Kaspersky Lab has announced the launch of itsĀ Global Transparency Initiative, in a bid to protect customers from cyber threats, regardless of their origin or purpose.
The antivirus and software security company will engage the broader information security community and other stakeholders in validating and verifying the trustworthiness of its products, internal processes, and business operations, as well as introducing additional accountability mechanisms.
The company intends to provide the source code of its software ā including software updates and threat-detection rules updates ā for independent review and assessment.
Kaspersky believes that increased cooperation to protect cyber space is more crucial than ever, because of the frenetic pace of both ICT deployment and the expansion of the threat landscape.
The initial phase of Kaspersky LabāsĀ Global Transparency InitiativeĀ includes:
- The start of an independent review of the companyās source code by Q1 2018, with similar reviews of the companyās software updates and threat detection rules to follow
- Ā The commencement of an independent assessment of (i) the companyās secure development lifecycle processes, and (ii) its software and supply chain risk mitigation strategies by Q1 2018
- The development of additional controls to govern the companyās data processing practices in coordination with an independent party that can attest to the companyās compliance with said controls by Q1 2018
- The formation of three Transparency Centres globally, with plans to establish the first one in 2018, to address any security issues together with customers, trusted partners and government stakeholders. The centres will serve as a facility for trusted partners to access reviews on the companyās code, software updates, and threat detection rules, along with other activities. The Transparency Centres will open in Asia, Europe and the U.S.by 2020
- The increase of bug bounty awards up to Ā£75,000 (US$100,000) for the most severe vulnerabilities found under the companyās Coordinated Vulnerability Disclosure program to further incentivise independent security researchers to supplement our vulnerability detection and mitigation efforts, by the end of 2017
Eugene Kaspersky, CEO of Kaspersky Lab, said:Ā āInternet balkanisation benefits no one except cyber criminals. Reduced cooperation among countries helps the bad guys in their operations, and public-private partnerships donāt work like they should. The internet was created toĀ unite people and share knowledge.
“Cyber security has no borders, but attempts to introduce national boundaries in cyberspace is counterproductive and must be stopped. We need to reestablish trust in relationships between companies, governments and citizens.
āThatās why weāre launching this Global Transparency Initiative: we want to show how weāre completely open and transparent. Weāve nothing to hide. And I believe that with these actions weāll be able to overcome mistrust and support our commitment to protecting people in any country on our planet.ā
Written from press release by Leah Alger