The Doyle Report: McAfee Unveils New “Umbrella” Protections That Integrate Advanced Analytics to Increase Security Operations Center Efficiency and Protect Endpoints and Cloud
Six months after branching off from former corporate parent Intel, McAfee is unveiling new technology and ideas that support its mission to be a very different type of security company and possibly the industry’s best.
“McAfee may not be the best just yet,” said CEO Chris Young speaking in Las Vegas on Wednesday at the company’s MPOWER Cybersecurity Summit for partners and customers, but it is hard at work on innovations, strategies and programs that will demonstrate why it should be considered so. Among its top objectives: be seen as the one company that provides the tools and technologies required to oversee cybersecurity infrastructure no matter where it comes from.
“The way most cyber security architectures are designed is you have different tools that operate in different silos and environments. You have network security tools, you have end point tools, you have things in your gateway, your email security, sandboxing, etc. All of those were discrete tools. You had different management consoles, different threat feeds, etc.,” said Young. “What we are trying to solve here for our customers is the ability to actually have the tools work in concert with one another because the more advanced threats that we are seeing require that you have visibility across different parts of your domain.”
“You’re not going to see the attacks of the future if you’re just looking in one place,” in other words, he added.
How does his view differ from say that of his former employer, Cisco? “The network protects transport,” he said, “[while] the endpoint and cloud protect targets. That’s where you will put most of your effort in the future.”
To that end, McAfee, which was spun out of Intel in April 2017, made a series of product announcements and strategic pronouncements about its future, at the event, which attracted more than 300 partners and more than 1,000 customers.
On the technology front, McAfee unveiled new endpoint and cloud solutions that leverage data science to help customers pick up the pieces after a cyber attack. McAfee Investigator “utilizes both machine learning and artificial intelligence, to increase accuracy and confidence of investigations by automating data collection and empowering security analysts of varied experience to fully assess threats in less time,” said the company.
In addition to Investigator, McAfee also enhanced the McAfee Endpoint Security (ENS) lineup to now leverage machine learning to review files both before and after they execute, and to better leverage data collected by the more than 300 million “sensors” under McAfee’s watch.
As for cloud users, McAfee also unveiled McAfee Cloud Workload Security (CWS), which helps organizations “eliminate blind spots with automation, secure critical workloads without slowing performance and simplify management with the McAfee Policy Orchestrator console,” according to the company.
In addition to its technology announcements, McAfee also outlined his view of the world. Going forward, Young (pictured below, right) predicts that end point security will be more defined than it is today. In the future, applications and the cloud will play a greater role in protecting customers. Users will rely on automation and orchestration more than ever. And threat intelligence will get smarter, he says. Finally, threat management will change. In the future, everything will be open, standards-based and leverage open APIs. Interoperability will be the norm, he said, not the exception.
Chris Young, McAfee CEO,
at 2017 MPOWER
As per the threat landscape, McAfee has analyzed cyber threats dating back some 30 years. What it found is interesting if not counter-intuitive: most threats never go away but instead morph and shift as technology and defenses improve. “Today’s threats are mostly derivatives of the past,” Young said. And they often regain new life when married with new ideas. Ransomware, he noted, dates back to the late 1980s. But the technology didn’t take off until it was enabled by another digital innovation, crypto-currency such as Bitcoin, which hit an all-time record high on Friday only to drop nearly 9 percent Wednesday to $5,110.
Today, hackers are combining different technologies from different eras to create new threats. As a result, exploits are more murky than before, both in terms of composition and intent. The distinctions between worms, viruses and other threats have blurred. WannaCry, for example, was as much a worm as it was ransomware in form and function.
The motivations of criminals is also evolving. A decade ago, hackers seemed motivated by mischief. Then they evolved to seek money. Today? Many of their motivations remain unclear. Recent attacks, for example, haven’t included a monetization element, leaving experts to wonder if some criminals testing the waters before unleashing something new and more threatening than before.
Given all this, there is no wonder that there is no single silver bullet that organizations can embrace. As a result, the whole of defenses must be greater than the sum of their parts. And vendor portfolios must adapt to protect companies from detection all the way through correction, Young says.
One key: aligning architectural principles and defense priorities with new end user purchasing patterns. With more than 100 million users of Microsoft Office 365 in use today, SaaS has to be thought of as defense priority, not an afterthought, says Young.
Architecture aside, Young says people are the most important resource for combatting cyber threats.
To combat the perceived talent shortage, Young has several ideas. For starters, he wants the industry to stop bemoaning a perceived talent shortage as a “problem.” Instead, he says, refer to it as an “opportunity.”
“Our industry is now top of mind [for young people] whether they are a technologist or not,” he said. He’d like to see greater national investments in cyber training, partnering and education for all. If the industry could make the current 750,000 people working in cybersecurity just 20 percent more efficient, he said, we could eliminate the need for half of the estimated 300,000 unfilled cybersecurity jobs today.
Add it up and you see why McAfee looks differently than others in a crowded market of some 12,000 cybersecurity vendors. When individuals think about McAfee, Young hopes they will soon think of it as the best security company to work with and the one best positioned to “protect families, communities and nations, too.”
Thats not something that people thought possible just six months ago. While McAfee is clearly a work in progress, its momentum is building.
On Thursday, I’ll take a deeper dive into its channel programs.