LAS VEGAS: Businesses will have to redesign
their networks from the ground up if they hope to protect their data
from next-generation hackers, according to McAfee president Michael
DeCesare.
DeCesare said business and high-tech companies will have to use a by-design strategy if they wish to remain ahead of the threats they face. He was speaking during a keynote at the McAfee Focus conference, attended by V3.
"We have to figure out how to integrate security into [networks] from the get-go. We have to redefine the role of network security. Companies are going to have to change. All companies will be rebuilding their networks," he said.
DeCesare cited new trends resulting from developments in mobile cloud technologies, such as bring your own device (BYOD), as proof of the weakness of current networks.
"We are asking so much of our networks these days, not just with security, but in general. But, when we designed these networks five or 10 years ago we did not contemplate what we'd be asking of them today: to ingest the concept of a public or a private cloud, adjusting to the parameters of BYOD," he said.
"We're also asking them to be able to offer higher levels of security on any bit of information or device connecting to them and we're balancing that with the concept of software-defined networking. What is happening in the network space is the same thing that was happening with the data centre space over the last 10 years – virtualisation is coming to the network."
He added that businesses will have to move quickly to address the problem as it is now far easier for hackers to target them. "There is a physical divide as the budgets we have aren't growing at the same rate as the technological sophistications of the adversaries that we face every day. Lastly there is a playing field divide, it is asymmetrical warfare. As security professionals we try and guard against this growing number of attacks on every IP-enabled device," he said.
"But every one of these that comes online is on different platforms, different software versions and we as security professionals have to guard all of these. But the adversaries we deal with every day just have to find one way in. The adversaries also don't have to worry about usability standards, they don't care if they break machines."
DeCesare said the trend is even more troubling as hackers have already begun using the new technologies to create next-generation cyber attacks. "We've seen an increase over the last 12 months of targeted Trojans. Sure we've seen these before, what's changed is the deployment model. A big thing is the concept of free apps. Ten years ago you'd have never downloaded anything free to your laptop or phone, free was bad news. Now this has changed and applications can be built for different purposes," he said.
"We've also seen an increase in evasion techniques. Malware is now able to know if it's in a sandbox and sit idle until the scan's finished before moving on. These are all examples of the growing technical sophistication of where the cyber criminals are heading."
McAfee is one of many security companies to warn of the dangers posed by new smart devices and cloud services. Last month F-Secure web reputation service expert Christine Bejerasco claimed that the failure of free cloud services, such as Facebook, Twitter and Dropbox, to adequately test their security before launching helped to ignite the current cybercrime boom.
DeCesare said business and high-tech companies will have to use a by-design strategy if they wish to remain ahead of the threats they face. He was speaking during a keynote at the McAfee Focus conference, attended by V3.
"We have to figure out how to integrate security into [networks] from the get-go. We have to redefine the role of network security. Companies are going to have to change. All companies will be rebuilding their networks," he said.
DeCesare cited new trends resulting from developments in mobile cloud technologies, such as bring your own device (BYOD), as proof of the weakness of current networks.
"We are asking so much of our networks these days, not just with security, but in general. But, when we designed these networks five or 10 years ago we did not contemplate what we'd be asking of them today: to ingest the concept of a public or a private cloud, adjusting to the parameters of BYOD," he said.
"We're also asking them to be able to offer higher levels of security on any bit of information or device connecting to them and we're balancing that with the concept of software-defined networking. What is happening in the network space is the same thing that was happening with the data centre space over the last 10 years – virtualisation is coming to the network."
He added that businesses will have to move quickly to address the problem as it is now far easier for hackers to target them. "There is a physical divide as the budgets we have aren't growing at the same rate as the technological sophistications of the adversaries that we face every day. Lastly there is a playing field divide, it is asymmetrical warfare. As security professionals we try and guard against this growing number of attacks on every IP-enabled device," he said.
"But every one of these that comes online is on different platforms, different software versions and we as security professionals have to guard all of these. But the adversaries we deal with every day just have to find one way in. The adversaries also don't have to worry about usability standards, they don't care if they break machines."
DeCesare said the trend is even more troubling as hackers have already begun using the new technologies to create next-generation cyber attacks. "We've seen an increase over the last 12 months of targeted Trojans. Sure we've seen these before, what's changed is the deployment model. A big thing is the concept of free apps. Ten years ago you'd have never downloaded anything free to your laptop or phone, free was bad news. Now this has changed and applications can be built for different purposes," he said.
"We've also seen an increase in evasion techniques. Malware is now able to know if it's in a sandbox and sit idle until the scan's finished before moving on. These are all examples of the growing technical sophistication of where the cyber criminals are heading."
McAfee is one of many security companies to warn of the dangers posed by new smart devices and cloud services. Last month F-Secure web reputation service expert Christine Bejerasco claimed that the failure of free cloud services, such as Facebook, Twitter and Dropbox, to adequately test their security before launching helped to ignite the current cybercrime boom.
No comments:
Post a Comment