Kaspersky Lab’s Senior Security Researcher David Emm talks to TeckComesFirst about working at Kaspersky, what they’re doing in the mobile space and more.
1) Can you introduce yourself and say what you exactly do at Kaspersky day to day?
2) What was your first day at Kaspersky like?
3) In the 9 years you’ve been there, what is/are your biggest accomplishment/s?
4) In the past, I found the system usage of Kaspersky products quite high (as has been the case with some other AV’s I’ve tried too), how have you tackled this problem in the recent years?
5) In your own opinion, what do you think about the issues involved with Mobile Security and what is Kaspersky doing in the mobile space to address this issue?
First, mobile devices are now a mainstream part of business, making ‘always-on’ staff productive wherever they happen to be and at whatever time of the day it is. So there’s no longer a fixed work place. As a result, security is having to change, from defending a traditional network perimeter to putting a ‘security wrapper’ around every employee, wherever they work and whatever device they’re using.
Second, many companies allow staff to use their own devices at work – either as a work device, or in addition to their company device. The result is a blending of business and personal data and activity that can affect corporate security. Consider, for example, what happens if a device is lost or stolen: does the company have the right, or the technical capability, of remotely wiping data on the device.
Third, mobile devices can be lost or stolen very easily. This has clear implications for businesses – the risk of confidential data leakage. But there are also implications for individuals. If I lose my device, and it’s not protected with a PIN or passcode, anyone can access my online accounts, e-mail, etc. and steal my online identity.
Fourth, although they are powerful computers, we still think of smartphones as *phones*, i.e. we don’t necessarily realise the security implications of using the device.
Fifth, with all of the above issues as a context for using mobile devices, we’ve seen an exponential rise in mobile malware over the last two years. We saw the same volume of threats in 2011 that we saw in the period 2004-10. And in 2012 we saw six times the volume that we saw in 2011. The reason for this is clear – there is valuable data held on mobile devices and we’re using them to conduct transactions that can generate value for cybercriminals. It’s not only the fact that we can bank and shop using a mobile device. It’s also that we’re using them to access social networks and other public forums. Cybercriminals rely on harvesting personal information to set up the increasing number of targeted attacks on organisations. So gaining access to a mobile device is very worthwhile to a cybercriminal.
6) How is the working experience different at Kaspersky compared to McAfee where you worked previously?
7) How does Kaspersky deal with zero day malware?
You can find an overview of the technology here and also here.
As an indication of its effectiveness, AEP was able to block this Java zero-day:
and one of the exploits used in the Red October campaign:
8) Do you collaborate with your rivals on dealing with high risk/serious viruses?
9) When we briefly spoke, you mentioned Kaspersky sandboxes websites to prevent ID Theft; can you elaborate about how this works exactly and how effective it is?
10) What is the one breakthrough feature that Kaspersky offers compared to the rivals, which would act as an incentive for anyone to try out your software?
First, it’s not just about this or that individual feature that enhances security – although I’ve talked about some specific technologies above. It’s the smart integration of these technologies and their implementation in a way that doesn’t put an undue load on the computer. So what we’re seeking to do is to define the overall reputation of an application, based on everything we know about it.
Second, this relies not only on what we install on the computer itself, but on the computer’s integration into the Kaspersky Security Network, our global, cloud infrastructure. This is our ‘eye in the sky’, giving us visibility into what’s happening around the world. So what’s seen in one place allows us to enhance security for everyone tapped into the system (i.e. anyone using Kaspersky Lab products who’s opted to be part of the system).
Third, it’s about delivering an overall service to customers. As well as what we believe is top-notch protection technologies, it means being at the end of the phone when someone needs help (as well as the other avenues of support we provide).
Fourth, I work for Kaspersky Lab, so I wouldn’t expect anyone to simply take my word for the quality of the product. But what people can do is to look at our consistent track record in independent tests – such as those conducted by AV-Test and AV-comparatives.
11) Anything you can tease about Kaspersky Internet Security 2014?
Look out for a new interview every 2nd Tuesday of the month here on TeckComesFirst! #TalkToTCFTuesdays
Questions were chosen by both co-founders of TeckComesFirst; Purav and Usman.
Stay tuned for a giveaway of Kaspersky PURE, we’ll have 5 copies to give away for our UK and US readers.
Notable Accolades for this article: Kaspersky UK Twitter Kaspersky Twitter