Besides a market for its goods or services, a business also needs resources. There are financial resources: money; human resources: employees; intellectual resources: business ideas, and the ability to bring them to life. For some businesses, sometimes even for whole industries, another resource is needed: trust.
Let’s say you decide to buy… a vacuum cleaner. Is trust required of the manufacturer? Not really. You simply buy what seems like the right vacuum cleaner for you, based on a few things like its technical characteristics, how it looks, its quality, and its price. Trust doesn’t really come into it.
However, in some industries, for example finance or medicine, trust plays a crucial role. If someone doesn’t trust a certain financial advisor or pharmaceutical brand, he/she is hardly going to become their client/buy their products – and perhaps never will. Until, that is, the financial advisor/pharma company somehow proves that they are actually worthy of trust.
Well, our business – cybersecurity – not only requires trust, it depends on it. Without it, there can be no cybersecurity. And some folks – for now, let’s just call them… detractors – they know this perfectly well and try to destroy people’s trust in cybersecurity in all manner of ways; and for all manner of reasons.
You’d think there might be something wrong with our products if there are folks trying to undermine trust in them. However, as to the quality of our products, I am perfectly untroubled – the results of independent tests show why. It’s something else that’s changed in recent years: geopolitical turbulence. And we’ve been caught right in the middle of it.
A propaganda machine rose up and directed its dark arts in our direction. A growing number of people have read or heard of unsubstantiated allegations about us, originating in part from media reports that cite (unverifiable) ‘anonymous sources’. Whether such stories are influenced by the political agenda or a commercial need to drive sales is unclear, but false accusations shouldn’t be acceptable (just as any other unfairness shouldn’t be.) So we challenge and disprove every claim made against us, one by one. And I choose this verb carefully there: disprove (quick reminder: they have never proved anything; but, then, they wouldn’t have to: it cannot exist as no wrongdoing was ever done in the first place.)
Anyway, after almost a year since the last wave of allegations, I decided to conduct a sort-of audit of my own. To try and see how the world views us now, and to get an idea as to whether people exposed to such stories have been influenced by them. And to what extent our presentation of the facts has allowed them to make up their own minds on the matter.
And guess what, we found that if people take into account only the facts… well – I have good news: the allegations didn’t wash! Ok, I can hear you: ‘show us the evidence!’
Really simple, but enormously useful: on Gartner Peer Insights, the opinions of corporate customers are collected, with Gartner’s team vetting the process to make sure there’s no vendor bias, no hidden agendas, no trolling. Basically, you get transparency and authenticity straight from end-users that matter.
Last year, thanks to the feedback from corporate customers, we were named the Plantinum winner for the 2017 Gartner Peer Insights Customer Choice for Endpoint Protection Platforms! This year’s results aren’t all in yet, but you can see for yourself the number of customers that wanted to tell Gartner about their experience of us and give their overall ratings, and leave positive reviews. Crucially, you can see it’s not a ‘review factory’ at work: they’re confirmed companies of different sizes, profiles, geography and caliber.
And talking of geography – turns out that in different regions of the world attitudes to trust can differ.
Take, for example, Germany. Here, the question of trust in companies is taken very seriously. Therefore, the magazine WirtschaftsWoche regularly publishes its ongoing research into levels of trust in companies after polling more than 300,000 people. In the ‘software’ category (note – not antivirus or cybersecurity), we are in fourth place, and the overall level of trust in Kaspersky Lab is high – higher than for most direct competitors, regardless of their country of origin.
Then we see what happens when governments use facts to decide whether to trust a company or not. Example: last week the Belgian Centre for Cyber Security researched the facts regarding KL and found they didn’t support the allegations against us. After which the prime minister of Belgium announced that there is no objective technical data – not even any independent research – that indicates our products could pose a threat. To that I would personally add that, theoretically, they could pose a threat, but no more than any other cybersecurity product from any other company from any other country. Because theoretically any product has theoretical vulnerabilities. Taking into consideration our technology transparency efforts I’d say that our products pose less threat that any other products.
No facts of any wrongdoing. Instead – clear commitment to cooperate & industry-leading practices for transparency.
— Eugene Kaspersky (@e_kaspersky) October 31, 2018
Btw, we conducted our own research into the question of trust. Not in us, specifically, but in general. What do folks tend to trust, and – just the opposite – what are they afraid of?
The results were really interesting. For example, it turns out that what both home users and businesses fear most of all are not demonized foreign companies but cybercriminals. In second place it was their own governments!
We also found that 55% of businesses and 66% of home users reckon that governments, in deciding on suppliers of products and services to use, should be guided first and foremost by quality – not geopolitics. And when it comes to deciding on suppliers of products and services relating to matters of national security, those percentages are even higher.
Which brings us neatly back to the high quality of our products (something I’m very proud of). But not just in my opinion. Besides the mentioned customers and independent tests, excellence of our products and services is confirmed by independent analysts themselves. Example: We are among the list of top vendors in the new research by the U.S. market research company Forrester looking at the market segment of services for investigating cyberthreats: Bottom line – our experts’ skills are trusted. Oh, and our company financial results confirm that convincingly: folks vote for us with their wallets.
Still, there’s no such thing as ‘too much trust’. Yesterday, at the Paris Peace Forum, we supported the initiative of the French government to raise levels of trust, security and stability in the digital world. I hope that its development will win out over mistrust and fear, and mean that balkanization of the internet will never happen. And of course, I hope that this initiative won’t falter like some similar well-intentioned initiatives.
It’s no good just talking about trust, you need to follow through with action. Unfortunately, not all cybersecurity companies are willing or able to do that. Some stay silent; others nod their heads but do little else; still others are going against the tide.
And talking of the tide… A year ago we started our Global Transparency Initiative, with the goal of defining our position in terms of corporate and technology openness and to explain everything about our principles of processing data. And today we open our first Transparency Center in Switzerland. So if you want to come and decide for yourself whether KL is trustworthy, just come and visit us! Welcome!…
Gartner Peer Insights Customer Choice Awards are determined by the subjective opinions of individual end-user customers based on their own experiences, the number of published reviews on Gartner Peer Insights and overall ratings for a given vendor in the market, as further described here http://www.gartner.com/reviews-pages/peer-insights-customer-choice-awards/ and are not intended in any way to represent the views of Gartner or its affiliates.