So my first business trip this year… Wait, what am I saying — this decade! :) Okay, so my first business trip this decade took me to the famed Chelyabinsk!
If you know Russia well, you know the stereotypes about how “tough/rugged” the people are here. But it’s not a bad thing! No, just the opposite, the jokes are reverent! One-liners like “People from Chelyabinsk are so tough that…” have turned the city into such a well-known brand that if I was… I don’t know, a taxi driver, I’d give everyone from here 10% off just out of respect! I can’t get enough of these memes! I searched the web for these memes and couldn’t stop laughing for 15 minutes :) The best part is that the jokes all mean well. The pictures and quotes are respectful in the vein of “don’t mess with Chelyabinsk”.
A question for %Russian hackers%: Got the guts to infect this Chelyabinsk flash drive? :)
In short, people in Chelyabinsk aren’t just tough, they’re very enterprising and keen on innovation. Years ago they were one of the first to recognize our newest solutions even when they were just prototypes. That’s a good a reason as any to take a trip to Chelyabinsk and show love to all these progressive guys and gals and guarantee the closest partnerships moving forward. “Peace and love,” as they say :) So ticket, plane, runway, sky! See ya Moscow! Next stop, Chelyabinsk!
According to expert forecasts, the ICS market is set to reach $7 billion by 2024. Attacks on critical infrastructure are increasingly hitting the headlines. The recent Venezuela blackout, for example, immediately looked suspicious to me, and just a couple of days later it was announced that it was caused by a cyberattack.
This July, in collaboration with ARC Advisory Group, we published a lengthy report on the state of things in the industrial cybersecurity sphere. It’s a good read, with lots of interesting stuff in there. Here is a number for you to ponder on: in 2018, 52% of industrial cybersecurity incidents were caused by staff errors, or, in other words, because of the notorious human factor. Behind this number is a whole host of problems, including a shortage of professionals to fill key jobs, a lack of technical awareness among employees, and insufficient cybersecurity budgets. Go ahead and read the report – it’s free :)
Attention all those interested in industrial cybersecurity: you still have a few days (till August 30) to sign up for our annual Kaspersky Industrial Cybersecurity Conference 2019. This year, it’s being held from September 18-20 in Sochi, Russia. There’ll be presentations by over 30 international ICS experts, including yours truly. So, see you soon in sunny Sochi to talk about some serious problems and ways to deal with them!
Just recently, the respected independent test lab AV-Comparatives released the results of its annual survey. Taking place at the end of 2018, the survey, er, surveyed 3000 respondents worldwide. Of the 19 questions asked of each, one was ‘Which desktop anti-malware security solution do you primarily use?‘. And guess which brand came top in the answers for Europe, Asia, and South/Central America? Yes: K! In North America we came second (and I’m sure that’s only temporary). In addition, in Europe we were chosen as the most frequently used security solution for smartphones. We’re also at the top of the list of companies whose products users most often ask to test, both in the ‘home’ segment and among antivirus products for business. Great! We like tests, and you can see why! Btw – here’s more detail on the independent tests and reviews that our products undergo.
“Thou hypocrite, first cast out the beam out of thine own eye; and then shalt thou see clearly to cast the speck out of thy brother’s eye.” – Matthew 7:5
In May, yet another backdoor with features reeeaaal useful for espionage was discovered. In whose tech was the backdoor found? Russia’s? China’s? Actually – Cisco‘s (again)! Was there a hullabaloo about it in the media? Incessant front-page headlines and discussion about threats to national security? Talk of banning Cisco equipment outside the U.S., etc.? Oh, what, you missed it too?! Yet at the same time, Huawei’s international lynching is not only in full swing – it’s in full swing without such backdoors, and without any convincing evidence thereof whatsoever.
Around a year ago, I told you on these here blog pages about an excursion I was given around a gold mine. Down we went deep into the bowels of the earth, where we were shown the whole process of beneficiation through which they extract out of every ton of earth a mere 7-8 grams of gold (which eventually find themselves in a .900 – ~20 karat gold bar).
Now, during that excursion, I recall how we were told by our guides how, though the mine we were in was really quite sufficiently modern, mechanized and automated, it still remained somewhat a ‘diet’ version of a gold mine. If we wanted to see a ‘full fat’ version, we needed to get ourselves… somewhere like this (which, a year later, is just what we did):
I recall reading somewhere once – I think it was in a German tourist guidebook – that: ‘If you’ve no special reason to go to Hannover, then there’s no real point going there.” Bit harsh, I remember thinking at the time. However, it turns out that it’s also one of my most frequently-visited cities. I carefully went through my records, and low and behold, I’d been to this German city a full 19 times. Well I was there again just the other week – a jubilee: my 20th visit! Accordingly. On this special occasion, I figured it would be appropriate to get out my trusty Sony and get some serious snapping in – since we had a full half-day free in the city. And that’s just what I did. Herewith – the results of that snapping.
Many folks still think we’re just an anti-malware company. Wrong!
Many folks think we’re an anti-malware company that protects their computers and smartphones from any and all kinds of cyber-evil better than anyone else. Right!
Thing is, we’re not just an anti-malware company anymore; far from it. For years already we’ve been providing broader cybersecurity faced with the broader and broader spectrum of cyber-bad that the world is coming up against. This includes protection against: cyberattacks on both the Internet of Things and industrial facilities.
We’ve been warning about the potential for cyberattacks on industrial objects and critical infrastructure for more years than I can remember now. We were banging on about it even before Hollywood got wind of this alarming potential, and that was in the mid-2000s. And we weren’t just banging on about it either; we were busy at work on serious protection technologies to fight it. I’ve mentioned these before, but, briefly: industrial cybersecurity, transportation cybersecurity, IoT protection, and our own secure operating system. And you won’t find many cybersecurity companies around the world that offer a range of products and technologies as wide as that.
