Post Intel Security spin out to McAfee, SEA boss talks about future strategy

McAfee recently rose as a standalone cybersecurity business calling itself one of the world’s largest pure-play cybersecurity vendors. With the investment from TPG and Thoma Bravo, and continued strategic backing of Intel, McAfee claims that it will apply greater market focus, build its platform and target new financial, operational and technology investments to better address the cybersecurity market’s significant global growth opportunity. Craig Nielsen, Managing Director, Southeast Asia, McAfee in an exclusive interview with Techseen talks about the plans this new entity has in APAC and how it will tackle cybersecurity issues pertaining to IoT, connected devices, AI and piracy. Excerpts:
Techseen: McAfee recently spun out from Intel Security, as an independent entity. Are you still a part of CTA? Will you still continue the innovations and collaborations for a safe cybersecurity environment, like you claimed before?
Nielsen: Our industry collaboration will be guided by our brand platform, “Together is Power.” We recognize that no one can fight cybersecurity alone and there has never been a greater need to unite as an industry. While McAfee was still known as Intel Security, we were one of the founding members of the Cyber Threat Alliance (CTA), a group of cybersecurity practitioners from organizations that have chosen to work together in good faith to share threat information and help improve defenses against advanced cyber adversaries across member organizations and their customers. We will continue to work together with the other founding members of the CTA to determine the most effective methods for sharing automated, rich threat data and to make united progress in the fight against sophisticated cyberattacks.
By bringing together industry players who are able to contribute their own unique threat insights, the CTA builds a comprehensive view of important threat actors. With enriched understanding and enhanced protections against global attacks, members can better protect customers in real time and prioritize resources based on collective knowledge.
The new CTA platform automates information sharing in near real-time to solve the problems of isolated and manual approaches to threat intelligence. The platform better organizes and structures threat information into Adversary Playbooks, pulling everything related to a specific attack campaign together in one place to increase the contextual value, quality and usability of the data. This innovative approach turns abstract threat intelligence into actionable real-world protections, enabling members to speed up information analysis and deployment of the intelligence into their respective products.
Techseen: How will the company continue to deliver on its strategic vision to provide an open and integrated system that reduces security fragmentation and automates tasks to more effectively block, identify and respond to threats, with concerted attention on the endpoint?
Nielsen: At its core, our strategy is based on a simple concept: to create an integrated security system that automates the threat defense lifecycle so customers can address more threats faster with fewer resources. With the recent announcement of our strategic partnership with TPG, we’re empowered to further define our strategy, demonstrate our unique position in the market and aggressively work to make IT security more dynamic and responsive to today’s most severe threats than ever before. McAfee will continue to be very focused on consumers and enterprise customers. We strongly believe that only when people, technology and organizations work together can we become safer. Under our strategic vision, we are committed to bringing the most holistic security solutions to the forefront. Moving beyond piecemeal features, McAfee solutions provide consumers, businesses and governments with end-to- end protection from the most advanced threats.
Customers today expect endpoint security to deliver more than just malware scanning and demand deeper, richer visibility and inspection capabilities on computing devices.
Customers want endpoint security to become a platform for capabilities such as forensics, to provide behavior analytics, and instead of searching for malicious files, look out for behavior that might constitute malicious behavior. Our experience with Intel puts us at a position of strength to extend these capabilities to any computing platform, be it servers or IoT devices in the home.
Techseen: How will the company leverage the latest technologies, such as artificial intelligence and machine learning to fight cybercrimes?
Nielsen: In our McAfee Labs 2017 Predictions report, we identified machine learning as one trend that is accelerating social engineering attacks. We believe that cybercriminals are leveraging machine learning to target victims. Tools to perform the complex analysis behind target selection are readily available, and there are a plethora of public sources of data required to build and train malicious machine learning algorithms. In 2016 alone, there have been breaches involving 30,000 US Department of Justice employees, 1.5 million Verizon Enterprise Solutions customer records, and nearly 150 million accounts leaked from major email providers including Yahoo, Hotmail and Gmail, to name a few. The data from many of these breaches has been commoditized and sold in open markets, as is the case with leakedsource.com, which claims to have a little more than two billion records in their database.
