR, this has undoubtedly been one of the most commonly discussed initiatives, what is your opinion on it?  

I believe it's good, the intention is good. I've heard that it was one of the most discussed laws in European Union history, there were something like 1,000 amendments. It took about 7 years for the law to finally come into effect, so some parts of it are already outdated. 

But overall I think it’s a good law because it's a very clear signal, we're gonna protect the data of our users, you cannot do with data whatever you want. It's a good point to start, it should continue to evolve in my opinion. 

And there is a big discussion on EU privacy legislation right now. So I mean, if this the right direction, and also this is a good example for countries that don’t have similar laws yet, they can draft their own new laws based on GDPR.

As a cyber security company, what are some of the biggest issues Kaspersky faces when it comes to interacting with regulations and governments? 

A lack of clear rules and principles. Rules and laws are good if they exist, even if they're bad, at least there are rules. We can either follow them and operate in the country or if there are rules that are not acceptable to us, we just don’t operate there. But if there is a country without rules, we don't know how to operate and it creates uncertainty, which is bad.

So really for us, it’s all about understanding the rules and regulations of a government and that’s why having candid discussions with them is so important.

Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More
Story image
Almost a third of malware threats previously unknown - HP report
A new report has found 29% of malware captured was previously unknown due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection. More
Story image
Interview: SAS outlines the seven AI-based trends you'll see in 2021
Artificial intelligence has, let's face it, been the subject of much hype, of experimentation, and in some cases, pipe dreams.More
Story image
ABB and Nozomi Networks extend collaboration, deliver improved OT security solutions
"With Nozomi Networks solutions added to our cybersecurity portfolio, our customers gain proven network monitoring and threat detection technology."More
Story image
Addressing the challenges of least privilege access
Enforcing the right privilege policies across the environment with the right visibility and observability will ensure that the policy mandates hold tight against any behaviour changes.More