LAS VEGAS – Networks are the highways along which data packets flow throughout the enterprise, but they aren’t the place CISOs will be placing the majority of their cyber security efforts in the future. Instead it should go to protecting endpoints and cloud data.
That’s the vision McAfee CEO Chris Young laid out Wednesday for customers and partners at the company’s annual Mpower conference here.
“Now is the time to start to move our thinking and effort to where the puck is going not where the puck has been in cyber security,” he said in his keynote. “We’ve got to move our architectural investment and focus to where the advanced threats will really manifest themselves.
“The action happens on the endpoint and ultimately in applications and data residing in the cloud. The network is not going to be the logical control point around which to build a cyber security architecture of the future.”
At a press conference later when asked if the prediction is self-serving for a company that doesn’t make routers and switches, Young noted that industry analysts forecast that IT spending on network security is still forecast to increase in the coming years.
“But the endpoint and the cloud are going to be the control points — not because of what we’ve done but because that’s where the action is: Applications execute and users are at the endpoint. Applications and data increasingly in the future will reside in the cloud.
“If you want to do advanced security you have to have the preponderance of controls there… We’re pivoting more of the future roadmap to the cloud because we think that is where we will add more value over the long term.”
Also during the press conference Young turned aside questions from a reporter trying to leverage the controversy hitting McAfee competitor Kaspersky after the New York Times alleged Russian intelligence was able to lift secret files from an NSA contractor after being able to spot them through Kaspersky’s antivirus product.
Asked if McAfee has ever co-operated with any to exfiltrate files on computes that run its products, Young replied, “The answer to that is no.”
The reporter also asked about Kaspersky complaints that McAfee was behind ads with a company logo that said the FBI had recommended U.S. companies drop Kaspersky products. “I’m aware of retailers that have put out some ads that ask consumers to come in and look at whether they should change the endpoint security they have on their platform,” Young replied. “We have partners who sell product and at the end of the day they’ll leverage information they have.”
This is the first company conference since it was spun off in April to private equity companies by previous owner Intel Corp.
In his look to the future in his keynote, Young made a few interesting observations: There’s not a lot new in the threat landscape, he suggested. Many of the threats seen today are evolutions of what’s been seen before – for example, ransomware dates back to the1980s. However, with the advent of cryptocurrencies it’s seen a revival.
Similarly, he argued, the Wannacry worm that swept the world earlier this year is just as much a piece ransomware. Were Wannacry and NotPetya really ransomware, he wondered, or designed to destruct data, to create chaos? Or maybe, testing to see what their creators can do next. “Our attackers are increasing testing us in large scale,” Young concluded.
“In this chaotic threatscape the cyber security posture has to focus as much on being proactive as being resilient” because attacks change so much.
“Also, we see people as the scarcest resource in any cyber security team. There is a talent shortage,” he said, but added CISO “have got to start thinking differently and stop calling it a problem, but a ‘talent efficiency opportunity.’”
Through the right use of technology, he suggested, adminstrators could make their staff more efficient, offsetting the manpower and skills shortage.
Finally, he urged the security industry to work more closely because – as many others have said – there is no silver bullet.
