Russia’s low standard of living – the Economist Intelligence Unit’s standard of life index ranks the country 105th, sandwiched between Botswana and Uzbekistan – coupled with its high standard of technical education, has made it one of the world’s cyber-crime hotspots.
But is also home to one of the companies at the front line of the fight against cyber crime, Kaspersky Lab. While the anti-virus vendor has expanded worldwide since it was founded in 1997, it still conducts the bulk of its research and development in its Moscow headquarters.
“The main benefit of our Russian origin is that Russia still has a very good technical education system,” explains CEO Eugene Kaspersky. The man himself studied cryptography at a school co-sponsored by the KGB and the Russian department of defence, a past that led one journalist to falsely label him an “ex-KGB man”.
Kaspersky continues to benefit from that Soviet-era investment: “There are technical universities in every major city and with one million students graduating every year, and there is a big labour market for software engineers. They are much easier to find than in the UK,” he says. “Russian engineers are much more expensive than in China or India, who are good if you just want something programmed, but if it’s about research, then it has to be Russia.”
Since its formation in 1997, Kaspersky Lab has deviated little from its origins as a pure-play endpoint anti-virus vendor. With competitors such as McAfee and Symantec blitzing both consumer and enterprise customer bases with a dizzying assortment of security products, Kaspersky has focused on a ‘do-one-thing-and-do-it-well’ policy. The company’s most dramatic departure from its antivirus roots, beyond acquiring an anti-spam vendor, is a mobile security offering launched at this year’s Infosec conference.
This eggs-in-a-single-basket approach could prove to a risky approach in the long term, especially if the rising adoption of cloud services (particularly those with integrated security features) begins to eat into pure-play security vendors, as many experts predict.
Kaspersky is blunt on the issue: while hosted services may prove to be a “very promising” part of the security industry in the future, “cloud services are not about to replace endpoint solutions,” he says. “There will still be endpoint services; most people will have a combination.”
The company is also somewhat insulated by its many OEM partners and there is no reason why this would not extend to emerging SaaS companies. Kaspersky also suggests it might shore up its offerings with further technology acquisitions. “Because of the financial crisis there are some promising offers on the market,” he says.
Kaspersky Lab itself is not a target for acquisition, he insists. “We feel we’re in a good position. We are still generating cash, we don’t have any investors, we’re profitable and we are still growing.”
This allows the company to focus on developing the technology, he says, with distractions such as sales and marketing left mostly to partners.
“To have a successful product we have to pay more attention to the quality of the technology rather than the marketing,” he says, in a jibe to his competitors. “That’s something we understood years back, and is why we’re recognised as a technology leader, because for many years we’ve been innovating and developing new standards of protection.”
Nonetheless, he acknowledges a need to build the company’s brand. “We’re doing that through education,” he explains. “We are building our team of experts which helps to build the brand because they educate the market and explain what’s going on; who the cyber criminals are, what they are doing, what’s the danger of being affected and how to eliminate it.”