MPOWER Cybersecurity Summit 2019: McAfee reinforces their fight to the cloud
By Tan Jee Yee October 23, 2019
- Mvision Insights help preempt specific attacks using one billion sensors
- Unified Cloud Edge streamlines cloud security deployment
The theme of the MPOWER Cybersecurity Summit 2019 held in Las Vegas recently is about Time.
Time, as McAfee chief executive officer Chris Young (pic, below) says, is “the one constraint we cannot ignore.” Time governs a lot of what the company is doing against cyber-threats. Their adversaries -- cybercriminals and malicious hackers -- use time to their advantage, so much so that it has taken over the language of the industry.
The lexicon of cybersecurity now includes things like “advanced persistent threats, “dwell time”, and “zero day threats”. Ransomware functions on a time pressure to get victims to pay up. And for consumers and end-point users, the amount of time they’re disrupted by an attack, and the amount of time they can get back on track, can make or break a business.
Thus, it’s no surprise that “Time is underpinning our strategy at McAfee,” says Young. The new solutions they have announced at the Summit certainly play on the concept of time, in various ways.
For one, the Unified Cloud Edge solution serves to simplify secure cloud adoption while allowing for seamless management of data protection and threat-prevention initiatives, thus cutting down times. Mvision Insights, perhaps the most fascinating product announced this Summit, is meant to enable organisations to rapidly identify and respond to targeted attacks.
A focus on cloud
This also leads to McAfee’s current focus: the Cloud. “There is a lot of emphasis on cloud -- the partnerships and integration we’re driving,” Young says, during a media Q&A session.
“Cloud is a different security paradigm than we’re traditionally used to in our environments. You can have sensitive data stored on the cloud is shared, leaked or stolen without ever traversing a network choke point, and have the opportunity to be inspected by a traditional device. That’s where the importance of cloud based, or cloud native security capabilities comes in.”
This extends beyond their products, and into the acquisitions they’ve done to extend their capabilities. One example would be NanoSec, a container security startup, which enables them to deliver more capabilities across the cloud-based platforms their customers are using.
This is built upon the first acquisition McAfee made after spinning out as a standalone security business from Intel in 2017 -- a specialist in cloud security called Skyhigh Networks. Following that, McAfee in September this year announced an extended relationship with Oracle to “deliver security incident and event management (SIEM) performance capabilities in the cloud.”
“This is an exciting one for us. Thousands of companies rely on Oracle applications. As they increasingly see their customers consume those applications as SaaS (software as a service), they want a security operations solution they can wrap around that, so that they can provide their customers with visibility and security capabilities related to those,” Young elaborates.
Providing an Insight
Of the new solutions McAfee announced during the summit, Mvision Insights is one that may potentially change the way organisations handle security. With this, security teams get to tap into the data gathered by McAfee from more than one billion sensors worldwide.
The data is correlated with McAfee’s own threat data to provide the information on what’s targeting the organisation. More importantly, they will be able to preemptively prepare defenses against threats even before they are seen in their environments.
In a recent report by McAfee, it was discovered that 71% of security professionals feel that they are primarily responsible when a data breach occurs at their company or organisation. In addition, security professionals say that of the data breaches they have experienced, 40% involved the theft of intellectual property.
“In today’s evolving threat landscape security professionals need to understand whether their organisation is at risk, what specific threats they are susceptible to, and how they can preempt the attack,” says McAfee executive vice president and chief product officer of the enterprise business group Ash Kulkani.
“Mvision Insights will provide the analytics to enable organisations to recognise the threats they will need to immediately take action against, and threats that could potentially impact them in the future. This proactive approach will significantly enhance cybersecurity effectiveness with faster response times and higher efficiencies.”
According to McAfee senior vice president and chief technology officer Steve Grobman, Mvision Insights is a cloud-based platform and therefore does not require installation in order to utilise it. Users can also add in their existing telemetry and sensors.
“We can add detection modules or insight modules to the cloud architecture at any cadence that makes sense. It’s not a traditional product where there’s Version 1, 2 or 3,” he adds. “If my data science team comes with an awesome algorithm that can detect zero day campaigns, we can drop it in and start generating insights.”
We can expect to see Mvision Insights by Q4 2019 or Q1 2020.
Unifying the cloud
Also introduced during the summit is Unified Cloud Edge, which McAfee says is to “address security concerns of the cloud” by converging the capabilities of its award-winning products – namely McAfee Mvision Cloud, Web Gateway and Data Loss Prevention offerings – to be made available through the Mvision ePolicy Orchestrator (ePO) platform.
The idea is to simplify security management of multiple cloud-based deployments. According to McAfee’s own recent study, 81% of organisations have separate management controls for DLP (data loss prevention) and CASB (cloud access security broker) deployments, which can lead to more complexity and lower security efficacy.
With Unified Cloud Edge, IT professionals can avoid the challenges of replicating consistent DLP policies across multiple endpoints, networks and cloud solutions. This is done through a cloud-native architecture to set one policy across multiple environments. Basically, users can investigate security events, run reports from a single repository or enforce a consistent user experience with just one click.
“Data and applications have shifted to the cloud, but secure cloud adoption has proved to be elusive for organisations as they struggle with limited security resources along with environments and tools that require news skills for security professionals,” says McAfee vice president of product management and marketing Anand Ramanathan.
“The volume of critical enterprise data will continue to grow alongside cloud adoption which will require organizations to deploy the right data protection tools while also reducing the complexity of security to more easily help enable increased employee productivity.”
Hopefully, with these new offerings, IT and security professionals can get an edge in time against the growing number of adversaries.