What CISOs should do now

Kaspersky claims 270,000 corporate clients, although, to be clear, that counts every customer in the world. While many of its previous customers have already migrated to other security products, those in the US that are still using their software need to make plans now. “Don’t wait until October, the last minute to switch because then it becomes a business continuity issue. The time is now to assess your risk and figure out what parts of your infrastructure could be compromised or need replacing,” says Schaffer.

Tim Crawford, founder of research and advisory firm Avoa, also argues for immediate action. “You have to move quickly, don’t wait or take a chance to get close to that October deadline, because those non-updated systems will become fully vulnerable, and hackers are lying in wait for you,” he tells CSO.

Part of the problem harks back to how deep anti-malware products are buried within an OS and a network infrastructure. “There is a lot of time and effort involved in replacing these types of products,” says Matthew Rosenquist, CISO at Mercury Risk and Compliance. “Figuring out the APIs that are affected, what telemetry is being sent and compatibility with other security tools, such as a SIEM and other managed threat feeds, all of this will take time to test properly.”