As you may have heard, the Federal Government is requiring the removal of all Kaspersky software. Federal departments and agencies are required to identify any use or presence of Kaspersky products on their information systems and discontinue present and future use of the products by November 13 and remove the products by December 13. https://www.dhs.gov/news/2017/09/13/dhs-statement-issuance-binding-operational-directive-17-01
The reason?
This action is based on the information security risks presented by the use of Kaspersky products on federal information systems. Kaspersky anti-virus products and solutions provide broad access to files and elevated privileges on the computers on which the software is installed, which can be exploited by malicious cyber actors to compromise those information systems. The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.
Any organizations (including contractors, universities, etc.) that receive federal funding should consider removing Kaspersky since your funding could be at risk. Consider our alternative approach because there is a better way.
Alternative Approach
Traditional antivirus software only detects around 40% of all malware, which means 60% of malware goes undetected. With CylancePROTECT, it’s possible to prevent over 99% of malware before it can execute. Cylance isn’t a “detect and respond” antivirus solution that will leave your systems open to continual attacks.
Cybriant offers Cylance as an endpoint security solution or as a managed service. Cybriant can assist you in the migration from your old anti-virus product and in the implementation, tuning, and management of your Cylance deployment.
Why Cylance?
Cybersecurity firm Cylance uses lightweight artificial intelligence (instead of heavy signatures) to provide customers with security that “predicts, prevents, and protects.” They have recently caught Gartner’s attention by being considered a Visionary in the Endpoint Security realm.
According to Gartner’s 2017 report, Cylance is “by far the fastest-growing EPP vendor” in the market. This is due in great part to its 2016 implementation of CylanceProtect with OPTICS, an endpoint detection and response solution that enables users to “see” the root cause of attacks. With the new OPTICS system, Cylance also released a powerful cocktail of updated support for scripted control, memory protection, and application and device control features.
Gartner also praises OPTICS as a highly versatile system that can seamlessly operate on-premise or can be cloud-enabled. As reported by Gartner, Cylance customers related that OPTICS had “easy deployment and management, low-performance impact, and high-execution detection rates against new threat variants.”
Learn more about artificial intelligence for threat detection.