Fortune 500 Companies and Government Agencies Still Using Vulnerable Anti-Virus Products

It has been two years since a Binding Operational Directive was issued by the Department of Homeland Security to all Federal executive branch departments and agencies directing them to identify and remove Kaspersky Lab’s anti-virus software from their systems. The drop-dead date was October 2018 for all government contractors and Federal agencies to have wholly removed this software. These particular anti-virus products and solutions allowed broad access to files and elevated user privileges on the computers with this software allowing exploitation by malicious cyber actors, thereby compromising those information systems. Due to the increase in attacks by nation-state actors, Government agencies and leading enterprises must extremely mindful against such threats.  However, it does not seem to be a high priority for them. Even now, a year later, this software is found on not Federal agency computers but also those of many Fortune 500 companies leaving them vulnerable to cyberattacks.