Earlier this month, the Department of Homeland Security (DHS) issued a binding order restricting the government’s use of cybersecurity software developed by Moscow-based Kaspersky Labs.
Government departments and agencies have 90 days to remove or discontinue use of any Kaspersky Labs software products—but the buck doesn’t stop there. Kaspersky boasts more than 400 million users and 270,000 corporate clients, meaning organizations that provide any services involving federal information systems would be wise to investigate whether they, either directly or indirectly, use Kaspersky products and services.
Significantly, a number of major U.S. retailers have also decided to pull Kaspersky products and services from their shelves and websites.
In a recent client alert, members of our Information Privacy, Security and Governance Team outlined the government’s concerns surrounding Kaspersky Labs, Inc.’s access to federal information systems, the requirements of its binding order, and the importance of full system reviews to check for the presence of Kaspersky software.