Enterprises need to be proactive in cyber war

Cyber criminals are becoming more advanced and agile, and it’s getting increasingly difficult to stay ahead of the curve.

Marc Maiffret is the chief security architect for FireEye, a malware protection company.

He says that the combination of cyber crime and cyber espionage is packing a one-two punch for enterprise organizations.

“The amount of data and the money that can be made, or the intelligence that can be gathered, is so significant that, whether it’s cyber crime groups being back by organized crime, or whether it’s foreign governments and their own resources, they’ve really stepped up the game [with] a level of professionalism.”

There are even cases of cyber criminals performing their own ‘quality assurance’ surveys and tests in the hopes of keeping their ‘customers’ happy, he adds.

“Years ago, maybe you would get an email that had some sort of program — an executable attachment — and people obviously filtered those things out. Now, it’s moved to third party applications that, not only do we kind of more blindly trust them, but we have to use these things as a part of day-to-day running our organizations. Pdf’s are one of the most prolific right now.”

One of the challenges facing IT managers is that there are just as many solutions as there are problems. Every security company markets itself as the best, and sometimes there is no correct answer. Maiffret says cutting through all of the noise can be difficult.

“How do you . . . figure out what really [will] help? I think [companies] are looking for solutions. Even with our company, we specifically have an investment made by In-Q-Tel, which is the VC arm of the intelligence agencies. They’re looking for that next generation technology that really is going to solve these problems and move beyond signatures.”

And the thought process needs to change, as well.

“If you think about it in terms of the real military, imagine it’s like going into war, losing, and then saying, ‘oh, the next time we do it, we’re going to know what we did wrong the last time’. The opposition has totally moved on to new tactics to where what you learned is actually meaningless. That’s how most people are fighting the war in cyberspace.”

The real goal, Maiffret adds, is to become proactive, not reactive.

Email the author of this post at dramienski@federalnewsradio.com

This story is part of Federal News Radio’s Cybersecurity Update – Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and DorobekInsider with Chris Dorobek (3-5 p.m.).