Australia’s Department of Home Affairs has issued a directive banning the use of Kaspersky products on federal government devices. Kaspersky is a Russian cyber security firm.
“After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data, arising from threats of foreign interference, espionage and sabotage,” said Home Affairs Secretary Stephanie Foster in a February 17, 2025, Protective Security Policy Framework (PSPF) directive.
“I have also considered the important need for a strong policy signal to critical infrastructure and other Australian governments regarding the unacceptable security risk associated with the use of Kaspersky Lab products and web services,” she added.
PSPF Direction 002-2025 bans Australian Government entities from installing Kaspersky Lab products and web services on government systems and devices, and where found, to remove all existing instances.
Last year, the US Government banned the sale of Kaspersky software. Canada and the United Kingdom have also curtailed Kaspersky’s activities in those jurisdictions.
Australian Government entities must remove all Kaspersky products and services from devices by April 1, 2025.
Foster says exceptions may be made for legitimate business reasons, limited to national security and regulatory functions but the user must ensure that appropriate mitigations are in place.