Between social media information, stolen data warehouses and publicly disclosed business information, attackers have access to volumes of data to train predictive models to identify high-value targets, according to Eric Peterson, a researcher at McAfee Labs.
Looking to 2017 and beyond, we might even see purveyors of data theft offering “Target Acquisition as a Service” built on machine learning algorithms. We expect that the accessibility of machine learning will accelerate and sharpen social engineering attacks in 2017. From a security solution perspective, vendors like McAfee will begin to use machine learning to predict and stop attacks before they have done harm. Security solutions that protect the cloud infrastructure itself will become extremely critical, because compromising the infrastructure delivers direct access to the applications and data of multiple customers. The volume of events will be overwhelming, so we will see continued development of sophisticated, automated tools that can quickly diagnose and resolve incidents. Building on those using machine learning and big data analytics, security solutions will become predictive and prescriptive, helping detect emerging threats and stop attacks well before systems are compromised.
Human-machine teaming is going to become critical in any cyber security operation, and McAfee sees its strategic goal of enabling security technologies to work together as an important way of helping to drive human-machine teaming.
Techseen: Has McAfee changed its core objectives/ directions for APAC? What is the growth trajectory that you foresee in the region?
Nielsen: McAfee’s status as a new standalone cybersecurity company positions the company to capitalise on the significant global growth opportunities in cybersecurity. This independence will allow us to apply greater market focus, build its platform and target new financial, operational and technology investments, to better address the cybersecurity market’s significant global growth opportunity. In the words of our Chief Executive Officer Christopher Young: “McAfee’s newfound independence gives it (the company) the agility to unite people, technology and organizations against common adversaries and ensure that our technology-driven future is safe.“
As we embark on a new chapter in McAfee’s 30-year history, we unleash a company with a razor sharp focus on innovation, trust and collaboration. Serving our customers and enabling them to more effectively identify and orchestrate responses to cyberthreats is McAfee’s utmost priority.
Asia Pacific is a hyper-growth market, particularly South East Asia and India. Both markets have performed well, achieving double-digit growth for the past two years, and we expect this growth to continue. Moving forward, Asia Pacific continues to be a key region as it has been identified as a “high risk” region. Cyber security growth in Asia in 2016 -2016 is expected to reach $1.5 billion, growing 1% YoY and 4.8% CAGR (17-20) to reach $1.8 billion by 2020. APAC spent $230 billion on cybersecurity breaches in 2014, the highest amount for any region in the world, and 48% of ASEAN organizations have encountered a data breach or failed a compliance audit, well above the global average. The company continues to invest in putting in additional resources to address the demand in this region. The appointment of Ian Yip as chief technology officer for APAC will drive McAfee forward to the benefit of individuals, organizations and governments across the APAC Region. This will solidify McAfee as the standout cybersecurity solution that helps customers in this region to achieve the business outcomes, while maintaining the appropriate level of protection.
Techseen: What is your take on the connected environment that we are moving into? What are the threats that we can face and how will McAfee help counter those?
Nielsen: The connected environment, especially the rise in adoption of IoT, has made security the primary concern for companies. The threats revolve around the increased number of endpoints that are vulnerable to data breaches – Cars, buildings, factory facilities, homes, refrigerators, to name a few. However, threats from connected devices can come from multiple sources, such as the end-point device itself, the communication channel or the remote updates being deployed on the end-point devices. The past year was big when it came to IoT related threats and attacks. One key highlight was the Mirai malware used during the Dyn attack, which exploited a broad variety of poorly secured IoT devices such as video recorders, printers, surveillance cameras, refrigerators, thermostats, etc. Once an IoT device was infected, the malware spread the infection to other IoT devices, forming a “botnet” and then using their aggregate processing power to execute the DDoS attack. This type of DDoS attack continues to rise, mainly due to poorly secured IoT infrastructure.
McAfee strongly believes that there are certain elements, which should be part of an individuals or companies best security practices to reduce IoT threats. Secure user interface, strong transport encryption, secure network services, access-level control, data protection, and keeping firmware and software updates are key ways to safe guard against IoT threats.
