Article by: Genie Sugene Gan
Director, Government Affairs & Public Policy
Asia-Pacific, Japan, Middle East, Turkiye and Africa
Kaspersky
In a world where ICT supply chain attacks are becoming increasingly prevalent, trust in software suppliers is critical. Kaspersky continues to lead in this area by expanding its Global Transparency Initiative (GTI), with the opening of its 12th Transparency Center in Seoul, South Korea. Officially launched in September 2024, this marks the fourth center in the Asia-Pacific region, further strengthening Kaspersky’s commitment to fostering transparency, cybersecurity, and trust across industries.
Addressing a "Black Box" Problem in ICT Supply Chains
Today's ICT supply chains are complex and span multiple geographical locations, suppliers, and service providers. This complexity often turns products into "black boxes" —customers purchase software or hardware without fully knowing the third-party components they contain or the potential vulnerabilities they introduce. The countless supply chain attacks over the years are a testament to the risks involved.
Be it a software comprising of multiple third-party components, or weak links along the supply chain, these can all result in devastating consequences. This is where Kaspersky’s GTI comes in—to preempt supply chain risks and build trust by providing complete transparency about what goes into our products.
How Kaspersky’s Transparency Centers Are Solving These Challenges
Kaspersky’s Transparency Centers offer a solution to the "black box" problem by enabling stakeholders to review exactly what’s inside. Our Seoul Transparency Center, amongst other trust buildint facilities we have built over the years, allows customers, partners, and regulators to assess detailed information about our source code, software updates, and threat detection rules. This level of transparency ensures that third-party components are scrutinized and understood, allowing businesses to confidently mitigate supply chain risks.
Visitors to the Seoul Center can choose from three levels of review:
- *Blue Piste*: Get an overview of Kaspersky’s development and data management practices.
- *Red Piste*: Dive deeper into critical aspects of our source code and software with help from our specialists.
- *Black Piste*: Perform the most comprehensive source code review with direct assistance from Kaspersky experts.
These options empower our customers to take an active role in verifying the integrity of our solutions, addressing the concerns of “what’s inside the black box” head-on.
Why South Korea?
South Korean organizations, known for their technological leadership, have long prioritized security and trustworthiness in their ICT supply chains.
By establishing this facility in Seoul, Kaspersky offers local stakeholders unparalleled access to the tools and insights they need to secure their operations, reducing risks linked to the global ICT supply chain and providing data management transparency tailored to the region’s specific requirements. It also provides a model of how an organisation may comply with the rigor of supply chain management security requirements such as those listed in the ICT software supply chain security guidelines adopted by South Korea's Ministry of Science
Building Trust Through Global Expertise and Practical Solutions
To date, Kaspersky protects over 220,000 organizations and more than 1 billion devices worldwide, and our Global Transparency Initiative is designed to make trust-building an interactive experience. In addition to our Seoul facility, we’ve launched centers across Europe, Latin America, Middle East, Africa, and Asia-Pacific, making our transparency infrastructure the most extensive in the cybersecurity industry.
Our Transparency Centers are more than just technical verification facilities. They are full-fledged information hubs where customers and partners can meet with our experts, learn about software supply chain risks, and explore how we build cybersecurity solutions that address real-world threats. Kaspersky’s SOC 2 audits, ISO/IEC 27001 certifications, and regular third-party assessments further validate our security practices.
A Path Forward for ICT Supply Chain Resilience
In a landscape where the integrity of the ICT supply chain is paramount, Kaspersky’s GTI provides the tools and insights needed to build resilient, trustworthy cybersecurity solutions.
For more information, visit [gti.kaspersky.com](http://gti.kaspersky.com) or reach out to us at [[email protected]](mailto:[email protected]).
By continually advancing our transparency efforts, Kaspersky is not just addressing today’s security challenges—we are shaping the future of cybersecurity trust.