(Pictured above: McAfee CEO Chris Young on stage at the company’s MPower event in Las Vegas, Oct. 2.)

MCAFEE MPOWER — McAfee on Wednesday upped the ante on cybercriminals and its competitors with the introduction of a new data-driven, analytics-based product designed o help organizations rapidly identify, prioritize and preemptively respond to targeted attacks.

MVision Insights was among new tools and capabilities unveiled during the opening keynote of the McAfee MPower 2019 Cybersecurity Summit in Las Vegas. The theme of this year’s conference is “It’s About Time.”

McAfee also announced Unified Cloud Edge, which combines MVision Cloud, Web Gateway and data loss prevention (DLP) products and services, and is available through the MVision ePolicy Orchestrator (ePO) platform. In addition, the company unveiled new functions within McAfee’s MVision portfolio, such as MVision Endpoint Protection and Response (EDR), which aims to help businesses protect their data and stop threats across devices, networks and the cloud.

Chris Young, McAfee’s CEO, said his company’s goal is to make every second count in the never-ending race to do more, secure more, save more and defend more.

“In the past we worried primarily about protecting legacy infrastructure,” he said. “Today, cloud is under attack. Time is underpinning our strategy to protect the cloud.”

The new cloud security offerings should drive a lot of opportunity for partners in a variety of different ways, Young said. Cloud remains an untapped opportunity for partners, and they need to be front and center with their customers when it comes to cloud security, he said.

“Not only is it a new capability to bring to the customer, but it’s helping them solve problems that a lot of our joint customers have been trying to solve,” he said. “How do I save myself time, common policy management, common threat defense capabilities; most of our partners today are service providers who bring along products to help solve a problem. So in a lot of ways, our partner community is increasingly a last-mile provider for the customer. The customer is looking to them to create the solution and close the loop … ‘give me the outcome that I want.’ Our product portfolio, our new capabilities, are designed to deliver upon those outcomes for the customers.”

In many organizations, McAfee partners are helping customers design the architecture that’s going to be necessary to implement those capabilities in their environment, Young said.

“Even something like cloud access security broker (CASB) that’s reasonably easy to implement because it’s a cloud service and you don’t have to deploy any equipment on prem, you still need expertise in what policies do I set, where do I set them, and you’ve got to monitor what’s going on,” he said. “Everything changes over time so you’ve got to be vigilant; you’ve got to manage these capabilities. I think the opportunity for our partner base is richer than it’s ever been because there’s new innovation from McAfee, more product capabilities that we’re bringing to market, and our velocity has really increased over the course of the last couple of years with new product introduction.”

McAfee’s acquisitions of NanoSec and Uplevel Security also will provide new opportunities for partners, Young said.

“The container security with NanoSec, it will be a net-new capability in the cloud in protecting against attacks or vulnerabilities in applications that are being built with the container architecture,” he said. “Uplevel is going to be more driving the insights element of what we’re providing, and insights are important for not only partners, but for …

… McAfee, in a variety of ways. One is, insights is an augmentation of the core product set that we’ve already got there, but more importantly, as I talk about partners being the last minute for a lot of our customers, insights is designed to tell you what do I do now, what do I care about, what do I go fix today versus — I can put that on my list and get to it tomorrow. If I’m relying on a partner to do that, our ability with our partner to deliver to the customer the right amount of insight is going to help them be more effective in closing that last mile down for the customer.”

Ken McCray, McAfee’s head of channel sales and operations for the Americas, said MPower didn’t include specific partner events this year, but instead focused more on partners bringing their customers to the event and driving awareness from that perspective.

McAfee’s Ken McCray

“It was just a strategy change to make sure that we had partners driving more customers here and the end result has been the increase of partners and customers here,” he said. “Partners brought more customers … and that’s been pretty cool for us.”

If partners have a managed service practice, they can wrap their service around MVision EDR and expand their business, McCray said.

“I know based on the partners I’ve talked to they’ve gotten a lot more out of the keynotes than they had in the past,” he said.

Rajiv Gupta, senior vice president of McAfee’s cloud business, said McAfee’s focus, as learned from partners and customers, is on offering a convenient cloud security platform. In addition, working with SaaS providers is instrumental in providing cloud security, he said.

“We realize that the days when security vendors were at conflict with the the cloud providers are gone, so not only do we need to be cloud-native, but partner with Microsoft, AWS and (other SaaS providers) because that’s how we get the best security,” he said.

McAfee’s Rajiv Gupta

Also at MPower, Raj Samani, McAfee fellow and chief scientist, shared McAfee’s latest research findings regarding the Sodinokibi ransomware, which is impacting MSPs and other businesses, as well as cities, towns and hospitals. The research points to correlations between the “retirement” of GandCrab ransomware after its crew claimed making $2 billion, and the emergence of Sodinokibi.

The average payout of Sodinokibi is $288,000, he said.

“We’re seeing the hiring of affiliates switching from GandCrab to Sodinokibi,” Samani said. “And it wasn’t just any affiliates, but top affiliates. We’re seeing the hiring of the best, most profitable affiliates with developers with some access to GandCrab, all coming together for the largest attacks to date.”

Sodinokibi is the No. 1 biggest cyber risk, he said.

“You have to battle it, you have no choice, because failure … could literally be the death knell for every business,” Samani said. “We have research, we’ve got white papers, we’ve got guides on how you can secure and protect your environments. Good, proactive defense is the best approach. But I strongly urge all businesses to actively look into this because you’ve now got what in effect is the all-stars have come together to launch a ransomware variant and they’re doing very well.”