There is No Quick Fix When it Comes to Security
David Grout, the CTO for EMEA at FireEye, speaks to Arabian Reseller about the challenges faced in 2018 and how his company plans to overcome those this year
How was 2018 for the industry and your company?
When it comes to cybersecurity, 2018 was a challenging year and we don’t expect it to get any easier in 2019. There were 1.7 billion ransomware attacks detected globally in 2018. Out of these, 2.4 million were in the UAE, followed by Kuwait and Bahrain with 1.9 million and 1.2 million respectively. Nation-state attacks will continue to increase in all geographies with Iranian coming into the game through groups like APT 39.
We also uncovered suspected Iranian influence operation, leveraging a network of inauthentic news sites & social media targeting audiences in U.S., UK, Latin America and the Middle East. Additionally, 2018 witnessed an increase in ICS/SCADA targeted attacks.
What sort of opportunities did 2018 bring along?
Due to a large number of regional and global breaches, 2018 was a fascinating year for FireEye. We spent a lot of resources taking part in a large number of investigations during breaches. As trusted advisors, we worked closely with several institutions and governments to embrace the digitalization transition and the security associated with it.
Did you face any challenges in 2018?
As the companies in the Middle East increased their resilience on IT through rapid digital transformations in 2018, the frequency and magnitude of cyber attacks grew. We noticed the Middle East becoming a target of both politically and financially driven attacks. That said, it was critical for us to adapt to the transformation and innovate solutions at a rapid pace that would help organisations to defend themselves from cyber-attacks.
What were your key achievements in 2018?
One of our key achievements in 2018 was to build up and extend our global team in several countries all over the Middle East. Overall, we were recognized for our email security solution at CRN Tech Innovator Awards 2018 and SC Awards Europe 2018. Further, FireEye was also named as a leader in external threat intelligence services evaluation by leading independent research firm – Forrester.
When it comes to innovation, we updated some of our path-breaking solutions such as Helix and MalwareGuard – a new advanced machine learning based detection and prevention engine – to its Endpoint Security solution.
What promises does 2019 bring along?
In the cybersecurity industry, we’re so frequently working around-the-clock for days at a time that we often forget when one-year ends and another begins. Attribution and accountability are two of the biggest sticking points when it comes to winning the war in cyberspace. The cloud offers great opportunities for organizations and we will continue to see more migrations to the cloud as we move into 2019. We also expect to see more attacks targeting the cloud.
It’s not about whether the cloud is less secure, it’s that attackers will simply go wherever there is data. Unfortunately, there is no quick fix for everything. If there was, there would be no need for the millions of cybersecurity professionals across the world helping to fight the good fight. We need to take it one step at a time — develop the right technology to automate easy tasks, build up trained security personnel to follow-up on critical alerts, and have published doctrine on rules of engagement in cyberspace. We fully embrace that vision and look forward to leading the charge in 2019 and beyond.
Do you see opportunities on the market with Dubai Expo 2020 just around the corner?
While Dubai Expo 2020 will bring in opportunities for organizations across the world, they will also bring challenges due to the massive global exposure. We are convinced that Dubai Expo 2020 will be targeted by attackers. That said, our aim is to work with companies and institution to grow their capabilities to protect, detect and react to cyber attacks.
According to you, which technologies will be in demand in 2019?
In the past few months, we have witnessed the IT market embracing different technologies including blockchain, Internet of Things (IoT), and many others. Below are some technologies that will be in demand in 2019:
- Artificial Intelligence: With the increase in the number of AI-based cybersecurity products deployed in organizations, and security vendors innovating to bring new AI-based security products to the market, attackers will begin adapting their behaviour accordingly. In 2019, we are expecting to see the use of new techniques to evade AI-based solutions, including threats that blend in with normal traffic and threats that provide misleading data to challenge and disrupt machine learning models.
- Quantum Computing: The estimates for when quantum computing (and quantum key distribution, which is already going on) will really take off range anywhere from 5 to 20 years from now. With that technology, the scaling of computations goes up dramatically, to the point where the time needed for breaking traditional encryption would shrink to weeks, or maybe even minutes. This means breaking some of the foundational encryption we see in use today such as RSA.
- Cloud adoption: The use of technologies such as Internet of Things (IoT) and soon has prompted an increasing reliance the cloud, but most companies are not doing anywhere near as much work as they need to be doing to protect the cloud. Companies are not doing anywhere near as much work as they need to be doing to protect the cloud. Especially compared to the way they used to protect their own data centers, and the ‘bad guys’ know this. There is a reason why roughly 20 percent of the incident responses and breaches we are working on involve the cloud. With cloud, there’s a whole chunk of attack surface that doesn’t have advanced technology to detect malicious activity. The primary focus with cloud security should be on email threats, because phishing is very hard to defend against.
What will be your key focus areas for 2019?
Our key focus areas in 2019 will be:
- Having better visibility into the cloud endpoint and all assets
- Deepening our intelligence-driven approach to bring context and prioritization
- Further developing our security platform approach to reduce time to react
- Automation to reduce the noise and focus on what matters
What milestones have you set for 2019?
Post the momentum of 2018, we are looking forward to what 2019 has in store. GITEX is always the highlight for us as the platform allows to present our expertise and capabilities to our customers in a unique and personal way. When it comes to security, our milestone is to be agile 24/7 and be ready to adapt to the sector’s needs.
What would you like to do differently in 2019, when compared with 2018?
In 2019, we will focus on increasing our intimacy and loyalty with our customers and partners. At FireEye, we believe in being a trustworthy partner, not just a vendor.