All the same, still, today – in 2019! – we’re ‘that anti-malware company’ to a great many. However, very slowly, how we are perceived is changing. And that’s not just what I see myself – there are figures that prove it. Example: global sales of our industrial infrastructure solutions (KICS – industrial ‘antivirus’ :) ) grew in 2018 by 162%! And such growth was seen across nearly all regions – Europe, Latin America, the Middle East and Africa, Asia-Pacific, and Russia. We’ve already completed 80+ projects worldwide for a wide range of industries from power generation, mining and oil refinery, to beverage production.
Both the scale and complexity of threats in the industrial sphere are on the up; what’s more, at stake here is critically important infrastructure like… nuclear power plants. I’m sure I don’t have to tell you how serious that is. On the brighter side, thankfully, our industrial/infrastructure customers understand that protecting their kit requires an individual, tailored approach to each facility and each of its automated industrial control systems (ICS).
Btw, in 2018 our KICS was given as an example in four subsections of multifaceted ‘Operational Technology Security’ in a study by Gartner, the global research and advisory company. To me this shows one thing: that we’re the recognized leaders in the industrial cybersecurity market. Ahhh, that feels satisfying. All that work and investment hasn’t been for nothing!
But besides cutting-edge industrial security, we also have other new services and products. For example, Blockchain Security; specifically, Crypto-Exchange Security and ICO Security (ICO being ‘initial coin offering‘; like an IPO, only with cryptocurrencies, and mostly for startup companies). And we already have some successful projects under out belt! Which is nice to know since Gartner reckons that the blockchain market, come 2030, will be worth more than… three trillion dollars! Already today crypto-exchange turnover comes to more than 300 billion dollars, out of which around 1.2 billion was stolen… in just 11 hacker attacks. Looks like we’ve got our work cut out for us. Oh well. No rest for the wicked awesome ).
So what else have we in our box of tricks? Ah yes…
Now, you’ll know how the whole world these days buys, sells, and generally does business mostly online, right? What you may not know about is our solution to protect all that online business – our Fraud Prevention. It’s made up of all sorts of very cool security technologies, including behavioral biometry and machine learning (details here and here).
Another must-have for business is our DDoS Protection. This uses special sensor software that gets installed on a company’s server. It monitors traffic to collect data for behavioral analysis; it builds up this data to continually improve its ability to detect even the most subtle of behavior anomalies that are characteristic of the start of a DDoS attack. The service is full-on all-inclusive too: notifications are sent immediately about possible attacks, and there’s an option for all the traffic of a company to be redirected to KL’s Cleaning Centers and for only ‘clean’ traffic to be returned to the company. And after an attack a full report on its detailed analysis is sent to the company.
It’s all very well having all this super-duper cyber-tech, but what good is it if the human element isn’t taken into account? In crisis situations, often the PR people of an attacked company take by far not the best decisions, since they don’t really know what’s going on or what to do. Instead of minimizing damage, they make it worse with ill-advised announcements or – worse – not announcing anything to customers/the public. Therefore, we have KACIC – a set of anti-crisis communications tools backed by the whiz kids in our PR team, who understand better than most all the reputational risks of an attack on IT infrastructure. Forewarned is forearmed!
As the Fourth Industrial Revolution continues to develop and the IoT market grows and grows to change every sector of the economy (manufacturing, agriculture, commerce, urban infrastructure, transportation…), we’re putting lots of time and investment into transportation cybersecurity and protection of IoT devices; so much so I think our next breakthrough tech solutions will be in these fields. That time and investment runs parallel with my frequent calls for a thing I call ‘cyber-immunity’, which needs to replace what we have now – ‘cybersecurity’. This means a protective layer at the very core of system architecture, not placing one on top of essentially un-secure systems based on outdated technologies. We’ve already learned how to do this for IoT gadgets; next up – well, the sky is the limit!…
I mean, like how they clean it with dredging machines or by hand? Or how golden nuggets sparkle in the earth? Well I hadn’t either. But when I was asked if I want to go down a gold mine, I – naturally – jumped at the chance. So down I went – way down into the bowels of the earth…
I’m a curious chap. Example: I’ve long wondered what the differences are between European and Russian… steel works! Ok, not quite everyone else in the world is wondering about such a thing, but, then, you don’t follow this blog for more on what everyone else is thinking, right? ).
So wonder I did. Past tense. Today – no more wondering, for now I know…
I’ve just got myself a +1 to my collection of German industrial exhibitions/conferences, which now runs to a grand total of three. It was Bosch Connected World – both a conference and exhibition that ‘celebrate the Internet of Things’. Hardware & software, robotics, stationary + mobile, automotive, cloud-based, AI… basically all the buzz words – and all here. But everything here is somehow Bosch-connected, either belonging thereto of partnering with it; therefore, it was rather smaller than the other two in my collection: Embedded World and Hannover Messe. The former is about all things cyber-digital-industrial-automotive, the latter – all things industrial in general, not just security.
If you’re already in the computer automation/robotics/smart-whatever field, or are planning on entering it soon, you need to get yourself here. We were here as we’ve decided to attend more vendor-themed events: they’re smaller scale, but more focused. So here we are: welcome to Bosch Connected World!…
This year it was a truly international event, with many of the speakers giving their presentations in English (since they knew no Russian:). In all there were ~300 participants from 170 companies! Thanks to all sponsors and partners, especially:
SAP – general partner
Rostelecom – IoT partner
MARSH – cyber-insurance partner
And thanks to everyone else too whose names you can find at the above link.
