Shift of threats to the cloud require new tools, collaborations: McAfee
By Dzof Azmi December 6, 2017
- Artificial Intelligence will drive new solutions, but there is no silver bullet
- A comprehensive solution will need collaboration with other security companies, agencies
IF THE McAfee MPOWER Cybersecurity Summit in Sydney recently was anything to go by, the future of computer security is going to be reliant on two things: independent machine learning and collaborative open systems.
Picking up from the main McAfee MPOWER Cybersecurity Summit in Las Vegas in October, McAfee CEO Chris Young confidently charted the future of his company since they spun out from Intel in April this year.
He is basing it on their security architecture. "It's got to guide how we think about the future," he said. "Look around at the threat landscape which is where we ground a lot of the thinking for our cyber-security model."
The threats will be in the cloud
One thing that concerns him is that the trends in threats don't seem to match where spending is happening.
"Network security appliances are projected to continue to grow in the near future," he said, referring to IDC’s projection that network security spending will be the largest category of security spending at US$15.2 billion (RM61.8 billion). But Young (pic, right) confesses, "I don't really understand why."
While accepting that demand for bandwidth will continue to rise, he thinks that "evolution to the cloud is happening even faster”. Young concludes, "Clearly our perimeter is eroding".
"Appliances in your network won't be the logical control for defeating your most sophisticated adversaries in the future," he clarified to delegates.
As an example, he pointed to users migrating from the desktop to Office 365 in the cloud, and argued the focus must now shift to the endpoints. And not only is the network under threat extending beyond organisational borders, the necessary increased used of encryption means they are also becoming opaque.
"It's getting more difficult to actually see an attack happening on our network."
AI is a solution, although not a silver bullet
Young admits that "there is no silver bullet to win" but at least identifies characteristics of security needed. "We want to have a foundation that allows us to adapt and change as the cyber-attackers adopt and change their methodologies."
CTO Steve Grobman clarified, saying that "threat detection has moved from being deterministic to non-deterministic". This is the case with their new product, McAfee Investigator that combines machine learning and deep learning capabilities to observe behaviour to identify potential threats.
But he is also keen to point out that AI is just one of many tools at their disposal, pointing to other weapons in their arsenal, such as structural machine learning, behavioural machine learning, reputation threat intelligence, and the traditional signature based capabilities.
Openness and collaboration
Although better technology addresses increasing complexity, another strategy is needed to solve the problem of the eroding perimeter.
"These sets of attacks that we're seeing now are one of the greatest threats of our digital age," stressed Young. "This is something no organisation, no company, no individual can defeat alone."
It is with this mindset that Young is wholeheartedly advocating better collaboration between the various stakeholders. "(We're) really going all in on an open architecture."
Grobman (pic, right) elaborated, saying "We want to help provide a platform that can integrate solutions, regardless of where you get your technology from.”
Mirroring their current tagline "Together is Power", McAfee last year launched and promoted OpenDXL, based on the Data Exchange Layer (DXL) to enable security devices from different vendors to communicate with one another. This year, they demonstrated integration between OpenDXL and Cisco's pxGrid, enabling devices from both companies to communicate with one another.
"Our vision is simple," explained Grobman. "We want to maximise the value of our technology regardless of the products that exist within an environment."
Ultimately, their separation from Intel has pushed McAfee forward. "The thing that's great about being an independent company is that we can be 100% focused on cyber-security and defence."
The smarter way of dealing with cyberattacks
Zerto goes beyond the traditional firewall, antivirus
Only 19% of Malaysian consumers confident that businesses do enough to protect against cyber-attacks