Seoul
Transparency Centers/September
Kaspersky has revealed a mitigation framework for assessing the integrity of security solutions throughout their lifecycle, which the company believes has the potential to form the basis of an industry-wide methodology.
The key pillars of the cybersecurity assessment methodology Kaspersky has suggested include: (i) the localization of data processing, (ii) the review of data received, and (iii) the review of both the information and updates delivered to user machines (as part of software and threat-database updates). Just as within the Global Transparency Initiative, the strategy’s core aim is the engagement of an external reviewer for checking the company’s processes and solutions.
The company believes that the aforesaid strategy can address most ICT supply-chain risks relating to product development and distribution in an effective and verifiable manner.