Kaspersky Lab opens new transparency centre in Madrid
Second of such facilities gives stakeholders access to the source code of its products for verification
Kaspersky Lab is opening a second ‘Transparency Centre’ in Europe, giving the company’s partners and government stakeholders access to check the source code of its products.
In December 2017, US President Donald Trump signed into law a legislation that bans the use of Kaspersky Lab products within the U.S. government, amid claims the software was vulnerable to Russian government influence.
The new centre in Madrid, the second one after Zurich, is part of the company’s Global Transparency Initiative – a set of measures by the cybersecurity firm to reassure customers and governments of the integrity of Kaspersky Lab and its products.
In addition to being a code review facility, the new centre will function as a briefing centre where guests will be able to learn more about Kaspersky Lab’s engineering and data processing practices. The centre will open for its first visitors in June.
“We understand that in the current geopolitical climate, when different countries create very different laws related to data processing, some of our partners and clients need as much information as possible in order to make the best possible choice of cybersecurity products and services. We are happy to provide them with such information because this is what the Global Transparency Initiative was originally created for. We are also happy to continue to extend the scope of the initiative and increase the number of measures supporting it,” said Anton Shingarev, Vice-president for Public Affairs at Kaspersky Lab.
Kaspersky Lab’s Global Transparency Initiative was announced in October 2017. As part of the initiative, Kaspersky Lab has started relocating customer data storage and processing infrastructure from Russia to Switzerland. Since November 13, 2018, threat-related data coming from European users is being processed in two datacentres in Zurich. The relocation of file processing is expected to be complete by the end of 2019.
The company has also been working with one of the Big Four professional services firms on an audit of the company's engineering practices around the development and release of its anti-virus bases. This has the goal of independently confirming their adherence with industry security practices. A final SOC 2 (The Service and Organisation Controls) report for this assessment under the SSAE 18 standard (Statement of Standards for Attestation Engagements) is planned for Q2 2019.
Kaspersky Lab has been developing a Bug Bounty program. Since the announcement of the program’s extension, the company has resolved more than 50 bugs reported by security researchers and awarded more than $17,000 in bounty rewards. The company recently extended the scope of products available for review, giving security researchers the possibility to research Kaspersky Password Manager and Kaspersky Endpoint Security for Linux among others.
In addition to the opening of the new Transparency Centre, the company is publishing the results of a voluntary third-party legal assessment aimed at providing an independent evaluation of the obligations the company adheres to in line with Russian legislation, conducted by a prominent Russian and international law expert, Dr. Kaj Hober, Professor of International Investment and Trade Law at Uppsala University in Sweden.
Previously announced plans to open Transparency Centres in Asia and North America by 2020 are still ongoing, the company said.