Kaspersky, a Russian anti-software standard is coming: 2700 public administrations at risk of chaos

The announcement of the Undersecretary to the Prime Minister, Franco Gabrielli. The company had also obtained Mise authorization a few weeks ago: "No communicating vessels between countries, our activities in total safety". But that's not enough. Meanwhile, the EU Commission launches a public consultation for the future law on cyber resilience 16 Mar 2022 Mila Cornflowers Director

The Italian government is preparing to launch a regulation to start the replacement of Russian software installed in public administrations: this was announced by the undersecretary to the presidency of the Council, Franco Gabrielli "to dismiss not only Kaspersky, but also other Russian platforms that are available of Consip and the Public Administration ". And the same announcement arrives in Germany where the BSI, the German Federal Agency for Technical Information Security, recommends "replacing the Kaspersky antivirus with alternative products". The issue of cybersecurity has become the number one priority following the outbreak of the Russian-Ukrainian conflict and although the National Cybersecurity Agency (a creature born a few months ago while in other countries there are counterparts for years) has declared that at the moment it does not there is objective evidence "of the lowering of the quality of the products and technological services provided" by the Russian Federation, the same Agency led by Roberto Baldoni suggests to "consider the security implications deriving from the use of information technologies provided by companies linked to the Federation Russian ". Gabrielli appeals to the need for "technological autonomy" in Italy, an autonomy however not achievable at the moment or even in the medium term. It will therefore be necessary to deal with reality. And the reality is that at least 2,700 between institutions and public administrations risk chaos: in fact, 2,700 are the partnerships that Kaspersky alone boasts in our country in the public sector (and it will therefore be necessary to verify whether other Russian software is in use by the PAs) between ministries, Municipalities, police forces and the Presidency of the Council itself. And at the end of January the company had even obtained the Mise certification, the "blue stamp" of safety. How will PAs replace software? How long will it take? And what are the impacts on operations and on safety itself considering that there is a risk of a "gap" between saying and doing? These are all significant issues and the boomerang effect could be substantial even considering the costs that the PAs will have to face. In an interview with Corriere della Sera, the general manager of Kaspersky Italy Cesare D’Angelo tries to reassure. But reassurance will hardly be needed at this stage. "Our priority has always been the privacy and safety of our users." The Russian-born company condemns the war action and in understanding the doubts of the institutional partners it makes itself available "to those who want to have technical explanations or want to examine us". And D'Angelo recalls that the company "has invested more than any other in transparency initiatives" in the security sector "by moving the data centers where the data that customers choose to voluntarily share is processed to Switzerland. And we are ready to bring anyone who wants to test the reliability of our systems to Zurich. " D'Angelo also adds that the company has obtained "the highest levels of certification from external advisors regarding the quality and integration of our solution development processes and our data centers" and "it is important to know that the controls and final approval before distribution takes place outside Russia. There is no connection, no communicating vessel between countries ". The Brothers of Italy parliamentarians Augusta Montaruli, Emanuele Prisco, Federico Mollicone, Alessio Butti, Marco Silvestroni and Mauro Rotelli spoke on the subject: "The indications received by Colao on the recognition of the presence of Russian software in national public services and strategic infrastructures they partially satisfy us. If it was conducted, why was the state of the art on the presence of technology from the Russian Federation not sent to Parliament? We ask the competent ministers for clarity. In light of the dramatic war events in progress and the risk of an increase in cyber attacks, the technical and security characteristics of the networks must be adequately exploited in the construction of ultra-fast network infrastructures. We also want to point out the criticalities of the Pnr calls for ultra-broadband which, due to penalties that are too heavy, risk being bankrupt. The single component relating to the means necessary for the execution of the works would amount to more than 10% of the value of the tenders. Then there are rising raw material costs: just the production costs of optical fiber cables increased by 30% compared to 2021. The monthly increase in the price of glass and plastics is significantly impacting the production costs of all cables in general and of communication cables. and energy costs. We believe that the PENN bids must be re-modeled in the face of the geopolitical situation ”. Meanwhile, the European Commission has launched a public consultation to gather opinions and experiences from all interested parties on the future European law on cyber resilience. First announced by President von der Leyen in September 2021, the law aims to establish common rules on cybersecurity for digital products and associated services placed on the European market. The results of the public consultation will feed into the Commission's legislative proposal scheduled for the second half of the year. “To face today's sophisticated cyber attacks, so diverse, we need advanced technologies, secure infrastructures and increased operational cooperation, combined with a common approach on cybersecurity parameters for products and services. We look forward to the contribution of interested organizations and citizens to help us shape the new law on cyber resilience, which will become a fundamental part of the European strategic and legislative framework on cybersecurity ”, comments Thierry Breton, Commissioner for the Internal Market.

chaos