sb-nz logo
Story image

McAfee CEO reveals his view of cybersecurity’s future at MPOWER

19 Oct 2017

McAfee partners, customers and executives converged on Las Vegas for McAfee MPOWER, which takes place at the ARIA convention centre over the next two days.

CEO Chris Young opened the conference by reiterating the community solidarity after the recent shootings; something that is also relevant for cybersecurity’s first responders.

Earlier this year McAfee separated from Intel and took its place as a standalone company, but did not completely sever its ties. In April, SVP of Intel Software and Services Group Doug Fisher expressed his support for McAfee as one of the biggest standalone companies in the cybersecurity industry.

At MPOWER today, Young let attendees decide what his talk was about – ‘read your mind’ or ‘read your future’ – through live, online voting from the audience, the future was the clear winner.

Security is truly dynamic and will continue to innovate

“We’re in one of the most dynamic industries you can possibly imagine because you can’t tell what’s going to happen from one day to the next,” Young says.

From the headlines comes a sense of desensitised attitudes towards security, but what happens when it hits organisations in real life, he asks.

“Predicting the future is sobering because there are thousands of organisations making their name in cybersecurity.”

He believes that endpoints will be more defined, automation and orchestration, analytics, threat intelligence management.

“Whether you have a SOC or not, you have security operations,” he adds.

Threat landscape – threats will never go away

Young says the past is the best predictor of the future.

“If you take one of the more common threat types today – ransomware, for example – it has actually been around for more than 30 years. We saw the first ransomware attacks in the late 80s. It wasn’t until that Bitcoin and other cryptocurrency took off that ransomware exploded.”

Today’s threats are derivatives of the past, evolving as adversaries change their motivations.

“We see attacks that go beyond malware itself. Some may call it fileless. We’re seeing benign scripting languages like PowerShell and JavaScript.”

He believes that attack vectors are blurred as multiple vectors converge and with many different attack patterns. What does this mean for those who are trying to prevent attacks?

Attack defence patterns will change and it will be difficult to categorise different types of attacks. It may not be a certain type of malware like a Trojan anymore – it could be a combination of many different attack types.

“There’s no silver bullet approach to dealing with any one style of attack. We must operate our defences as a whole that is greater than the sum of its parts.”

McAfee honed its portfolio to the ‘protect, adapt, detect’ approach in order to progress the threat defence lifecycle and make it a reality.

Security architecture needs to change

We need to increase bandwidth, control device security and basic security hygiene in order to move architecture from where it has been to where it is going, Young says.

As networks become more encrypted and opaque, network protection is increasingly difficult. Young sees the network as a transport layer; cloud and endpoints are where protection will be concentrated.

Resources are scarce – but change your perspective

People are the scarcest resource of all. This is driving the ‘skills shortage’, Young says. Architecture can only get organisations so far.

“We have to stop thinking about the cybersecurity skills shortage. Stop calling it a problem, call it a talent efficiency opportunity. We need to keep threat responders up to date on the threat landscape and keep the best people in your organisation. Those challenges put a different lens on the talent ‘problem’”.

People, processes and technology have to work together. Threat intelligence and operations, analytics and data science can facilitate human-machine teaming that, Young says, may completely change the security game.

McAfee MPOWER continues in Las Vegas on October 18 & October 19.

Story image
Revealed: Imperva publishes research on decade old botnet, responsible for millions of attacks
Imperva Research Labs has revealed findings of a six-month intensive investigation into a botnet that has been exploiting CMS vulnerabilities.More
Story image
SOC as a Service: Fortinet’s answer to today’s network challenges
Jon McGettigan, Fortinet A/NZ Regional Director, explains how SOC as a Service can back up your current SOC team, fast-track deployments and ensure regulatory compliance.More
Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
SOC, SIEM, SOAR and SASE define Fortinet’s Security Fabric
Cornelius Mare, Fortinet A/NZ Director, Security Solutions, deciphers the jargon and explains how an alphabet soup of integrated security services spells comprehensive protection for your network and ensures business continuity.More
Story image
How to secure your business against DDoS Attacks
With the upward trend of DDoS attacks this year, and an increased dependency on online channels across all industries, businesses need to be prepared, so they don’t suffer any disruption. More