The Russian approach to tackling data breaches

The Russian approach to tackling data breaches

Summary: Kaspersky Lab co-founder Natalya Kaspersky aims to move beyond the consumer antivirus business by helping companies guard against data breaches

SHARE:
TOPICS: Security
0

Natalya Kaspersky set up antivirus company Kaspersky Lab with then husband Eugene Kaspersky in 1997.

She graduated from the Moscow Institute of Electronic Engineering in 1989 with a degree in applied mathematics and, after graduation, worked as a research assistant at the Russian Central Scientific Design Office.

In 1994, she commenced employment at the KAMI Information Technologies Center, where she managed the antivirus software-development group set up by Eugene. When the two set up Kaspersky Lab three years later, Eugene provided the technical expertise, while Natalya, as chief executive, supplied the business acumen.

In October 2007, however, Natalya relinquished the role of chief executive and became chairperson instead. At the same time, she also assumed the chief executive position at InfoWatch, a Kaspersky sister company, established in 2003.

ZDNet.co.uk caught up with Natalya, now divorced from Eugene, at the Infosecurity Europe event in London last week to find out how her mainly consumer-focused company is looking to help businesses with data security.

Q: A lot of people might be familiar with the Kaspersky brand but your InfoWatch business is not so well known.
A: Kaspersky now has about 900 staff and a growth rate of 140 percent, but it faced serious challenges to maintain this. The company really needed to look to the future and address other opportunities, one of which is the market for information-leakage detection and prevention, which is where InfoWatch, the daughter company of Kaspersky Lab operates.

InfoWatch on its own requires a lot of attention and organisational change and, at the end of 2007, it became clear that the company needed a new manager. I saw this as a challenge and so became a co-investor and chief executive because I wanted to turn it into a successful company.

How big is InfoWatch at the moment?
It's currently growing at 200 percent because it's small and is essentially a start-up with 50 people, but it accounts for less than five percent of our total revenues right now. InfoWatch only has customers in Russia at the moment [such as the Russian Federal Customs Service and the Transneft oil-transportation business], but we also have plans to expand internationally, which is one of the reasons I'm here [at Infosecurity Europe]: to present the company to the UK market with my colleagues.

We don't expect to see quick results with InfoWatch in the UK, however, because the market is tough and conservative. We've already tried with Kaspersky Lab and we've got a foot in the door, but it's about long-term, not short-term, strategies. But we don't intend to set up a separate company in the UK because Kaspersky Lab already operates here and we'll work out of their office.

At the same time, however, the channel to market and sales cycle of the two companies is different, so we'll try to find pilot customers and work with them to understand their requirements and slowly extend things from there.

How does InfoWatch differ from Kaspersky?
InfoWatch's goal is to deal with information-leakage detection and prevention, and that's a big issue at the moment because of high-profile data-loss incidents like the one at HM Revenue & Customs. The system tries to prevent things like that happening by monitoring the internal activity of a company and, technology-wise, it's one of the most advanced.

We put infrastructure on servers so that it can monitor outbound network traffic, such as email, and we also put agents on desktop machines to monitor client activity. But the system also covers a full channel of major escape routes, such as USB devices and printing.

Because all of the information goes into a central database, however, companies have three options. The first is to block the delivery of information if it's considered controversial, the second is to let it go through and the third is to analyse it so that a decision can be made on what to do.

Also, because all of the information provided by the monitoring activity is uploaded into a database, it can be analysed post factum if something happens, so that you can trace who caused the problem. That's very important, as it differentiates us from rivals, such as Websense, that miss the storage element.

Why was InfoWatch set up as a separate company from Kaspersky Lab?
Kaspersky Lab is a more consumer-focused company, while InfoWatch is completely focused on the enterprise, where Kaspersky Lab has little presence. So they operate in different markets. InfoWatch is also more of a consultancy sell and so, from that perspective, Kaspersky Lab can't help much.

What we would like to do, however, is to develop an integrated solution for small to medium-sized businesses in future. So our technical departments are talking to see if we can find a way to do it, but it's not definite yet.

The antivirus sector is totally different from the information-leakage detection and prevention market though, and it's a tough place to be. The global market has been getting slower over the last few years as, essentially, everyone has antivirus software and it's becoming more and more difficult to get new customers. The enterprise market is only growing at about three to five percent, while the consumer market is showing double-digit growth, but I don't know how long it will stay that way.

Read this

Special report

Special report: Data breaches

How to protect your company from data-breach liability

Read more

That's why we decided to push into the retail market in Europe and we've put so much effort into our channel strategy and geographic expansion. Kaspersky Lab makes over 60 percent of its revenues from the consumer market and that will continue for some time, but we hope our efforts in the enterprise market will pay off eventually.

We're also trying out a new business direction and so we launched a managed service in the UK this year. We already have 60 customers but it's a difficult market and it's too early to judge how important it will become.

Our strategy is to grow from the small to medium-sized business market to the enterprise level by communicating with customers and getting references from them explaining how [we offer] a superior product. So our pitch is about quality, marketing and growth. It won't give an immediate return but it will help us to maintain our fast growth rates.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion