Appendix 6. SASB Standards Compliance Index

Compliance of reporting elements with SASB Index Software & IT Services Standard, version 2018–10 (TC‑SI)
Indicator Disclosure Report section Comments
Environmental Footprint of Hardware Infrastructure
TC‑SI‑130‑a.1
  1. Total energy consumed
  2. Percentage grid electricity
  3. Percentage renewable
Reducing our carbon footprint
TC‑SI‑130‑a.2
  1. Total water withdrawn
  2. Total water consumed and percentage of each in regions with High or Extremely High Baseline Water Stress
Water usage
TC‑SI‑130‑a.3 Discussion of the integration of environmental considerations into strategic planning for data center needs Reducing our carbon footprint
Data Privacy & Freedom of Expression
TC‑SI‑220‑a.1 Description of policies and practices relating to behavioral advertising and user privacy Data protection
TC‑SI‑220‑a.2 Number of users whose information is used for secondary purposes Number of such users is 0 (zero).
TC‑SI‑220‑a.3 Total amount of monetary losses as a result of legal proceedings associated with user privacy No such incidents during the reporting period; the amount of monetary losses is 0 (zero).
TC‑SI‑220‑a.4
  1. Number of law enforcement requests for user information
  2. Number of users whose information was requested
  3. Percentage resulting in disclosure
Global Transparency Initiative
  1. The policy is described in the corresponding section of the Report. The number of requests from government authorities can be found in Kaspersky’s regular Law Enforcement & Government Requests Report. The most recent report covers the second half of 2023.
  2. The Company does not keep track of this statistic; we only take into account the number of requests to provide user data and non‑personal technical information.
  3. 0% — Kaspersky has not yet disclosed such data to government authorities.
TC‑SI‑220‑a.5 List of countries where core products or services are subject to government‑required monitoring, blocking, content filtering or censoring No such countries
Data Security
TC‑SI‑230‑a.1
  1. Number of data breaches
  2. Percentage involving personally identifiable information (PII)
  3. Number of users affected
Data protection
TC‑SI‑230‑a.2 Description of approach to identifying and addressing data security risks, including use of third‑party cyber security standards Data protection
Recruiting & Managing a Global, Diverse & Skilled Workforce
TC‑SI‑330‑a.1
  1. Percentage of employees that are
  2. Foreign nationals, and
  3. Located offshore
  1. As of December 31, 2023, Kaspersky had 64 foreign citizens employed, which is  1.5% of the total headcount. No information concerning other regional offices was collected during the reporting period.
  2. Not applicable to Kaspersky, since Russian labor legislation does not provide for working outside of the Russian Federation. No information concerning offices outside of Russia was collected during the reporting period.
TC‑SI‑330‑a.2 Employee engagement Corporate culture and business ethics
TC‑SI‑330‑a.3
  1. Percentage of gender and racial/ethnic group representation for
  2. Management
  3. Technical staff, and
  4. All other employees
Corporate culture and business ethics, Women in IT: Power of Equality The Company does not keep track of  employee statistics by ethnic groups.
Intellectual Property Protection & Competitive Behavior
TC‑SI‑520‑a.1 Total amount of monetary losses as a result of legal proceedings associated with anti‑competitive behavior regulations Intellectual property protection and defense
Managing Systemic Risks from Technology Disruptions
TC‑SI‑550‑a.1
  1. Number of
  2. Performance issues and
  3. Service disruptions
  4. Total customer downtime
This information is not disclosed due to the limitations imposed by the Company’s internal confidentiality policy.
TC‑SI‑550‑a.2 Description of business continuity risks related to disruptions of operations Risk management
Activity Metrics
TC‑SI‑000.A
  1. Number of licenses or subscriptions
  2. Percentage cloud‑based
  1. 851
  2. 33% cloud‑based
TC‑SI‑000.B
  1. Data processing capacity
  2. Percentage outsourced
  1. 240 units in the local network and 7,372 outsourced
  2. 97% outsourced (collocation)
TC‑SI‑000.С
  1. Amount of data storage
  2. Percentage outsourced
  1. Upwards of 100 petabytes
  2. More than 91% outsourced (collocation)