Late last week, the US government has sent major shockwaves by instituting a ban on products by Kaspersky – a major Russian-based player on the cybersecurity market.
The US government has implemented a 100-day transition period following the announcement, with a 30-day period during which further sale of Kaspersky products was dropped. The ban also includes the sale of software that includes Kaspersky derivatives in the background, going beyond mere on-the-box branding.
The decision comes in the context of increasing cyberattacks on critical infrastructure. As cyberattacks become more sophisticated, governments are likely to implement stricter regulations on cybersecurity software in an effort to increase their own security and shut out software they deem made by possible rival actors.
Tightening regulations
Regulations on cybersecurity – including everything from online safety best practices, data handling and storage, and communication security – have been steadily tightening over the last decade. Proliferation of new standards from GDPR, NIS2 or DORA all the way to this newest ban have created a bewildering patchwork of rules and regulations to take into account.
While to many organizations not based in the USA this newest development may seem irrelevant, regulatory developments there may have echoes worldwide; other nations and regulatory bodies may follow suit, and software providers looking to do business in affected markets will likely think twice before including the now-banned software in their packages.
What comes next?
The decision to institute a ban on Kaspersky in the USA underlines the need to ensure your software – be it an antivirus, a simple backup or a more complex archive – reflects the regulatory environment you plan to operate in, as well as the advantages of flexibility and being able to respond to changing requirements.
Secure your data with TECH-ARROW
