Exclusive: The major risks of cyber Balkanization
Recently IT Brief had the opportunity to sit down with Anton Shingarev, VP of public affairs for Kaspersky to discuss some of the major risks of Balkanization to the cyber world.
Can you tell me a bit more about Balkanization in the internet space?
What we find is that the cyber world is falling apart. The united internet world is ceasing to exist. There are a few reasons why it's happening.
You're from New Zealand? You may think come on, we are from New Zealand a remote country with no major enemies, who needs or who cares about us?
In the modern interconnected world, you can be a very far remote peaceful country, but you can still be attacked, it can be collateral damage, it can be just random for criminals who want money, you can still be a victim. The whole country can be paralyzed, it's a theoretical example but it can happen.
The WannaCry attack that happened last year was a good example. Some industries were paralyzed. Myers, which is a huge transnational company was paralyzed for a week and many other companies were paralyzed, so the virus can disrupt the country and it can disrupt the economy.
Congress finally realised that and they're scared and the natural response is to build walls and that's why the world has fallen into many, many small pieces.
Why do you think governments are increasingly drawn to the idea of isolation?
As I said, it's natural. When they see the threat, how can they then protect themselves from that? We think these stakeholders, the regulators think, okay, we need to impose new strict regulations and it's going to help. Sometimes it does help, but it's not really a permanent solution.
Once again, an example of New Zealand, there are hardcore laws in terms of bringing in foreign species. It's done to protect your unique ecosystem but you can't do the same for the internet, right? You can't say 'dear hackers', you need to check the file before sending it, please.
So how do you overcome the challenge of governments closing themselves off?
I would say that it goes in waves. Before everything was allowed. You could do whatever you want. You could collect as much data as you want, you could store it, whatever you want. Now, governments realize, okay, wait a minute, hold on, we need to control it.
We aim to find a balance. So our approach is that when we're talking to governments, like regulators in Australia, we say, look, yes, there are new rules of the game so let's find them together.
What kinds of laws do governments commonly implement?
It's about data localisation. How you store data and process data in specific territories, it's about what you can share, what is critical national infrastructure in terms of it, how you should protect it, what are the fines, what are the requirements. But like I said this kind of closing off is not great.
Can we talk a bit about GDPR, this has undoubtedly been one of the most commonly discussed initiatives, what is your opinion on it?
I believe it's good, the intention is good. I've heard that it was one of the most discussed laws in European Union history, there were something like 1,000 amendments. It took about 7 years for the law to finally come into effect, so some parts of it are already outdated.
But overall I think it's a good law because it's a very clear signal, we're gonna protect the data of our users, you cannot do with data whatever you want. It's a good point to start, it should continue to evolve in my opinion.
And there is a big discussion on EU privacy legislation right now. So I mean, if this the right direction, and also this is a good example for countries that don't have similar laws yet, they can draft their own new laws based on GDPR.
As a cyber security company, what are some of the biggest issues Kaspersky faces when it comes to interacting with regulations and governments?
A lack of clear rules and principles. Rules and laws are good if they exist, even if they're bad, at least there are rules. We can either follow them and operate in the country or if there are rules that are not acceptable to us, we just don't operate there. But if there is a country without rules, we don't know how to operate and it creates uncertainty, which is bad.
So really for us, it's all about understanding the rules and regulations of a government and that's why having candid discussions with them is so important.