Palo Alto Ignite: Bringing some discipline to big data protection

Nick Booth chats up the security boffins at Palo Alto Networks’ Ignite conference, and finds out how to bring some discipline to data protection.

It’s time for some discipline when it comes to big data protection.

American retail giant Target used all its incredible guile to analyse big data and deduced all kinds of stuff about the customers. Famously its statisticians worked out how to analyse buying patterns to figure out when customers were pregnant. After which, of course, it bombarded its clients with schmaltzy marketing material.

If Target cares about its customers that much, you would have thought, it would have done a bit more to protect their identity. But no, in December 2013 it admitted that 40 million credit and debit card records had been stolen. Oh, and the personal details of 70 million customers. The details were hacked, by all accounts, using a piece of malware easily available on the black market.

So Target cares enough to find out all your personal details, but not enough to protect them.

According to hacker turned security expert Dan Kaminsky, Target could have prevented it too. Though a breach hits the people concerned harder than a divorce and can cause bouts of post-traumatic stress disorder, says Kaminsky (and he should know, he’s seen it first hand in many clients) he says he’s not too sympathetic with some of the companies that get hit.

“They had the intelligence but they didn’t act on it,” he says.

In his capacity as the boss of WhiteOps – a security consultancy – he’s been invited to meet many a deeply worried customer.

Kaminsky was speaking at the Palo Alto Networks (PAN) Ignite event, an end user conference for security users. PAN (as its reseller partners call it) is pushing the boundaries of intelligence in security by creating, and assimilating, software that seems almost organic in its ability to adapt.

The security software it acquired when it bought Cyvera seems to mimic the way the human immune system fights infection. It has the intelligence to identify rogue code and odd behaviours and isolate them, in a way that an antibody might attach itself to an invasive virus and neutralise it, which sounds mighty impressive and could create a huge opportunity for the security channel.

It’s so sophisticated that PAN has created an entirely new sales team of hand-picked experts who have the sensitivity to deal with this new software. Being a clever new concept, it will almost certainly involve copious hand-holding and patient conversations.

Netanel Davidi, Cyvera’s co-founder and joint CEO, told MicroScope that he was relieved not to be involved in setting up the channel and could concentrate on what he’s good at, the technical work.

All of which indicates this could be a massive sales opportunity in the hands of the right market-makers. Which, in this case, is value added distributor Exclusive Networks. “Cyvera completes the story for PAN with an endpoint solution much needed in the post breach age,” said Exclusive marketing head Barrie Desmond.

Just as PAN’s next generation firewall, Wildfire, promises to cut out zero day and modern malware, by creating much more detailed protection, so will the new software acquisitions, Cyvera and Morta, add new dimensions to PANs protective barriers.

All it needs to do now is find someone who can sell it properly. “With Cyvera at the edge and on the endpoint customers have a complete architecture from one vendor,” said Desmond. “Everything Palo Alto Networks does can be virtualised.”

These days antivirus software is no longer working in isolation but is part of a complete system that no only limits the breach – beachhead, but now detects it and isolates it at the device level. “This is where remediation begins – and the full forensics that came with the Morta acquisition mean we can advise the defences what to look for in the future and why it all went wrong,” says Desmond.

If security has got a lot more complex, the IT industry has got nobody to blame except itself.

As Palo Alto Networks CEO Mark McLaughlin told MicroScope, it is the evolution of the IT industry that is making it so vulnerable. Two trends, BYOD and SaaS have decentralised the control of IT. Every gadget brought into the network offers a new point of entry. Cloud computing, meanwhile, has unwittingly conspired to create a crack invasion force (the SaaS) for hackers, creating multiple access points for malcontents outside the organisation, and enabling them to hit many more people at once.

Cloud computing and SaaS might have liberated users from the tyranny of the IT department and enabled them to buy their applications from wherever and whenever they liked, but there are serious consequences of bypassing centralised control. Pala Alto Networks is battling this by creating ever more sophisticated firewalls and helping to improve security in the datacentre.

Danelle Au, director of marketing for security solutions at Palo Alto Networks, describes how the opportunity for hackers can be neutralised by speeding up communications between staff. When Manager A spins up a load of new virtual servers, for example, it can take two months before Security Boffin B gets around to closing down all the windows of opportunity for hackers. That’s how long it takes a modern security manager to open a trouble ticket, work out which firewalls are affected by the changes and start to implement policy. Panorama, PAN’s automated security product, promises to automate those processes and make them hundreds of times faster, shutting the criminal’s opportunity from months to minutes. 

But hang on. That’s the sort of security that mainframes used to be able to offer. And funnily enough, it’s the 50th anniversary of the launch of IBM’s first mainframe. Half a century on, 1.1 million transactions are still being processed every second by an IBM mainframe somewhere in the world and the majority of ATM and credit card transaction still run on Big Iron. Thanks to the efficiencies engineered into the complex instruction set computing (CISC) chips that run modern mainframes, they can do the same work as an Intel-based rack but at half the cost, using half the power and taking up half the space.

According to Barrie Heptonstall, IBM’s head of mainframe sales, the mainframe is making a comeback. Will Big Iron bring some old-fashioned discipline to Big Data? Lets hope so.

Read more on Data Protection Services