Governement-ITRegulationSecurity

UK NCSC ‘Has Never’ Certified Kaspersky Lab Products But Has No Blacklist

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

UK National Cyber Security Centre says that just because it has never certified Kaspersky products, doesn’t mean it has a blacklist or that they aren’t suitable for businesses

The UK government’s National Cyber Security Centre (NCSC) has revealed that it has never certified any product from cyber security firm Kaspersky Lab, but adds that there is no formal blacklist.

“The NCSC certifies products through a range of initiatives, and vendors apply to have their products certified via one of our accredited lab partners,” the NSCS, which was launched in October to boost the UK’s cyber defenses, is quoted as saying by Reuters.

“We certify products through a range of initiatives, but the NCSC has never had products listed from Kaspersky.”

Eugene Kaspersky

Kaspersky NCSC

However when asked to clarify the comments, the unit confirmed there was no blacklist in place and that there was no reason to believe that just because a vendor wasn’t certified that their products were not suitable for private or public organisations.

“We’re not regulators,” said an NCSC spokesman. “Vendors can apply to us to have their systems certified, but that’s very different to saying there’s a list of approved and blacklisted vendors.

“The NCSC has no regulatory role, so while it’s fair to say Kaspersky is not listed, we have no actual list.”

The news comes just week after it emerged that United States Senators are considering a proposal to ban all Kaspersky security products for military use, stemming from rising tensions between the Russian and US governments.

Eugene Kaspersky repeatedly denying having any ties to the Kremlin and has even offered to give American authorities access to the company’s source code in an attempt to dispel the rumours once and for all, saying “anything I can do to prove that we don’t behave maliciously I will do it”.

“The NCSC is not a regulator and they do not certify anti-virus products,” added Adam Maskatiya, General Manager, Kaspersky Lab, UK and Ireland. “We work closely with public sector across the world and where required with regulatory and certification bodies.”

UPDATED: This article has been updated  to reflect the NCSC’s statement that there is no blacklist in place

 Are you a security pro? Try our quiz!