Search
Homepage This page's url is: -crn- Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Discover 2019 News Cisco Partner Summit 2019 News Cisco Wi-Fi 6 Newsroom Dell Technologies Newsroom Hitachi Vantara Newsroom HP Reinvent Newsroom IBM Newsroom Ingram Micro ONE 2019 News Juniper NXTWORK 2019 News Lenovo Newsroom Lexmark Newsroom NetApp Insight 2019 News Cisco Live Newsroom HPE Zone Intel Tech Provider Zone

CEO Kevin Mandia: FireEye Has A 90 Percent Success Rate Cracking Corporate Networks

"The only unvarnished truth any Chief Information Security Officer can really get is can someone break into my network from the internet and get to the CEO's email or get to business-critical applications," said FireEye CEO Kevin Mandia.

Back 1   2   3   ... 16 Next
photo

Why is it so difficult to go to one vendor and get an end-to-end security suite?

People like a simple message, yet it's not a simple answer. All we really want in security is an agile offense. Whatever technology gets bought has to be able to learn.

We do about 400 red teams [a year]. And red teaming [is where we put] on our attacker hat and firms hire us to break in, but not just break into a network—break in and do something of consequence. Like get to an industrial control system or get to customer data or get to the CEO's email. We do these break-ins, and we get in over 90 percent of the time, and we make the [intended] consequence happen about 75 percent of the time. We always stop short. We don't shut down a utility, and I'm not convinced we could.

But when you look at that, and you do that test, no one company stops our red team, but what does stop a red team every once in a while is software that didn't stop it today yet somehow three days later, it does [because it learned from the previous attack.] And the majority of security software is monolithic. … We have to have software that thinks and learns, it learns what's normal, and it also learns what's bad. We're just entering a generation of software with the AI and analytics and machine-learning models. But really all we have right now is machine-learning models to find malware. … Bottom line: Very few companies right now cover all of the different things you need for security.

 
 
Back 1   2   3   ... 16 Next

sponsored resources