The recent decision by Kaspersky to exit the U.S. market has left many American midmarket companies in a state of uncertainty. The Russian cybersecurity firm announced its departure following the U.S. Commerce Department’s impending ban on Kaspersky’s antivirus software, effective July 20, due to concerns over the company’s ties to Moscow, Russia. This blog post delves into the implications of Kaspersky’s exit and offers guidance for midmarket IT leaders.
The Background: A Move Driven by National Security Concerns
Kaspersky’s decision to withdraw from the U.S. market comes after years of scrutiny and legal restrictions. The U.S. government has been wary of the potential national security risks posed by Kaspersky’s ties to the Russian government. This concern led to the ban on using Kaspersky Antivirus on government devices and networks in 2017. The latest move intensifies these measures by banning sales, downloads, resales, and licensing of Kaspersky products starting September 29.
Immediate Reactions from the Midmarket
A small survey conducted by MES Computing revealed that 25% of the eight midmarket IT decision-makers interviewed are currently using Kaspersky Lab software and are now seeking alternatives. One anonymous respondent, whose company does not use Kaspersky, supported the move away from Russian, Chinese, or North Korean products given the current political climate. However, those currently using Kaspersky declined to comment further, indicating the sensitivity and complexity of the situation.
The Scope of Kaspersky’s Presence
While the exact number of U.S. customers using Kaspersky Security remains unclear, the company claims to protect 400 million individuals and 220,000 companies worldwide. The impact of Kaspersky’s exit on these customers, particularly midmarket firms, will be significant as they navigate the challenges of transitioning to new cybersecurity solutions.
Challenges of Transitioning to New Software
Craig Ballard, Cybersecurity Manager at Mesilla Valley Transportation in Las Cruces, NM, expressed surprise that the ban on Kaspersky took so long to be enforced. He acknowledged the difficulties organizations face when migrating to a new antivirus platform.
Rob Fitzgerald, Field Chief Information Security Officer at Blue Mantis, emphasized the complexities involved in such a migration. Organizations with multi-year contracts will break these agreements and secure funding for new, government-approved software. Moreover, vetting, installing, and configuring new software while ensuring it meets organizational needs without major system changes is no small feat.
Legal and Strategic Considerations
Kaspersky initially stated it would explore all legal options to maintain its U.S. operations, but this stance has shifted with the decision to exit the market. Grant Neeley, Ph.D., Professor of Political Science at the University of Dayton, pointed out that national security interests often bypass legal justification, reinforcing the government’s authority.
Action Plan for Midmarket IT Leaders
In light of Kaspersky’s exit, cybersecurity experts like Neeley and Fitzgerald suggest several steps for midmarket IT leaders to take:
1. Develop a Comprehensive Plan
The urgency of the situation requires immediate planning. IT leaders should begin by identifying alternative security solutions, mapping out where Kaspersky is currently deployed, and devising a strategy for a seamless transition. Early planning can mitigate potential disruptions and ensure continuous protection against ransomware.
2. Communicate with Leadership
Open communication with the C-suite is crucial. IT leaders must inform executives about the unexpected costs and potential disruptions associated with the transition. Transparent discussions will help secure the necessary resources and support for a smooth migration.
3. Assess the Existing Infrastructure
A thorough assessment of where Kaspersky software is deployed within the organization’s infrastructure is essential. This includes identifying third-party vendors and white-label products that might be using Kaspersky. Such an inventory will aid in creating a detailed replacement plan.
4. Formulate a Removal and Migration Strategy
Refer to resources like the Cybersecurity & Infrastructure Security Agency’s capacity enhancement guide on software removal. Assess the skills required for new AV/XDR solutions and collaborate with internal teams and external service providers to implement these solutions effectively.
5. Consider Supply Chain Security
It’s important to evaluate the security of your software supply chain, including subcontractors, customers, and partners. Organizations must ensure that all entities in their supply chain comply with the new regulations and remove Kaspersky software if necessary.
Addressing Vulnerabilities and Protecting Personal Data
Transitioning away from Kaspersky provides an opportunity to address broader cybersecurity vulnerabilities. IT leaders should ensure that the new antivirus solutions offer robust protection against spyware and other malicious software. Additional security measures, such as firewalls, multi-factor authentication, password management, parental controls, and centralized logging, can further enhance the organization’s defenses. Protecting personal data should be a top priority, especially when hackers devise new methods to breach security systems.
Alternative Anti-Phishing Solutions
PC Matic is a 100% USA-based antivirus, and VPN solution, providing industry-leading endpoint security that is affordable and easy to manage for everyone. PC Matic prevents cybercriminals from running malware or ransomware on your Windows, macOS, iOS, and Android devices.
PC Matic is the perfect replacement for Kaspersky, offering top-notch cybersecurity features and the assurance of being 100% made in America. This homegrown solution uses a unique whitelist technology, blocking unknown applications and only allowing trusted programs to run, reducing the risk of malware and ransomware infections. With real-time protection, regular updates, and efficient system performance optimization, PC Matic stands out in the market. Its user-friendly interface and excellent customer support make it accessible to all users, from novices to tech-savvy individuals.
The Path Forward
While the departure of Kaspersky from the U.S. market presents a significant challenge, it’s also an opportunity for organizations to reassess and strengthen their cybersecurity strategies. With proactive planning, open communication, and strategic decision-making, midmarket IT leaders can navigate this transition effectively, ensuring their organizations remain secure and compliant in an ever-evolving threat landscape.
As the cybersecurity landscape evolves, staying informed and adaptable will be key to maintaining robust protection against emerging cyber threats. The shift away from Kaspersky may be complex, but it is a necessary step toward ensuring national security and organizational resilience in the digital age.