Security Industry Must Drive Up Attacker Costs, Says Palo Alto Networks CEO


The security industry needs to make it increasingly difficult for cybercriminals to carry out attacks by making technology that isn't too complex, and require the resources of large IT teams, said Palo Alto Networks president and CEO Mark D. McLaughlin.

Speaking Tuesday to some 2,000 network security pros and IT leaders attending the 2014 Palo Alto Networks Ignite user conference in Las Vegas, McLaughlin said the total cost of ownership of security platforms needs to decline over time and not be hampered by costly response and remediation activities.

"We need to move from an incident response mindset to a proactive mindset," McLaughlin said. "The old way of detect and remediation just seems like it isn't going to work."

[Related: Advanced Persistent Threats: Not-So-Advanced Methods After All]

McLaughlin, formerly president and CEO of Verisign, took the helm at Palo Alto Networks in 2011. He referred to his company's recent acquisition of Israeli-based endpoint protection vendor Cyvera as a strategy to increase visibility at the endpoint and boost threat intelligence. Cyvera specializes in detecting and blocking exploitation techniques used by malware. Data collected by Cyvera will be fed into the company's cloud-based WildFire file behavior-analysis engine. Palo Alto Networks also acquired Morta Security, a Silicon Valley-based security startup, in January. The firm specializes in tracking threat movements within an organization.

The acquisitions will ultimately be integrated into a full platform that automates many incident response processes, McLaughlin said. Businesses are taking up increasingly complex operational burdens and expenses associated with legacy systems, he said.

"It's very difficult and almost not possible to have intelligence if you don't have visibility," he said. “We need to raise the bar but do it at an acceptable cost of technology, and [with] the limited resources you have to do it." 

Palo Alto Networks' line of next-generation firewalls competes against FireEye, which has gained attention for its virtualized sandbox platform designed to detect custom malware and other so-called advanced threats. Palo Alto sells its cloud-based WildFire subscription service to perform similar malware analysis of Windows-based files. In addition to Check Point Technologies and Fortinet, Cisco Systems is also a competitor with its acquisition and initial integration of Sourcefire and Intel Security (formerly McAfee) with its Stonesoft acquisition.   

NEXT: Virtual Sandboxing Quickly Becoming A Commodity