My fine friends at Netevents have continued to battle the global lockdown elements (and we now know in England that the words “lockdown” and “tier” mean the same thing – who would have guessed?) with a series of online events, the latest of which took on the thorny subject of AI in helping security overcome the overwhelming barrage of cyber attacks under the heading: Combating Today’s Cybersecurity Threats Faced by CISOs in Enterprise and Hybrid Cloud Environments.
The session was chaired by Mauricio Sanchez, Research Director, Dell’Oro Group and the virtual panel consisted of Joe Sullivan, Chief Security Officer, CloudFlare. Mary Gardner, Vice President & Chief Information Security Officer, F5 Networks, Kevin Deierling, Senior Vice President, NVIDIA, John Kindervag, Field Chief Technology Officer, Palo Alto Networks and Dr. Ronald Layton, Vice President Converged Security Operations, Sallie Mae.
I put forward a question as follows: ‘Until AI can pro-actively and accurately predict the next form of cyber-attack, isn’t it more relevant for companies to understand the impact of an attack and therefore focus equally on risk assessment and mitigation, on the assumption that they will be successfully attacked? That or we go back to carving messages on tablets of stone (difficult to steal and ideal for Lockdown situation)?’
The question actually stems from a real, 3D human event (remember those?) wot I covered off at the beginning of the year, which was actually a debate about platform migration among the finance/FinSec, er, sector. Interestingly, despite the subject matter, security and – more specifically – risk mitigation, was a major talking point. Anyway, here is how the panel responded to my question:
Kevin Deierling, Senior Vice President, NVIDIA
Yeah, I’ll just answer quickly. I think it’s a valid point and this goes back to the Zero Trust model and defined roles and authentication, and even if something is unanticipated, if you can keep building walls higher and higher and higher and there will be people that figure out how to scale those walls. You need to make it so expensive, and do the risk assessment, and then figure out okay if there is no breach, you know, great, they just captured some data and it’s all encrypted okay that personally identifiable information is all encrypted or whatever the additional Linares so security is the game of layers and walls, and I think it’s a valid point that we need to look at the risk mitigation, as well as the cost.
Joe Sullivan, Chief Security Officer, CloudFlare
I think Kevin’s right, every security team thinks in terms of building layers of defense and then assumes that all of them will fail. A good security team always has a team, there are some called something like detection and response because the assumption is that there will be incidents and you need to respond to them. Every good company has a data breach or Incident Response Plan, and they do drills on the assumption that all the best efforts will fail and so that is the unfortunate reality of the business you have to prepare. You know you do your best to stop the attackers but you prepare for failure as well.
Mauricio Sanchez, Research Director, Dell’Oro Group
I think I agree with you, Joe and you want to get a quick sense here that AI is just another tool, as a magnificent tool, my idea but we can’t necessarily assume that it’s going to save us from every last security attack that just another significant tool that needs to be deployed judiciously, but at the end of the day, assume that that can also be taken out. And that will have to be in concert with a belt and suspenders which is I think one of the first things they teach you and security one on one, is redundancy. Good. Well then, I, again, thank you very much for your time and your thoughts. I feel at the conclusion here, and the much more positive state, even on the personal level than coming in right because I didn’t think that that our conversation would have such positive overtones. But I’m really glad that I did hear that, because then says that we’re moving in the right strategic direction. Does it mean that we’re going to solve every last security issue or be able to deal with the new threats that may be coming at us, every single one of them? But at least we have the right technology, we have the right mindset to be able then to embrace this momentous level of change that is happening, and be able, as I think has happened over the last 30 years of cybersecurity, ratchet it up, and become much more formidable against what is a very scary world full of security threats and hackers.
If you want to witness the whole event, it was recorded in glorious YouTube Panavision and is available here: