The Secretary of the Department of Home Affairs issued on Friday a mandatory direction under the Protective Security Policy Framework (PSPF) to government entities requiring all to prevent the installation of Kaspersky products and web services from its devices and to remove existing ones.
In the directive signed by Stephanie Foster on 17 February, Foster stated that after considering threat and risk analysis, “I have determined that the use of Kaspersky Lab products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data, arising from threats of foreign interference, espionage and sabotage. I have also considered the important need for a strong policy signal to critical infrastructure and other Australian governments regarding the unacceptable security risk associated with the use of Kaspersky Lab, Inc. products and web services.”
Foster added that entities must manage the “risks arising from Kaspersky Lab’s extensive collection of user data and exposure of that data to extrajudicial directions from a foreign government that conflict with Australian law.”