Mark McLaughlin, CEO of Palo Alto Networks, said traditional approaches to computer security are doomed to fail or at least fall well short of providing the kind of broad protection and prevention today’s enterprises need.
Speaking on “The (Inevitable?) Decline of the Digital Age” at the RSA conference, McLaughlin said new, more comprehensive preventative measures are needed to battle cyber threats.
“We’re lacking leverage. What’s needed and what’s already happening is a paradigm shift in thinking,” said McLaughlin. “If we rely on legacy technology that does one thing and generally ‘does what it does’, you have a problem because … you only have a response that’s manual and reactive. Mathematically we’re already dead from sophisticated, automated attackers.”
Of course talk of a paradigm shift and new thinking sounds good, but is there is anything out there ready to prevent against the entire vast new array of security threats.
McLaughlin admits the answer is no. But he argues security firms and the companies they serve must have a prevention orientation. “We can’t do everything, but we have to try and do the best possible.”
But that doesn’t necessarily mean enterprises should load up on security products. “What we mean by a security platform is not a bunch of products cobbled together with a common management interface. This has to be natively built and highly automated. That’s when we start to have leverage,” said McLaughlin.
For Security Firms, Sharing is Caring
Another aspect of new thinking is for security firms to work together rather than in the paranoid isolation they have for decades because of competitive concerns.
McLaughlin notes that it’s easier to stop a known threat than trying to react or prevent an unknown one. In his ideal prevention scenario, known threats would be shared automatically on a global basis and once they’re shared, the appropriate solution automatically ingested into the network to prevent or mitigate it.
A big step along the way to making this reality is the CyberThreat Alliance group founded by security firms Palo Alto Networks, Fortinet, Intel Security and Symantec. The non-profit organization is actively seeking new security firm members to join.
McLaughlin says the basic premise behind the Alliance is simple:
“The security industry should not compete on what we know, but what we can do about it for you. That’s a basis for competition that’s new and that’s what we’re doing we’re doing with the CyberThreat Alliance. We are moving the unknown to the known.” As one example, the security firms share data on thousands of malware sightings they see on their networks every day so they can be more easily recognized and mitigated.
Another example of “new thinking” McLaughlin recommends is that prevention orientation is consistent and works the same way everywhere. “It may be an endpoint, or your datacenter, AWS, or it might be Dropbox and Box and other cloud services that won’t traverse your network. But prevention has to be consistent. Inconsistency is the enemy of security,” he said.
Wrapping up, McLaughlin said “the life of the digital age” is literally at risk if we don’t advance security prevention.
“Push for prevention and make it a goal because we’ll get better over time. And push your security vendors on this,” he said, “even if they say there’s no such thing as prevention.