Kaspersky has opened new trust-building facilities for the company’s partners and customers in Italy and the Netherlands. The centers operate within a new format providing customers and partners only with the most popular service — an overview of Kaspersky’s engineering and data processing practices.
The move comes as businesses are showing an increased interest in having confidence in their technology providers, with more than 70% of IT decision-makers declaring strong importance of having the ongoing assurance that the IT solutions they use are operating in a known and trusted state.
The new centers are part of the Kaspersky Global Transparency Initiative (GTI) and aim to open the “black box” of technology, increasing customer confidence in the company’s solutions. With the 2017 launch of the GTI, Kaspersky became the first cybersecurity company to open its source code for external review. The initiative aims to engage the broader community in validating and verifying the trustworthiness of Kaspersky’s products, internal processes, and business operations.
The opening of the new Transparency Centers reflects the company’s ongoing commitment to enhancing transparency and accountability for its customers and partners. Having added new facilities in Utrecht and Rome, Kaspersky now has the biggest network of such centers in Europe, along with hubs in Madrid and Zurich.
Operating in the company’s offices, centers in Rome and Utrecht, open for Kaspersky partners, customers, and government cybersecurity authorities, serve exclusively for the blue piste option, the most sought-after option with Transparency Center visitors since the opening of the first facility in 2018. The blue piste represents a general overview of Kaspersky’s engineering and data processing practices, its products and services. During the visit, partners and customers will be met by a team of Kaspersky experts, who will answer any questions regarding the company’s data processing practices and the functioning of Kaspersky’s solutions, together with a live demonstration of a source-code review.
Kaspersky Chief Business Development Officer Andrey Efremov commented: “Our Global Transparency Initiative has been running for five years. Throughout that journey, we’ve constantly searched for more efficient mechanisms that help our partners and customers enhance trust and assurance in our solutions and services. The launch of new Transparency Centers, based on the company’s vast experience and engagement with businesses worldwide, confirms providing greater transparency about how our technology works and data is treated is critical. Our commitment to providing this transparency continues.”
With the latest addition of two new facilities, Kaspersky now operates nine Transparency Centers in Europe, APAC, North America and Latin America. Earlier opened centers offer additional review options — the red and black piste, which vary in their depth and the level of technical skills required. The first one stands for the review of the most critical parts of the source code, enabling a targeted analysis of a particular functionality[1], while the second one represents the deepest and most comprehensive review of the most critical parts of Kaspersky’s source code.
The new edition of the Transparency report
Another pillar forming Kaspersky’s Global Transparency Initiative is the release of Kaspersky Transparency reports, revealing information on requests received from government and law enforcement agencies, and users for their personal data. The latest report covers the first six months of 2022.
During the first half of 2022, Kaspersky received a total of 89 requests from governments and law enforcement agencies from eight countries (Brazil, China, Italy, Japan, Jordan, Russia, Singapore, and South Korea), a 15% decrease in requests year-on-year (105 requests in H1 2021). As previously, the overwhelming majority — 89% — of requests received were for non-personal technical information, i.e. information facilitating the conduct of investigations into cybercrimes — indicators of compromise (IoCs), information about modus operandi of cyberattackers, output of malware reverse engineering and other results of cyber forensic analysis. As many as 11% of requests asked for user data, with all of them having been rejected. The share of requests for non-personal technical data rose from 85% to 89%. The share of approved requests grew as well: out of all the requests received over H1 2022, 64% were granted. All other requests were rejected either for not meeting legal verification requirements or due to absence of required data.
In addition, as part of its Transparency reports, Kaspersky has been making public information about requests received from users for personal data related purposes — details on where a user’s data is stored, provision or removal of personal information. Kaspersky received 3,285 such requests in the first six months of 2022.
Kaspersky follows its commitment to updating such data every six months and publishes Transparency reports on a regular basis to ensure stakeholders have necessary information and can trust in its solutions. The reports also provide more information on the company’s approach to handling such requests and its principles.