Threat data Future of hardware-assisted security Why Intel bought McAfee Defence in isolation and containment Social media, cloud, big data and mobile apps Video: McAfee co-president Michael DeCesare on consumerisation and security
The security industry looks to the future with a sense of hope despite the increase in the volume and level of sophistication of cyber attacks, according to Michael DeCesare, co-president of security firm McAfee.
"Attackers will undoubtedly focus on critical infrastructures, but we know governments around the world are putting a lot of effort into securing those assets," Michael DeCesare told McAfee Focus 2012 in Las Vegas.
DeCesare predicted a substantial development of the idea of connected security, where suppliers work together to enable a higher level of security through interoperability.
"We will see new platforms emerging with the evolution of technologies such as web gateways, and single-sign-on systems will become more common and comprehensive," DeCesare said.
Threat data
He also believes threat data will become multi-vendor, rather than belonging to any single organisation. "We have to find a way of sharing what we know," DeCesare said.
Read more about sharing threat data RSA updates NetWitness appliance and unveils threat sharing framework OSSIM update enables cyber threat intelligence sharing Napolitano calls for cybersecurity intelligence information sharing
The relationship between data will be better understood and organisations will be able to identify anomalies more easily. This will allow them to act faster, more intelligently and more effectively.
"Transparent computing will become the norm and there will be a massive evolution in the concept of hardware-assisted security," according to DeCesare.
Future of hardware-assisted security
Reflecting on Intel's $7.7 acquisition of McAfee, completed in March 2011, he described it as one of the most profound developments to hit the world of information technology. "McAfee is stronger with Intel," DeCesare said, adding that McAfee remained "100% focused" on security.
DeCesare said the work Intel and McAfee had done together on hardware-assisted security – such as with the DeepSafe technology – was the "tip of the iceberg", implying the market can expect to see a lot more work around this concept.
However, McAfee CTO Mike Fey demonstrated the approach used in McAfee's Deep Defender product is already delivering the capability to protect from the Shamoon malware, which targeted the energy sector and was discovered in August
The malware is designed to render computers useless by corrupting the files on a compromised computer and overwriting the master boot record (MBR).
"Files and the MBR can be protected by blocking the attack at the hardware level. The operating system is blind to this attack, but hardware-assisted security enables us to see what is happening," said Fey.
Why Intel bought McAfee "McAfee is stronger with Intel"
McAfee co-president Michael DeCesare
Advancements in hardware-assisted security has made is possible to protect against one of the most dangerous attack methods the industry has seen, said DeCesare.
In the light of such developments, he said the acquisition by Intel should now be making sense to all those who failed to see the value in it when the move was first announced.
"Intel is renowned for its longer-term thinking when it comes to chip designs, and they see that security needs the same forward-thinking approach, which is why we are investing so much into hardware-assisted security," said DeCesare.
Defence in isolation and containment
Previewing what other innovations customers and partners can expect from McAfee, he said the firm will be focusing on containers that will enable organisations to isolate applications and devices to contain attackers.
"We are looking at enabling better security in datacentres because of increased enterprise adoption of cloud-based services," said DeCesare.
Beyond McAfee and Intel, he said there is hope for the security industry with much progress in several areas. One such is the take-downs of several major spam networks. Internet services providers are increasingly working together to fight botnets.
Echoing RSA executive chairman Art Coviello's call to arms to the security industry at RSA Conference 2012, DeCesare said there needs to be cross-industry co-operation to get ahead of attackers.
It is also encouraging, he said, to see the rise of "security-obligated executives" and the emergence of business processes designed with security in mind. He said this indicates increasing board-level awareness and visibility of cyber threats.
Finally, in the short and medium-term, there are improvements in computing platforms, with Microsoft's Windows 8 set to be the company's most secure operating system to date. Apple and mobile platform producers are making efforts to improve security.
Social media, cloud, big data and mobile apps Read more about security and social media, cloud, big data and mobile apps Security essentials for CIOs: Navigating the risks and rewards of social media Top five cloud computing security issues Security big data: Preparing for a big data collection implementation Managing mobile application security in the BYOD era
Despite the upbeat message, however, DeCesare highlighted the advancement of social media, cloud computing, big data and the explosion in mobile apps as representing substantial developments in making security increasingly difficult.
He also highlighted increased targeted attacks – specifically against critical infrastructure – and new, highly sophisticated attacks tools such as Flame, specifically designed to conduct espionage.
Although attacks against critical infrastructure have been mainly in the form of IP theft, said DeCesare, the concern is that these could quickly move to be aimed at bringing critical services to halt.
This concern is reflected in the World Economic Forum ranking cyber threats as top threats to political and financial stability in July 2012.
To counter all of this, McAfee believes a connected security platform is essential. DeCesare said it is working to make its systems interoperable with best-in-class technologies. This will enable organisations to select the most appropriate technologies from across the security industry as part of their defence strategy, he said.