Splunk’s Departure from Russia Could Be Caused by Politics: Report

Russian analysts say it is possible that Splunk, a major U.S. IT company specializing in cybersecurity and big data analytics, was withdrawing from the Russian market due to political reasons, Kommersant writes.

The cybersecurity firm explained the decision by saying it is due to its revised investment strategy. However, Splunk’s Russian partners were surprised by the decision and they are not ruling out political reasons for the move, Kommersant wrote.

On February 15, the company closed access to its customer portal in Russia.

“We have not received any official statements as a partner,” Alexander Skakunov, the founder of IT consulting firm VolgaBlob, told Kommersant. According to Russian media, major telecom operators in the country, including MegaFon, Rosgosstrakh and Mars, are using Splunk’s solutions.

MegaFon reported that all current Splunk contractual obligations continue to function, and “the company has no need for new purchases from Splunk.”

QRadar and ArcSight, two top security information and event management (SIEM) solutions owned by IBM and HP, respectively, are some of Splunk’s competitors in Russia, in addition to local Russian developers.

In recent years, the only major developer of solutions in this area which closed its offices was McAfee, which also removed Russian user support, leaving only one distributor.

Splunk technologies are among the most advanced in Big Data analytics and incident monitoring, the company’s exit will reduce competition and discourage some companies on the Russian market from import solutions, according to Alexey Malnev, the head of Jet CSIRT. However, many foreign developers continue to invest in Russia, he noted.