Moreover, McAfee understands that there is a need and demand for solutions that will best help enterprises, especially those embracing the idea of a connected environment, to remain secure. McAfee builds their products to help mitigate the risks of malware infections within IoT devices and block the malicious activities of botnets. The McAfee Host Intrusion Prevention, McAfee Threat Intelligence Exchange, McAfee Advanced Threat Defense, and McAfee Endpoint Threat Defense and Response, are just a few of the many products in our portfolio that helps secure IoT devices and protect systems and networks from attacks coming from IoT devices
Techseen: Who are your major competitors in the APAC region? How does the new McAfee differentiate from its peers in the segment?
Nielsen: Unlike other companies that treat cybersecurity as just one part of their business, McAfee’s sole focus is cybersecurity. With McAfee’s independence, we are now one of the world’s largest pure-play cybersecurity firms with a software platform that protects more than a quarter of a billion endpoints, secures the footprint for nearly two-thirds of the world’s 2,000 largest companies, detects more than 400,000 new threats each day, and represents more than 7,500 strong of the industry’s most talented professionals. We remain committed to enabling a safe and connected world by providing an open and integrated system that best enables organizations to effectively block threats, identify compromises, and expedite remediation. This is achieved by building on McAfee’s leading endpoint protection solutions, diverse technologies, and widely adopted and open centralised management platform, to expedite the entire threat defense lifecycle.
Moreover, our experience with Intel puts us at a position of strength to extend these capabilities to any computing platform, be it servers or IoT devices in the home.
Techseen: When it comes to personal cybersecurity solutions, there is a lot of piracy that is prevalent still, especially in countries like India. What is the solution for curbing those issues?
Nielsen: The piracy of personal cybersecurity solutions continues to be a problem that costs the industry billions of dollars annually. What is more concerning is that many businesses and organizations may not be aware that they are using illegal software and this poses a threat to their security. McAfee is committed to educating authorised users and works with a number of partner organizations to help fight the problem of software piracy. The main solution is to remain committed to educating our authorised users on the proper and legal use of software and bringing those violating our licenses into compliance. McAfee encourages regular audits to keep track of what products you are using and the information can also be cross referred to your original license documentation to see if there has been any breach in compliance. In the event an organization finds that they are not in compliance due to employees making unauthorized copies via illegal copying software for example, McAfee will be there step by step to guide you through the process of acquiring the appropriate McAfee licenses necessary to get back in compliance.
Techseen: Do you feel that in APAC there is a growing issue of skill-gap when it comes to cybersecurity? What role does McAfee play to help educate and train professionals in this area?
Nielsen: The growing issue of skill-gap when it comes to cybersecurity remains as a global issue that is also impacting the region. Last year, Intel Security (now McAfee), conducted a study on the international shortage in cybersecurity skills and found that an overwhelming 82% of respondents reported a shortage of cybersecurity skills. The deficit of cybersecurity is very much a reality for every industry sector. Attacks outpace defense, and one reason for this is the lack of an adequate cybersecurity workforce. Governments in the region recognize the need to strengthen cybersecurity by addressing the existing skill gaps to meet the growing need for cybersecurity professionals across various industries. In Singapore this year, the government launched a new Cybersecurity Professional Scheme for the public sector that aims to attract, develop and retain cybersecurity practitioners in the public sector.
This comes after the Ministry of Defense in Singapore announced a new NS cyber vocation to strengthen the nation’s cybersecurity future. India is also pushing towards digital transformation through its Digital India Initiative but a massive shortage of cybersecurity experts is impending the progress.
McAfee is contributing and giving back to the cybersecurity industry by being part of the Cyber Threat Alliance (CTA). The CTA is focused on tackling the problem of fractured intelligence in the cybersecurity market, and has created a dynamic real-time trust exchange for threat indicator sharing, validation, and monitoring. Gathering, contextualizing, and sharing knowledge among CTA members using this automated exchange will enable us to protect customers in real time and prioritize resources based on collective knowledge. This is in line with McAfee’s belief, “Together is Power”.