Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Cisco Partner Summit Digital 2020 HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 Avaya Newsroom Experiences That Matter Lenovo GoChannelFirst The IoT Integrator NetApp Data Fabric Intel Tech Provider Zone

CEO Kevin Mandia: FireEye Has A 90 Percent Success Rate Cracking Corporate Networks

"The only unvarnished truth any Chief Information Security Officer can really get is can someone break into my network from the internet and get to the CEO's email or get to business-critical applications," said FireEye CEO Kevin Mandia.

Back 1   2   3   ... 16 Next

Why is it so difficult to go to one vendor and get an end-to-end security suite?

People like a simple message, yet it's not a simple answer. All we really want in security is an agile offense. Whatever technology gets bought has to be able to learn.

We do about 400 red teams [a year]. And red teaming [is where we put] on our attacker hat and firms hire us to break in, but not just break into a network—break in and do something of consequence. Like get to an industrial control system or get to customer data or get to the CEO's email. We do these break-ins, and we get in over 90 percent of the time, and we make the [intended] consequence happen about 75 percent of the time. We always stop short. We don't shut down a utility, and I'm not convinced we could.

But when you look at that, and you do that test, no one company stops our red team, but what does stop a red team every once in a while is software that didn't stop it today yet somehow three days later, it does [because it learned from the previous attack.] And the majority of security software is monolithic. … We have to have software that thinks and learns, it learns what's normal, and it also learns what's bad. We're just entering a generation of software with the AI and analytics and machine-learning models. But really all we have right now is machine-learning models to find malware. … Bottom line: Very few companies right now cover all of the different things you need for security.

Back 1   2   3   ... 16 Next

sponsored resources